Final Minutes of CA/B Forum Meeting May 8, 2025

84 views
Skip to first unread message

Dean Coclin

unread,
May 22, 2025, 2:30:34 PMMay 22
to 'Aaron Gable' via Public (CA/B Forum)

CA/B Forum and Server Certificate WG Teleconference-20250424

Meeting Title: CA/Browser Forum 

Date: 8 May 2025
Chair: Dean Coclin 

Minutes Taken By: Wayne Thayer

1. Roll Call and Housekeeping

  • Meeting called to order by Dean Coclin; recording in process.

2. Note-well

  • Note-well has already been read.

3. Review Agenda

No changes to the agenda.

4. Approval of Minutes

  • April 10th (Trev) - these are still pending
  • April 24th (Thomas) - have been posted to the management list; minutes approved.
  • F2F#64 - minutes approved.

5. Server Certificate Working Group update (Dimitris)

SCWG

Dimitris said that at the last SCWG call we discussed recent comments on SC081 and decided that no action was needed. We discussed the ability to lock comments on PRs and asked the Infrastructure SC to standardize this process. Finally, we discussed ballots.

Validation Subcommittee

Corey said that the majority of time was spent discussing SC085, the DNSSEC ballot, including technical details and effective dates. Then we discussed SC082 redux and the new validation method being proposed by Michael Slaughter. There is good discussion on the PR on GitHub.

6. Code Signing Certificate Working Group update (Martijn)

Martijn Katerbarg said that they did not have a call, so no updates.

7. S/MIME Certificate Working Group update (Stephen)

Stephen Davidson said that they discussed the ACME for S/MIME ballot and the tagging of pseudonyms when displayed in the common name to prevent confusion or use of misleading pseudonyms. They also discussed PQC for S/MIME and that opened a broader discussion of adopting the more detailed section 7 structure of the TLS BRs. SMC011 exits IPR on May 14.

8. NetSec Working Group update (Clint)

Clint said that they discussed NS008 and section 2.2.6 remote connections language. When combined with 'access to CA infrastructure' it could have been interpreted as applying to customers accessing a Web portal. Concluded that a new term 'privileged access' would be introduced to resolve this issue. The ballot was updated to version 3 and the discussion period was restarted. Hoping to move to voting on May 14th.

9. Definitions and Glossary Working Group (Tim C.)

No update.

10. Forum Infrastructure Subcommittee update (Jos)

Jos Purvis said that they reviewed the GitHub 'restrict comments' setting that blocks comments from anyone without write access and agreed that it is the correct approach. When we turn this on in a repo, we also want to add a note to the CLA/readme describing how to make comments or provide feedback via the questions list.

Ben's meeting minutes template was added to the wiki. Next we will try using this template with AI to transcribe a meeting recording. A suggestion to chairs running meetings: AI will follow the agenda better if you explicitly call out sections of the meeting.

Wayne said that restricting comments is likely to drive a surge in demand for write access to repos from members and it would be good to address that before enabling this feature. Jos said that we should be able to allow members to self-service this by updating their own membership-tools record.

11. Intellectual Property Rights Subcommittee (Ben)

Ben said that a meeting is scheduled for May 15.

12. Bylaws changes (Ben - Dimitris)

No recent progress. Dimitris said that Rebecca Kelley is planning to work with Ben.

13. Any Other Business

Toronto Face-to-face is coming up. Deadline for in-person attencance has passed. Don't forget to book hotels.

Aaron said that he has drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates fter ballots are passed, and he is planning to begin the discussion period.

14. Next call: May 22, 2025

15. Adjourn

Attendees

Aaron Gable (Let's Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let's Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)

Jeun, Inkyung (Lynn)

unread,
Jun 5, 2025, 1:58:43 PMJun 5
to pub...@groups.cabforum.org

CA/B Forum Teleconference-20250522

Meeting Title: CA/Browser Forum 

Date: 22 May 2025
Chair: Dean Coclin 

Minutes Taken By: Lynn Jeun

1. Roll Call and Housekeeping

  • Meeting called to order by Dean Coclin; recording in process.

2. Note-well

  • Note-well has already been read.

3. Review Agenda

  • No changes to the agenda.

4. Approval of Minutes

  • April 10th - still pending
  • May 8th - minutes approved.

5. Server Certificate Working Group update

SCWG(Wayne)

Wayne said SC81 passed IPR review period, and new version after fixing some issues is available.

Validation Subcommittee(Clint, Aaron)

They spent the majority of time to discuss SC085 and SC082, and make significant progress including triage of a bunch of bugs in GitHub, including assigning things out to a few people.

6. Code Signing Certificate Working Group update (Martijn)

CSC030 should be hitting discussion period shortly, and not further updates yet on reducing the validity period. Karina will take over the role of representative from Microsoft, and the ballot for reduction of validity period will start running by Microsoft. PQC ballot is pending, and looking for additional endorser.

7. S/MIME Certificate Working Group update (Martijn)

Discussed on PQC to found out what else is need for ballot. Also discussed on MPIC and validation control over mailbox. SMC012 is in the discussion period. Kicked off for updating Section 7 and looking for volunteers.

8. NetSec Working Group update (Ben)

Went through the issues on GitHub and closed 4~5 of them because they had already been resolved. Reviewed agenda for F2F meeting.

9. Definitions and Glossary Working Group (Tim Callan)

Compared definitions from various documents to identify inconsistencies. Most definitions were identical or had trivial differences like capitalization. Developed proposals to resolve discrepancies and aim to gather feedback from a group of participants. The next steps involve incorporating feedback into a document and proceeding with a ballot.

10. Forum Infrastructure Subcommittee update (Ben)

No meeting last week.

11. Intellectual Property Rights Subcommittee (Ben)

Working on revising IPR policy. An email was sent on May 19th to a public list requesting feedback on the invited experts policy and agreement by the deadline of May 27th, acknowledging the upcoming holiday. Ben encouraged feedback by Tuesday and seeks two endorsers for a forum ballot.

12. Bylaws changes (Ben)

Aaron said a forum bylaws change ballot was sent to an old mailing list instead of current one, preventing recipients from receiving them. Aaron restarted the discussion period and encouraged  participants to review the email and ballot, and to provide any comments or suggestions. 

13. F2F meeting Agenda

Tim highlighted recent incidents related to CPS errors causing mass revocation events, and proposed discussing potential solutions to improve transparency and accountability without such events. Dean encouraged participants to send topics after the call, if needed. Rebecca inquired about deadlines for agenda topics and Dean confirmed it would be finalized a week before the meeting.

A call scheduled for June 5th, the Thursday before the meeting, was proposed to be canceled due to overlapping discussions during the face-to-face meeting on Tuesday, Wednesday, and Thursday.

14. Adjourn

Attendees

Attendees

Aaron Gable (ISRG), Aaron Poulsen (Amazon Trust Services), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Adriano Santoni(Actalis S.p.A.), Atsushi INABA (GlobalSign), Ben Wilson (Mozilla), Bineesh (Microsoft), Brianca Martin (Amozon), Chad Dandar(Cisco), Clint Wilson(Apple), Cynetheia Brown (FPKIMA), Dean Coclin (DigiCert), Enrico Entschew(D-TRUST), Eric Kramer (Sectigo), Eric Kramer (Sectigo), Greg Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate), Hogeun Yoo (NAVER Cloud Trust Services), Inigo Barreira(Sectigo), Jaime Hablutzel (WISeKey), Janet Hines(VikingCloud), Jeff Ward (Aprio), Jeanette Snook (Visa Inc), Jieun Seong (Ministry of the Interior and Safety, Korea), Johnny Reading (GoDaddy), Josselin Allemandou (Certigna), Kate Xu (TrustAsia), Kateryna Aleksieieva (Certum by Asseco), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Lynn Jeun (VISA Inc), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nargis Mannan (Viking Cloud), Nicol So (CommScope), Nicol So (CommScope), nome-huang (TrustAsia), Peter Miskovic (Disig), Rebecca Kelley (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Scott Rea (eMudhra), Tadahiko Ito (SECOM), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Hollebeek(DigiCert), Tobias Josefowitz (Opera), Tobias Josefowitz (Opera), Trevoli Ponds-White (Amazon Trust Services), Tsung-Min Kuo (Chunghwa telecom), Wayne Thayer(Fastly), Wendy Brown (FPKIMA)

 

Dean Coclin

unread,
Jun 11, 2025, 10:15:00 AMJun 11
to 'Jeun, Inkyung (Lynn)' via Public (CA/B Forum)

CA/B Forum Teleconference-20250522

Meeting Title: CA/Browser Forum 

Date: 22 May 2025
Chair: Dean Coclin 

Reply all
Reply to author
Forward
0 new messages