Draft CA/B Forum F2F meeting agenda
Dean Coclin
Here is the draft agenda for the F2F Toronto Meeting:
Tuesday, 10 June 2025 - Forum level (Day 1)
ALL TIMES LOCAL TO Toronto, Ontario
Start | Description | Discussion Leader / Notes |
08:30 | Check-in, get situated in room and virtual room, test audio/video |
|
09:00 | CA/Browser Forum Meeting | Dean Coclin (DigiCert) |
09:00 | Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics, Antitrust Statement, Code of Conduct | Dean Coclin (DigiCert) |
09:05 | Welcome by host | Pamela Steer (President and CEO, CPA Canada) Lilia Dubko (CPA Canada) |
09:15 | - Take Attendance - Assign Minute Takers | Tim Callan (Sectigo) |
09:30 | - Approval of F2F#65 Agenda
| Dean Coclin (DigiCert)
Mike Agrenius Kushner |
09:40 | - Introduction of F2F#66 meeting venue | Certum |
09:45 | Guest speaker: Chrome’s views on PQC Presented by David Adrian, PhD | |
Chrome is taking a threat-based approach to adopting quantum-resistant cryptography. Chrome’s initial efforts focused on mitigating store-now-decrypt-later attacks through the use of quantum-resistant key agreement algorithms. Mitigating active MiTM attacks by quantum computers, while important, is less urgent. This talk will cover Chrome’s journey, starting with early experiments and leading to the current deployments. We will touch upon challenges such as performance considerations and the importance of cryptographic and trust-anchor agility. We’ll close with Chrome’s broader vision for securing the web ecosystem against the quantum threat, ensuring user data remains protected today and into the future. | ||
10:15 | Break (30 min) | |
10:45 | Guest speaker: The Future of ZLint | |
This presentation will discuss the current state and future of the ZLint certificate linter. While ZLint was originally developed by an academic team for research purposes, it has been adopted by much of the CA industry and successfully used to prevent certificate misissuance and maintain compliance with both CABF and root store requirements. However, without support and a clear maintenance plan, the project has fallen behind following the introduction of the 2.0 BRs. Long term support and timely releases that follow the BRs requires community involvement and support. This presentation will briefly cover ZLint’s usage, current project current status and challenges and opportunities for its future. | ||
11:15 | CA proposed topics | |
Revocation Timelines Tim Callan, Dean Coclin | ||
11:45 | Panel Q&A with all speakers | Dean Coclin (DigiCert) Minutes: |
12:00 | Lunch (60 min) | |
13:00 | Mozilla Root Program Update | Ben Wilson (Mozilla) Minutes: |
13:15 | Cisco Root Program Update | Chad Dandar (Cisco) Minutes: |
13:30 | Apple Root Program Update | Clint Wilson (Apple) Minutes: |
14:00 | Microsoft Root Program Update | Karina Sirota (Microsoft) Minutes: |
14:15 | CCADB Update | Ben Wilson (Mozilla) Minutes: |
14:30 | Q&A Root program discussions | Dean Coclin (DigiCert) Minutes: |
15:00 | Break (30 min) |
|
15:30 | ETSI Update | Arno Fiedler (Vice Chair ETSI ESI) Minutes: |
15:45 | ACAB'c Update | Clemens Wanko (ACAB'c WG1 Chair) Minutes: |
16:00 | WebTrust Update | Tim Crawford (BDO - WebTrust TF), Lilia Dubko (CPA Canada) Minutes: |
16:15 | Q&A Audits and Standards | Dean Coclin (DigiCert) Minutes: |
16:45 | End of day one |
|
| ||
18:30 | Social Event: 18:30 - 21:30 | Lake Cruise |
| ||
Wednesday, 11 June 2025 - Forum level / Working Groups (Day 2)
Start | Description | Discussion Leader / Notes |
08:30 | Get situated in Room and virtual room, test audio/video |
|
09:00 | Infrastructure subcommittee | Jos Purvis (Fastly) Minutes: |
09:35 | IPR Subcommittee and Bylaws Changes | Ben Wilson (Mozilla) Minutes: |
10:00 | Definitions and Glossary new Working Group | Tim Hollebeek (DigiCert) |
10:30 | Break (30 min) |
|
11:00 | Network Security Working Group
| Clint Wilson (Apple) |
12:30 | Lunch (60 min) |
|
13:30 | Server Certificate Working Group
| Dimitris Zacharopoulos (HARICA) |
15:30 | Break (30 min) |
|
16:00 | Continuation of the Server Certificate Working Group | |
17:00 | End of day two | |
|
Thursday, 12 June 2025 - Working Groups (Day 3)
Start | Description | Discussion Leader / Notes |
08:30 | Get situated in Room and virtual room, test audio/video |
|
09:00 | Welcome | Corey Bonnell (DigiCert) |
09:05 | Continuation of the Server Certificate Working Group
| Corey Bonnell (DigiCert) |
10:30 | Break (30 min) |
|
11:00 | S/MIME Certificate Working Group
| Stephen Davidson (DigiCert) |
12:30 | Lunch (60 min) |
|
13:30 | Continuation of the S/MIME Working Group | |
15:00 | Break (30 min) |
|
15:30 | Code Signing Working Group Meeting | Martijn Katerbarg (Sectigo) |
17:00 | End of day three Thanks, goodbye and safe travels | CPA Canada |
Tony Rutkowski
Sent: Sunday, June 01, 2025 8:50 AM
To: 'Aaron Gable' via Public (CA/B Forum)
Subject: [External] [public] Draft CA/B Forum F2F meeting agenda
You received this message because you are subscribed to the Google Groups "Public (CA/B Forum)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public+un...@groups.cabforum.org.
To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/public/PH8PR14MB7110261FA4BDA4EAA53EEC049263A%40PH8PR14MB7110.namprd14.prod.outlook.com.
. . . . .
Dean Coclin
Sorry, is there a question regarding the agenda? Not clear what you are asking.
Dean Coclin
Tony Rutkowski
To: pub...@groups.cabforum.org
Subject: [External] [public] RE: Draft CA/B Forum F2F meeting agenda
Dean Coclin
Hello Tony,
The CRA is not part of any planned CA/B Forum workstreams. The Forum has never worked on security requirements for browsers and it’s not in scope for the Forum.
Dean Coclin
CA/B Forum Chair
Tony Rutkowski
Hello Tony,
The CRA is not part of any planned CA/B Forum workstreams. The Forum has never worked on security requirements for browsers and it’s not in scope for the Forum.
Dean Coclin
CA/B Forum Chair
Dimitris Zacharopoulos (HARICA)
I believe it would be beneficial to discuss Jeremy's proposal which seems to be building on the conversation we had at the last F2F.
Jeremy, you will be physically present in Toronto. Would you like to lead this discussion?
I believe the SCWG won't need all the allocated time so happy to give back 30 minutes or more for this discussion. If we are to decide narrowing the scope of the current SCWG to focus on the WebPKI (Browsers accessing publicly-accessible websites from the Internet), perhaps we should also consider the non-Browser server TLS use cases.
Best regards,
Dimitris.
--
Dean Coclin
We are looking forward to seeing everyone next week in Toronto. Please see the final agenda below.
- Specific working group agendas will come from those chairs.
- A couple of new topics were added since the draft.
- Please note the social event will take place on Day 1.
Remedies for CPS errors Tim Callan The past two years have seen several high-profile cases of CPS errors where the BRs required revocation of large numbers of certs, only to be replaced by new certificates that were identical in every way except the issuance date. This remedy can be highly disruptive to both Subscribers and Relying Parties. This segment will explore options for other remedies that maintain transparent, predictable, accountable CA behavior without putting a large number of operating online services through a possibly unnecessary, mass, surprise replacement. |
15:30 | ETSI Update | Iñigo Barreira (Representing ETSI ESI) Minutes: |
15:45 | ACAB'c Update |
Clemens Wanko (ACAB'c WG1 ) Minutes: |
13:30 | Renaming the Server Cert Working Group for accuracy
The CA/B Forum Server Cert working group rules only apply to the WebPKI and not all server certificates issued. The name is cited as a source of confusion in conversations with end users, especially when trying to move those subscribers to non-WebPKI certificates for server-to-server communication. Renaming the group will help subscribers understand that certificates trusted for WebPKI should not be used elsewhere. | Jeremy Rowley (DigiCert) |
14:00 | Server Certificate Working Group
Take attendance, read anti-trust statement, | Dimitris Zacharopoulos (HARICA) |
Dean Coclin
Two new topics were added by Enrico:
1. Using Chatham house rules for specific workshops (Tuesday)
2. Revocation technologies (Wednesday)
From: 'Dean Coclin' via Public (CA/B Forum) <pub...@groups.cabforum.org>
Sent: Thursday, June 5, 2025 12:37 PM
To: pub...@groups.cabforum.org
--
You received this message because you are subscribed to the Google Groups "Public (CA/B Forum)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public+un...@groups.cabforum.org.
Dean Coclin
Also, for tomorrow's agenda, we will swap the order of the CSCWG and SMCWG. Code signing will go first at 11am.
Thanks,
Dean Coclin