FINAL CA/B forum F2F meeting agenda

86 views
Skip to first unread message

Dean Coclin

unread,
Mar 21, 2025, 11:16:28 AMMar 21
to 'Dimitris Zacharopoulos' via Public (CA/B Forum)

 

Tuesday, 25 March 2025 - Forum level (Day 1)

ALL TIMES LOCAL TO Tokyo, Japan

Start

Description

Discussion Leader / Notes

08:30

Check-in, get situated in room and virtual room, test audio/video

 

09:00

CA/Browser Forum Meeting

Dean Coclin (DigiCert)

09:00

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics, Antitrust Statement, Code of Conduct

Dean Coclin (DigiCert)

09:05

Welcome by host

Tatsuyuki Nishimura (Secom Trust Systems),
Tadahiko Ito (Secom)

09:15

- Take Attendance

- Assign Minute Takers

Tim Callan (Sectigo)

09:35

- Approval of F2F#63 Agenda

- Approval of CABF Minutes from last teleconference
- Future face to face meeting schedule

Dean Coclin (DigiCert)

09:40

- Introduction of F2F#65 meeting venue

WebTrust

09:45

Guest speaker: Russ Housley (Vigil Security)

Planning for PQC:
If Cryptographically Relevant Quantum Computers (CRQCs) are ever built, these computers will be able to break the public key cryptosystems currently in use.  A post-quantum cryptosystem (PQC) is secure against the inventions CRQCs.  It is open to conjecture when it will be feasible to build such computers; however, RSA, DSA, DH, ECDH, ECDSA, and EdDSA are all vulnerable if a large-scale quantum computer is developed.  We need to plan for the transition to PQCs.

10:15

Break (30 min)

10:45

Guest speaker: Dmitry Sharkov

Principle Architect, Sectigo

Open MPIC: A Turn-Key Solution to Protect Against BGP-Based Attacks

Multi-perspective issuance corroboration (MPIC) is now a requirement for public certificate issuance. A collaborative effort has produced Open MPIC, an open-source, turn-key, one-size-fits-all solution that enables certificate authorities to deploy a self-hosted MPIC service quickly and efficiently. This talk will cover how Open MPIC was developed and everything certificate authorities need to know to effectively leverage it today.

11:15

Guest speaker: Brian Holland

General Counsel, Sectigo

 

Dealing with Temporary Restraining Orders

2024 saw a new attack on CAs’ ability to follow mandated guidelines when a Subscriber successfully obtained a TRO to prevent on-time revocation of misissued certificates. Sectigo’s General Counsel explains how TROs work and offers a set of possible responses to reduce this risk, on both the individual CA and Forum level.

 

11:45

Panel Q&A with all speakers

Dean Coclin (DigiCert) Minutes

12:00

Lunch (60 min)

13:00

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 

13:30

Google Chrome Root Program Update

Chris Clements and Ryan Dickson (Google) Minutes:

14:00

Apple Root Program Update

Clint Wilson (Apple) Minutes: 

14:15

Microsoft Root Program Update

Hannah Sokol (Microsoft) Minutes:

14:45

Cisco Root Program Update

Eric Hampshire and Chad Dandar (Cisco) Minutes:

15:00

CCADB Update

Ben Wilson (Mozilla) Minutes: 

15:30

Q&A Root program discussions

Dean Coclin (DigiCert) Minutes: 

15:45

Break (30 min)

 

16:15

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 

16:30

ACAB'c Update

Clemens Wanko (ACAB'c WG1 Chair) Minutes: 

16:45

WebTrust Update

Tim Crawford (BDO - WebTrust TF), Lilia Dubko (CPA Canada) Minutes: 

17:15

Q&A Audits and Standards

Dean Coclin (DigiCert) Minutes: 

17:30

End of day one

 

Wednesday, 26 March 2025 - Forum level / Working Groups (Day 2)

Start

Description

Discussion Leader / Notes

08:30

Get situated in Room and virtual room, test audio/video

 

09:00

Infrastructure subcommittee

Jos Purvis (Fastly)

09:35

IPR Subcommittee Status Presentation

Ben Wilson (Mozilla)

10:00

Definitions and Glossary new Working Group

Tim Hollebeek (DigiCert)
Tim Callan (Sectigo)

10:30

Break (30 min)

 

11:00

Network Security Working Group

 

Clint Wilson (Apple)

12:30

Lunch (60 min)

 

13:30

Server Certificate Working Group

 

  1. Take attendance, read anti-trust statement, minute taker(s)
  2. Review Agenda
  3. Minutes and membership
    1. Draft Minutes from last meeting
    2. Pending Membership applications

      1. KPMG Taiwan (Interested Party)
  4. Summary (5-10 minutes)
    1. Summary of this quarter
  5. Topics
    1. Clarify scope of TLS Baseline Requirements (Browser vs non-Browser use cases, websites accessible to the Internet vs websites accessible to specific networks, relationship with "WebPKI") (30-45 minutes)
    2. Ballot SC081: Introduce Schedule of Reducing Validity and Data Reuse Periods (30-40 minutes)
    3. Certificate Revocation: Is it effective at Internet scale? Browser requirements related to ongoing support of OCSP. (20-30 minutes)
    4. Removal of id-kp-clientAuth KeyPurposeId from TLS server authentication certificates (20-30 minutes)
    5. Classify GitHub open issues as "non-controversial" and seek volunteers (20-30 minutes)
  6. AOB (5-10 minutes)

Dimitris Zacharopoulos (HARICA)

15:30

Break (30 min) 

 

16:00

Continuation of the Server Certificate Working Group

17:00

End of day two

18:00

Social Dinner Event (on the same premises)

Thursday, 27 March 2025 - Working Groups (Day 3)

Start

Description

Discussion Leader / Notes

08:30

Get situated in Room and virtual room, test audio/video

 

09:00

Welcome

Corey Bonnell (DigiCert)

09:05

Continuation of the Server Certificate Working Group

Validation Subcommittee

 

Corey Bonnell (DigiCert)

10:30

Break (30 min)

 

11:00

S/MIME Certificate Working Group

 

Stephen Davidson (DigiCert)

12:30

Lunch (60 min)

 

13:30

Continuation of the S/MIME Working Group

15:00

Break (30 min)

 

15:30

Code Signing Working Group Meeting

Martijn Katerbarg (Sectigo)

17:00

End of day three

Thanks, goodbye and safe travels

Secom

 

 

 

Reply all
Reply to author
Forward
0 new messages