Final Minutes for CA/B Forum plenary Meeting - February 12, 2026

33 views
Skip to first unread message

Dean Coclin

unread,
Feb 26, 2026, 11:27:53 AM (13 days ago) Feb 26
to 'Ben Wilson' via Public (CA/B Forum)

CA/B Forum plenary Meeting - February 12, 2026

 

Notes by: Janet Hines (VikingCloud)

 

Attendees

Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Enrico Entschew (D-TRUST), Eric Kramer (Sectigo), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Janet Hines (VikingCloud), Jeanette Snook (Visa), Jeff Ward (CPA Canada/WebTrust), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Julie Olson  (GlobalSign), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Karolina Ruszczyńska (Asseco Data Systems SA (Certum)), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Michelle Coon (OATI), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Raffaela Achermann (SwissSign), Rebecca Kelly (SSL.com), Roman Fischer (SwissSign), Ryan Dickson (Google), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Tim Callan (Sectigo), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum)).

 

Begin Recording - Roll Call

Read note-well 

 - Note-well read by Dimitris in the SCWG call

 

Review of Agenda

 - No changes

 

Approval of minutes: 

 - January 15, 2026 minutes were approved. 

 - January 29, 2026 have yet to be distributed.

 

Server Certificate Working Group update (Dimitris)

 - General Ballot discussions

 - Cleanup ballot: It was decided to cancel voting process to fix an incorrect RFC reference.

 - Validation Working Group (Corey)

     - Had guest speaker

     - CAA parameters ballot (Wayne) - Needs a second endorser.

     - CAA Security Draft RFC at the IETF

            - Defines a new CAA record type called security

            - Domain owner wants to use only DCV methods that can be cryptographically verified.

     - ADN Improvement ballot (Aaron and Jacob)

            - Discussion around various scenarios where following CNAMEs may or may not be allowed.  On mailing list for discussion.

 

Code Signing Certificate Working Group update (Martijn)

 - Migration to a single profile (OV and EV Code Signing)

 - Microsoft working on a proposal to remove the phone validation.

 

S/MIME Certificate Working Group update (Stephen)

 - SMC-015 - [Discussion Period] - Use of mobile driver’s license for automation of validation of identity and removal of outdated ETSI EN-319403. [EN-319403-1 was the replacement]

 - SMC-016 - Implement the TLS Ballots (DNSSEC logging removed out of scope and SHA-1 complete removal)

 - SMTP to SMTP authentication which is typically done by TLS clientAuth/serverAuth certificates.  Trying to gather data on this situation's impact to the email ecosystem.  May add this to the F2F discussion.

 

NetSec Working Group update (Clint)

 - Discussion on an approach that Miguel had put together for using NIST framework with the controls to update the NetSec requirements.

 

Definitions and Glossary Working Group (Tim C.)

 - No update

 

Forum Infrastructure Subcommittee update (Jos)

- Instructions for forms with QR to record the F2F in person attendance.

- CLA and guidelines for GitHub contributions (Ben working on this)

- Backlog grooming

- Added a backlog item to do a full review of the website, put up a change in Git or pass along to a member of the committee.

- One area is the About pages.  Ben deleted out of date materials on some.  Resources pages are out of date as well.

- Going to a monthly meeting calendar.

 

Any Other Business 

 - Please sign up for the F2F!

 - All groups should be thinking about their agenda for the F2F and place it in the wiki.

- IPR Revision:  Ben needs feedback via a straw poll.

      New member comes in they have 45-days to file an exclusion notice on a draft guideline; but it is not clear about existing guidelines.

      Question: Do we go with the vague existing policy of any guideline (existing and new) verses only draft guidelines

      Should send to the legal folks to review this in the IPR subcommittee.

- Add an IPR agenda item for the next few meetings.

 

Next call: Feb 26, 2026

Adjourn

 

Reply all
Reply to author
Forward
0 new messages