[cabfpub] Final Minutes of CA/Browser Forum Meeting April 25, 2024

1 view
Skip to first unread message

Dimitris Zacharopoulos (HARICA)

unread,
May 9, 2024, 12:32:24 PMMay 9
to CA/Browser Forum Public Discussion List

These are the Final Minutes of the Teleconference described in the subject of this message, prepared by Ryan Dickson (Google Chrome).



Attendees: Aaron Poulsen (Amazon Trust Services), Adam Jones (Microsoft), Andrea Holland (VikingCloud), Ben Wilson (Mozilla), Bindi Davé (DigiCert), Brianca Martin (Amazon), Chris Clements (Google Chrome), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Dimitris Zacharopoulos (HARICA), Dong Wha Shin (MOIS), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-Trust), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Janet Hines (VikingCloud), Jay Wilson (Sectigo), Johnny Reading (GoDaddy), Keshava Nagaraju (eMudhra), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lynn Jeun (Visa), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Michael Slaughter (Amazon Trust Services), Miguel Sanchez (Google Trust Services), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Peter Miskovic (Disig), Rollin Yu (TrustAsia), Ryan Dickson (Google Chrome), Scott Rea (eMudhra), Sissel Hoel (Buypass), Stephen Davidson (DigiCert), Steven Deitte - (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tim Hollebeek (DigiCert), Trevoli Ponds-White (Amazon Trust Services), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yashwanth TM (eMudhra)



CA/Browser Forum Agenda – 25 April 2024


1. Begin Recording - Roll Call

  • N/A - the call is already recording.

  • Dimitris greeted participants and opened the meeting.


2. Read note-well

  • Dimitris read the note-well.


3. Review of Agenda

  • Dimitris reviewed the agenda.

  • No additional agenda items were raised for discussion.


4. Approval of minutes from the March 28, 2024 Teleconference (minutes were distributed 2024-04-19)

  • Dimitris made a call for objections, none voiced.

  • The draft minutes are considered approved.


5. Approval of minutes from the April 11, 2024 Teleconference (minutes were distributed 2024-04-18)

  • Dimitris made a call for objections, none voiced.

  • The draft minutes are considered approved.


6. Server Certificate Working Group update (Inigo)

  • SCWG:

    • Inigo summarized the last SCWG call that took place immediately prior to this call. Please refer to the SCWG minutes.

  • Validation Subcommittee updates: 

    • Last week’s meeting focused on:

      • continued discussions re: EV automation improvement ballot. The text is largely finalized. Globalsign is looking for endorsers. If interested, please contact Eva directly.

      • continued discussions re: improvements to 3.2.2.4.7 (CA assisted domain validation). Language finalized, formal balloting process expected to begin shortly. Endorsers needed.

      • Wayne led discussion to allow use of the ACME dns-account-01 validation method. Next steps will progress once an updated IETF draft is available to address open questions.

      • Discussion related to delegated third parties (DTPs) with regard to domain validation. Tackled methods .19 and .20 and outlined potential DTPs. Next meeting will focus on email validation methods. 

  • Other discussion:

    • Related to the SCWG, Dimitris was interested in learning more about the PAG

      • Inigo described that Ben has been leading the PAG. A meeting is planned for the following Monday, and Ben has prepared an agenda to lead the group.  


7. Code Signing Certificate Working Group update (Bruce)

  • No updates

8. S/MIME Certificate Working Group update (Stephen)

  • SMC-06 is in IPR review, ending May 11th. 

    • Noteworthy deadline: 9/15/24 - changes validation requirements for organizations. 

    • General updates:

      • Long running discussion re: deprecation of legacy profiles. Deprecation is forecasted for the middle of 2025. Stephen encouraged CAs who foresee challenges with the transition from the legacy profiles to participate in the S/MIME Working Group. 

      • Other updates are being discussed within the Working Group to include consistency with the TLS BRs: logging requirements, delegated DNS, and potentially Multi-Perspective Issuance Corroboration. 


9. Forum Infrastructure Subcommittee update (Jos)

  • No updates


10. NetSec Working Group update (Clint)

  • Clint shared the group met on Tuesday.

    • No final feedback or updates required related to NS-03 as a result of the discussion period, ballot is now in the voting period.

    • Briefly spent time reviewing the Section 4 ballot (finalized, ready to go into discussion, dependent upon NS-03 completing the voting process).

    • Remainder of time was spent discussing items that the group might shift focus to next (list of 10 or so items created, and issues in GitHub that should be revisited). Time spent in the subsequent meeting and at F2F will help set future course of action.


11. IPR update Subcommittee Charter (Ben)

  • Ben shared a revised charter has been prepared, with one endorser. Dimitris will give a final review and likely will feel comfortable endorsing. 


12. Bylaws update preparation (Dimitris)

  • Dimitris shared screen, reviewed bylaws-related issues in GitHub discussed at the last F2F meeting.

    • These items will guide subsequent updates to the bylaws.

    • Open items: 

      • Remove letters of intent for associate members

      • Standardize release cycles of Guidelines

      • Introduction of e-voting

    • Discussion on these issues and/or proposed updates are welcome.


13. F2F#62 agenda preparation (Dimitris)

  • Dimitris expects each WG to come up with its own agenda for the F2F.

  • Elements of the draft agenda need to be confirmed and finalized. 

  • We need to prepare for the upcoming elections cycle.

    • We’ll use a new process, and this will be discussed at the F2F.

    • Each WG will still maintain its own nomination and voting process (run through its list, or possibly through the e-voting method)


14. Any Other Business

  • New Definitions and Glossary Working Group

    • There’s an open declaration for participation. If you want to participate in the WG, declare it in the public list.

      • Dimitris assumes WG Chair/Vice-chair will work with the Forum Infrastructure subcommittee to stand up email lists/etc.

  • Adriano shared final logistics re: F2F. If you have questions or need help, email Adriano and Dimitris.

  • No other discussion.


15. Next call: May 9, 2024


16. Adjourn

Reply all
Reply to author
Forward
0 new messages