Final Minutes of the CA/BF Forum meeting, 2025-07-31

77 views
Skip to first unread message

Dean Coclin

unread,
Aug 28, 2025, 2:02:01 PMAug 28
to 'Martijn Katerbarg' via Public (CA/B Forum)

 

# Minutes of the CA/BF Forum Call, 2025-07-31

## Attendees

Aaron Gable (Let's Encrypt), Aaron Poulsen (Amazon), Alvin Wang (SHECA), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Doug Beattie (GlobalSign), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kate Xu (TrustAsia), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Matthew McPherrin (Let's Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Ryan Dickson (Google), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum))

## Administrivia

- Minutes taken by Aaron Gable
- Recording started
- Attendance taken by Webex
- Note well read by Wayne Thayer (at beginning of ServerCert call)
- Agenda (shared by Dean Coclin) approved
- Prior minutes
  - 2025-04-10 teleconference (taken by Trevoli Ponds-White): not yet distributed
  - June 2025 Toronto F2F: approved
  - 2025-07-17 teleconference (taken by Scott Rea): not yet distributed

## Working Group Updates

### Server Certificate Working Group


- Wayne Thayer: Mass Revocation Planning ballot has passed
- Validation subcommittee discussed Michael Slaughter's Persistent DCV ballot, and plans to move it into discussion period soon
- Also discussed ACME spec for Persistent DCV: Henry Birge-Lee and Shiloh Heurich are collaborating on a draft document for the IETF ACME WG
- Henry also shared a presentation (slides shared with Validation mailing list) on "crossover" validation methods
  - 3.2.2.4.8 and 3.2.2.5.3 use IP to validate DNS or vice versa
  - Suggests that these methods should be forbidden due to surprising security properties
  - May be included in existing draft ballot from Chrome which forbids email and phone-based methods

### Code Signing Certificate Working Group


- Martijn Katerbarg: a ballot has failed for the third time due to concerns over OCSP language
- Microsoft is working on a ballot to reduce validity period to 460 days as of March 2026

### S/MIME Certificate Working Group


- Stephen Davidson: Planning Forum-level ballot to update S/MIME WG Charter
- Ballot introducing PQC algorithms (SMC013) has passed
- Working on new ballot (SMC014) to parallel ServerCert's SC085
- Working on clarifying language regarding pseudonyms

### NetSec Working Group


- Clint Wilson: Work on Cloud Services vs on-prem still ongoing, more discussion to be had
- Still having issues with links to v2.0.5 (post NS008) PDF on the website

### Definitions and Glossary Working Group


- Tim Callan: no updates

### Forum Infrastructure Subcommittee


- Wayne Thayer: discussed ongoing issues re mailing list posting privileges
- Want to use automation, but haven't found solution yet

### Intellectual Property Rights Subcommittee


- Ben Wilson: Working on improving language around how Exclusion Notices are provided
- Planning another meeting for next week to continue this work

## Topic: Attendees list in Minutes

- Martijn Katerbarg: We've had a few minutes published without an attendance list attached
- Dean: Do we really need to include the list in every minutes?
- Corey Bonnell: The membership management tool is restricted, while minutes are public
- Nicol So: Agreed, makes sense to continue including it in the minutes
- Conclusion: continue including attendance in minutes

## Any Other Business

- Registration is open for Warsaw F2F
  - Reminder to register if you haven't already
- Next call: 2025-08-28
  - August 14 is cancelled due to cancellation of ServerCert and S/MIME

Reply all
Reply to author
Forward
0 new messages