Final Minutes for the 2026-04-02 Validation Subcommittee Teleconference
Corey Bonnell
These are the final minutes of the teleconference described in the subject of this message as prepared by Wayne Thayer. These minutes were approved at the Validation Subcommittee call on April 16th, 2026.
# Meeting Minutes: Validation Subcommittee
**Date:** April 2, 2026
**Time:** 11:00 AM – 12:00 PM
**Chair:** @CoreyBonnell
**Note Taker:** @WayneThayer
---
## 1. Administrative Items
* **Note Well:** Participants were reminded of the CA/Browser Forum bylaws regarding antitrust, code of conduct, and intellectual property rights.
* **Minutes Approval:**
* **19 February Minutes:** Approved (circulated by Martijn K. on March 17).
* **F2F Meeting Minutes:** Currently in progress; approval deferred to the next meeting.
---
## 2. Active Ballot Updates
### ADN Processing Ballot
* **Status:** No major updates.
* **Lead:** @AaronGable (ISRG)
* **Next Steps:** Aaron plans to assign a ballot number and start the discussion period within the next 24–48 hours.
### Verification of Data Sources Ballot
* **Status:** Discussion regarding firming up requirements for data sources.
* **Lead:** Scott Rea (eMudhra)
* **Note:** The subcommittee aims to replace "shoulds" in the BRs with normative requirements. Further discussion is deferred until Scott is present.
### DNSSEC Clarification Ballot
* **Status:** Under development.
* **Lead:** @RichSmith (DigiCert)
* **Discussion:** Reviewed Henry Berge Lee’s response suggesting DNSSEC should be optional for all remote perspectives. Rich will consult internal DNS engineers; a draft is expected in 1–2 weeks.
---
## 3. Backlog Grooming & Tracker Updates
Corey led a review of several items in the project tracker (https://github.com/orgs/cabforum/projects/1) and updated statuses as follows:
| Issue # / Topic | Status | Decision / Outcome |
| :--- | :---: | :--- |
| **SC85 (CA as Applicant)** | **Done** | Closed. Resolved by language in SC66V4 (Section 1.3.3). |
| **Country Name in DV** | **In Progress** | Original title restored. Aaron Gable to create a new issue for prohibition discussion. |
| **SC88 (Delegating DNS)** | **Done** | Closed. Addressed by the ballot. |
| **SC98 (Acme Account URIs)** | **Open** | Kept open for Martijn K. to investigate DNS regressions. |
| **Arpa Validation** | **Done** | Formally closed in the tracker. |
| **RFC 9799 (Onion CAA)** | **Backlog** | No current driver due to high technical implementation lift. |
| **Issue 5907 (High-Risk)** | **Open** | Trevoli Ponds-White (Amazon) to prepare proposal to delete high-risk check language. |
| **Name Constraints** | **Monitoring** | Deferred pending community discussion on sunsetting the extension. |
---
## 4. Action Items
- [ ] **@AaronGable**: Create a new GitHub issue for the "Removal of Country Name from DV Certificates" discussion.
- [ ] **@RichSmith**: Circulate the DNSSEC Clarification Ballot draft to the management list.
- [ ] **@CoreyBonnell**: Contact Stephen regarding the inclusion of LEIs in subject fields.
---
## 5. Next Meeting
* **Date:** April 16, 2026
* **Time:** 11:00 AM ET
* **Agenda Items:**
1. ADN Processing Ballot Discussion
2. Approval of F2F Minutes
3. Update on High-Risk check proposal
---
## 6. Attendees
Aaron Gable (Let's Encrypt), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Dustin Hollenback (Apple), Gurleen Grewal (Google), Jaime Hablutzel (OISTE Foundation), Janet Hines (SSL.com), Johnny Reading (GoDaddy), Karolina Ruszczyńska (Asseco Data Systems SA (Certum)), Li-Chun Chen (Chunghwa Telecom), Martijn Katerbarg (Sectigo), Michael Slaughter (Amazon), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Pekka Lahtiharju (Telia Company), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sean Huang (TWCA), Shiloh Heurich (Fastly), Steven Deitte (GoDaddy), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Wiktoria Więckowska (Asseco Data Systems SA (Certum))