Re: [cabfpub] Discussion Period begins: Ballot FORUM-020 - Amend Code Signing Certificate Working Group Charter

[Dean Coclin via Public]

Sorry, I realize now this is a forum ballot.

 

Dean Coclin 

 

 

 

From: Martijn Katerbarg  
Sent: Monday, December 11, 2023 4:50 AM
To: Dean Coclin ; CABforum1 
Subject: Re: Discussion Period begins: Ballot FORUM-020 - Amend Code Signing 
Certificate Working Group Charter

 

Hi Dean,

 

Not sure I follow. The reason for the ballot is to get the required Forum 
approval.

 

Regards,

Martijn

 

From: Dean Coclin mailto:dean.coc...@digicert.com> >
Date: Thursday, 7 December 2023 at 21:47
To: Martijn Katerbarg mailto:martijn.katerb...@sectigo.com> >, CABforum1 mailto:public@cabforum.org> >
Subject: RE: Discussion Period begins: Ballot FORUM-020 - Amend Code Signing 
Certificate Working Group Charter

On #2, did we decide that it was ok to change scope of the WG w/o approval from 
the Forum?

 

Dean Coclin 

 

 

 

 

From: Public mailto:public-boun...@cabforum.org> 
> On Behalf Of Martijn Katerbarg via Public
Sent: Tuesday, December 5, 2023 4:23 AM
To: CABforum1 mailto:public@cabforum.org> >
Subject: [cabfpub] Discussion Period begins: Ballot FORUM-020 - Amend Code 
Signing Certificate Working Group Charter

 

Ballot FORUM-020 - Amend Code Signing Certificate Working Group Charter

Purpose of Ballot

This ballot proposes to amend the Code Signing Certificate Working Group 
(CSCWG) Charter with the following changes:

1.  Bump the Charter version.
2.  Add a limited scope for timestamp certificates.
3.  Remove the version reference of the bylaws that we follow.
4.  During a ballot, count only members that are in a voting class, 
disregarding associate members and interested parties.
5.  Align Quorum definition as half the average, as the Bylaws have it set.

The following motion has been proposed by Martijn Katerbarg of Sectigo and 
endorsed by Bruce Morton of Entrust and Dimitris Zacharopoulos of HARICA.

- Motion Begins -

MODIFY the Charter of the Code Signing Certificate Working Group as specified 
in the following redline:

https://github.com/cabforum/forum/compare/59185f16917cc7f5b83564fe5fddff32cf84c8ce...3d8bc6b6c183392a4893b64632f9fca74deddfd3
 

 

- Motion Ends -

This ballot does not propose a Final Guideline or Final Maintenance Guideline. 

The procedure for approval of this ballot is as follows:

Discussion Period (7+ days)

Start Time: 2023-12-05 – 10:00 UTC

End Time: Not before 2023-12-12 – 10:00 UTC

Vote for approval (7 days)

Start Time: TBD

End Time:  TBD

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Discussion Period begins: Ballot FORUM-020 - Amend Code Signing Certificate Working Group Charter

[Dean Coclin via Public]

On #2, did we decide that it was ok to change scope of the WG w/o approval from 
the Forum?

 

Dean Coclin 

 

 

 

 

From: Public  On Behalf Of Martijn Katerbarg via 
Public
Sent: Tuesday, December 5, 2023 4:23 AM
To: CABforum1 
Subject: [cabfpub] Discussion Period begins: Ballot FORUM-020 - Amend Code 
Signing Certificate Working Group Charter

 

Ballot FORUM-020 - Amend Code Signing Certificate Working Group Charter

Purpose of Ballot

This ballot proposes to amend the Code Signing Certificate Working Group 
(CSCWG) Charter with the following changes:

1.  Bump the Charter version.
2.  Add a limited scope for timestamp certificates.
3.  Remove the version reference of the bylaws that we follow.
4.  During a ballot, count only members that are in a voting class, 
disregarding associate members and interested parties.
5.  Align Quorum definition as half the average, as the Bylaws have it set.

The following motion has been proposed by Martijn Katerbarg of Sectigo and 
endorsed by Bruce Morton of Entrust and Dimitris Zacharopoulos of HARICA.

- Motion Begins -

MODIFY the Charter of the Code Signing Certificate Working Group as specified 
in the following redline:

https://github.com/cabforum/forum/compare/59185f16917cc7f5b83564fe5fddff32cf84c8ce...3d8bc6b6c183392a4893b64632f9fca74deddfd3
 

 

- Motion Ends -

This ballot does not propose a Final Guideline or Final Maintenance Guideline. 

The procedure for approval of this ballot is as follows:

Discussion Period (7+ days)

Start Time: 2023-12-05 – 10:00 UTC

End Time: Not before 2023-12-12 – 10:00 UTC

Vote for approval (7 days)

Start Time: TBD

End Time:  TBD

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Bylaws 2.5 draft

[Dean Coclin via Public]

I think it would be helpful also to define what rights and privileges a new 
proposed category of membership has. For example, do they get wiki access? 
posting privs to the public/mgmt. lists?


Dean

 

Dean Coclin 

Sr. Director Business Development

M 1.781.789.8686

 



 

 

From: Public  On Behalf Of Dimitris Zacharopoulos 
(HARICA) via Public
Sent: Monday, April 10, 2023 2:58 AM
To: CABforum1 
Subject: Re: [cabfpub] Bylaws 2.5 draft

 


More updates have been added to the draft version 2.5 

  of the Bylaws. Here is a list of the remaining Bylaws issues 

  to be addressed:

1.  Election issues
2.  Who must sign the IPR Agreement (when we have cases with a separate "CA 
Owner" and "CA Operator")
3.  Minimum days for review of draft minutes before approval for 
Teleconferences and F2F meetings
4.  Review and alignment of WG Charters
5.  Define specific release cycles for Guidelines

I believe we must address at least the election issues before going to ballot. 
In the meantime, I will also try to propose some language for items 2 and 3. 
Hopefully we can prepare a ballot by the end of April. Please let me know if 
any of you can endorse the changes proposed so far.

Items 4 and 5 need significant time and effort. I'm not sure we will have time 
to work on those items before the upcoming F2F but I would like to ask if there 
are any volunteers that can assist with proposing draft language, possibly 
using a separate GitHub branch.

 

Best regards,

Dimitris.

 

 

On 26/2/2023 3:50 π.μ., Dimitris Zacharopoulos (HARICA) wrote:


Dear Members,

I created 
https://url.avanan.click/v2/___https://github.com/cabforum/forum/pull/32___.YXAzOmRpZ2ljZXJ0OmE6bzo1OGE2MWYyNjEwOTk2MmVjN2U5MTA4ZDRmMTExZDQ1ZDo2OmYyNTg6MTg5MDgzMDEzMTdhNDRhMDg2Y2JiODNiMjEyYjdkZmYxZjczZGEwNTc3MmUwN2I2MGUzMzM0ODJkZjNmYTlhODp0OkY
 

  to capture the first set of Bylaws changes that try to address some of the 
Bylaws issues 

  we've been discussing for several months.

We will go over these and other changes introduced by Tim about the elections, 
on Tuesday at the F2F#58.

In the meantime, please take a look and share any feedback.


Best regards,
Dimitris.

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] DRAFT CA/B Forum Agenda for F2F Meeting Oct 24-26, 2022

[Dean Coclin via Public]

Hello Inaba-san,

The Webex information will be sent out just before the meeting starts later 
today.

 

Dean

 

From: Atsushi Inaba  
Sent: Monday, October 24, 2022 2:34 AM
To: Dean Coclin ; CABforum1 
Cc: Atsushi Inaba 
Subject: RE: DRAFT CA/B Forum Agenda for F2F Meeting Oct 24-26, 2022

 

Thank you for sharing the information.

 

BTW, are the participation links for remote attendees 

already informed?

 

Please forgive me if I have missed the information.

 

 

Kind regards,

Atsushi Inaba 

 

―

GMO GlobalSign K.K.

 

Business Planning

Atsushi Inaba

 

1-2-3, Dogenzaka, Shibuya Ku, Tokyo, Japan

150-0043

 

TEL: +81-3-6370-6671

FAX: +81-3-6370-6505

E-MAIL: atsushi.in...@globalsign.com <mailto:atsushi.in...@globalsign.com> 

URL:https://jp.globalsign.com/

―

THANK YOU 26 YEARS Internet for Everyone

We are the member of GMO Internet Group (Prime: 9449)

―

■ GMO INTERNET GROUP ■ http://www.gmo.jp/en/

―

This e-mail message is intended to be conveyed only to the 

designated recipient(s). If you are NOT the intended 

recipient(s) of this e-mail, please kindly notify the sender 

immediately and delete the original message from your system.

 

 

 

From: Public  On Behalf Of Dean Coclin via Public
Sent: Thursday, October 20, 2022 3:30 PM
To: CABforum1 
Subject: [cabfpub] DRAFT CA/B Forum Agenda for F2F Meeting Oct 24-26, 2022

 

Here is the draft agenda for next week:

 

This is the Agenda for the CA/B Forum Meeting.
Timezone is European Central/Germany Timezone assistance 
<https://www.timeanddate.com/worldclock/meetingtime.html?day=22&month=2&year=2022&p1=1428&p2=43&p3=64&p4=220&p5=37&p6=237&p7=248&iv=0>
  


Monday, 24 October 2022 - CA/B Forum Meeting (Day 1)


ESMT, Berlin, Germany 

ALL TIMES LOCAL TO Germany 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


12:00

13:00

Lunch available 



12:30

13:00

Check-in, get situated in room and virtual room, test audio/video



13:00

13:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Chair)


13:00

13:10

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics, 
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Chair)


13:10

13:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Chair)


13:10

13:30

2

Future face to face meeting schedule, fall election results, new working group 
chairs/vice chairs

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:30

13:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


13:40

13:50

4

Google Root Program Update

Ryan Dickson (Google) Minutes: 


13:50

14:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


14:00

14:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


14:10

14:30

7

CCADB Update

Chris Clements and Ryan Dickson (Google) Minutes: 


14:30

15:00

8

Updates to forum web pages 

Ben Wilson Minutes: 


15:00

15:15

9

Break 

Working Groups 


15:15

16:30

10

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


16:30

16:30

11

Adjourn S/MIME Meeting



ADJOURN 4:30pm 


Tuesday, 25 October 2022 - CA/B Forum Meeting (Day 2)


 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes

 


11:00

11:00

Call to Order and Welcome 

Dean Coclin (Chair) 


11:00

11:10

0

Welcome, Recap, New attendees, Assign Minute Takers, Logistics for evening 
event, Antitrust Statement

Dean Coclin (Chair)



11:10

11:40

1

Potential bylaw changes to election process

Tim Hollebeek (DigiCert) Minutes: - 



11:40

12:00

2

Forum use cases for PQC?

TBD


12:00

13:00

Lunch available in main floor (see signs)





Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:00

13:30

3

Guest Speaker: “Quantum Cryptography topic” 

Dr Manfred Lochter (BSI) 


13:30

13:45

4

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: Clemens Wanko 


13:45

14:00

5

ACAB'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: Andreas Henschel (D-Trust)


14:00

14:30

6

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: Ben Wilson (Mozilla)


14:30

14:45

7

Break 

Summary Presentations from Working Groups since last meeting 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


14:55

15:15

8

SCWG

Jos Purvis (Cisco), Doug Beattie (GlobalSign) Minutes: 


15:15

15:25

9

CSCWG

Bruce Morton (Entrust) Minutes: Bruce Morton (Entrust)


15:25

15:35

10

SMCWG

Mads Henriksveen (BuyPass) Minutes: Chris Kemmerer (SSL.com)

[cabfpub] Final CA/B Forum Agenda for F2F Meeting Oct 24-26, 2022

[Dean Coclin via Public]

 

Here is the final agenda for next week. 

NOTE: A change was made to the start of the S/MIME WG meeting on Monday due
to the addition of a new topic. This pushes the end time till 5pm.

 

Also, Webex information will be sent to the management list before the
meeting. The public is not allowed to attend the meeting.

 

FINAL AGENDA 

This is the Agenda for the CA/B Forum Meeting.
Timezone is European Central/Germany Timezone assistance
  


Monday, 24 October 2022 - CA/B Forum Meeting (Day 1)


Location: ESMT European School of Management and Technology, Schlossplatz 1,
10178 Berlin, Germany (https://esmt.berlin/)
(https://goo.gl/maps/CfWqC41as5wHFkfE6) 

Access to ESMT is restricted. Registration for the CA/B Forum will take
place in the entrance area of ESMT. The event will take place on the 2nd
floor. The way there is signposted. 

ALL TIMES LOCAL TO Germany 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


12:00

13:00

Lunch available in the lobby on the 2nd floor



12:30

13:00

Check-in, get situated in room and virtual room, test audio/video



13:00

13:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Chair)


13:00

13:10

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Chair)


13:10

13:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Chair)


13:10

13:30

2

Future face to face meeting schedule, fall election results, new working
group chairs/vice chairs

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:30

13:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


13:40

13:50

4

Google Root Program Update

Ryan Dickson (Google) Minutes: 


13:50

14:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


14:00

14:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


14:10

14:30

7

CCADB Update

Chris Clements and Ryan Dickson (Google) Minutes: 


14:30

15:00

8

Updates to forum web pages 

Ben Wilson Minutes: 


15:00

15:15

9

Break 


15:15

15:45

10

Working group hand off assistance

Dean Coclin Minutes: 

Working Groups 


15:45

17:00

11

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


17:00

17:00

12

Adjourn S/MIME Meeting



ADJOURN 5:00pm 

 


Tuesday, 25 October 2022 - CA/B Forum Meeting (Day 2)


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


11:00

11:00

Call to Order and Welcome 

Dean Coclin (Chair) 


11:00

11:10

0

Welcome, Recap, New attendees, Assign Minute Takers, Logistics for evening
event, Antitrust Statement

Dean Coclin (Chair)



11:10

11:40

1

Potential bylaw changes to election process

Tim Hollebeek (DigiCert) Minutes: - 



11:40

12:00

2

Forum use cases for PQC?

TBD


12:00

13:00

Lunch available in main floor (see signs)





Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:00

13:30

3

Guest Speaker: “Quantum Cryptography topic” 

Dr Manfred Lochter (BSI) 


13:30

13:45

4

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 


13:45

14:00

5

ACAB'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


14:00

14:30

6

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


14:30

14:45

7

Break 

Summary Presentations from Working Groups since last meeting 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


14:55

15:15

8

SCWG

Jos Purvis (Cisco), Doug Beattie (GlobalSign) Minutes: 


15:15

15:25

9

CSCWG

Bruce Morton (Entrust) Minutes: 


15:25

15:35

10

SMCWG

Mads Henriksveen (BuyPass) Minutes: 


15:35

15:45

11

NetSec WG

Clint Wilson (Apple) Minutes: 


15:45

16:00

12

Infrastructure Subcommittee

Jos Purvis (Cisco), Ben Wilson (Mozilla) Minutes:

Working Groups 


16:00

17:30

13

Code Signing Working Group 

Dean Coclin (DigiCert)

Minutes: 


17:30

17:30

14

Adjourn Code Signing Meeting



18:15

18:30

Meet in ESMT Lobby for departures to organ recital



18:30

18:30

Depart for organ recital



19:00

19:30

Organ recital in Gethsemane church, Prenzlauer Berg (Kim Nguyen,
organ), works by Karg-Elert, Mendelssohn and Bach
https://en.wikipedia.org/wiki/Gethsemane_Church 



19:45

20:00

Arrive at Evening Event at Hofbräuhaus Berlin
(https://www.hofbraeu-wirtshaus.de/en/berlin/)



20:00

22:00

Event and Dinner



22:00

22:00

Departure to the hotel on your own





 


Wednesday, 26 October 2022 - CA/B Forum Meeting (Day 3) 


Start 

Stop 

Slot 

[cabfpub] DRAFT CA/B Forum Agenda for F2F Meeting Oct 24-26, 2022

[Dean Coclin via Public]

Here is the draft agenda for next week:

 

This is the Agenda for the CA/B Forum Meeting.
Timezone is European Central/Germany Timezone assistance
  


Monday, 24 October 2022 - CA/B Forum Meeting (Day 1)


ESMT, Berlin, Germany 

ALL TIMES LOCAL TO Germany 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


12:00

13:00

Lunch available 



12:30

13:00

Check-in, get situated in room and virtual room, test audio/video



13:00

13:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Chair)


13:00

13:10

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Chair)


13:10

13:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Chair)


13:10

13:30

2

Future face to face meeting schedule, fall election results, new working
group chairs/vice chairs

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:30

13:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


13:40

13:50

4

Google Root Program Update

Ryan Dickson (Google) Minutes: 


13:50

14:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


14:00

14:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


14:10

14:30

7

CCADB Update

Chris Clements and Ryan Dickson (Google) Minutes: 


14:30

15:00

8

Updates to forum web pages 

Ben Wilson Minutes: 


15:00

15:15

9

Break 

Working Groups 


15:15

16:30

10

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


16:30

16:30

11

Adjourn S/MIME Meeting



ADJOURN 4:30pm 


Tuesday, 25 October 2022 - CA/B Forum Meeting (Day 2)



Start 

Stop 

Slot 

Description

Discussion Leader / Notes


11:00

11:00

Call to Order and Welcome 

Dean Coclin (Chair) 


11:00

11:10

0

Welcome, Recap, New attendees, Assign Minute Takers, Logistics for evening
event, Antitrust Statement

Dean Coclin (Chair)



11:10

11:40

1

Potential bylaw changes to election process

Tim Hollebeek (DigiCert) Minutes: - 



11:40

12:00

2

Forum use cases for PQC?

TBD


12:00

13:00

Lunch available in main floor (see signs)





Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:00

13:30

3

Guest Speaker: “Quantum Cryptography topic” 

Dr Manfred Lochter (BSI) 


13:30

13:45

4

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: Clemens Wanko 


13:45

14:00

5

ACAB'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: Andreas Henschel (D-Trust)


14:00

14:30

6

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: Ben Wilson (Mozilla)


14:30

14:45

7

Break 

Summary Presentations from Working Groups since last meeting 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


14:55

15:15

8

SCWG

Jos Purvis (Cisco), Doug Beattie (GlobalSign) Minutes: 


15:15

15:25

9

CSCWG

Bruce Morton (Entrust) Minutes: Bruce Morton (Entrust)


15:25

15:35

10

SMCWG

Mads Henriksveen (BuyPass) Minutes: Chris Kemmerer (SSL.com)


15:35

15:45

11

NetSec WG

Clint Wilson (Apple) Minutes: Adam Jones (Microsoft)


15:45

16:00

12

Infrastructure Subcommittee

Jos Purvis (Cisco), Ben Wilson (Mozilla) Minutes: Martijn Katerbarg
(Sectigo)

Working Groups 


16:00

17:30

13

Code Signing Working Group 

Dean Coclin (DigiCert)

Minutes: 


17:30

17:30

14

Adjourn Code Signing Meeting



18:15

18:30

Meet in ESMT Lobby for departures to organ recital



18:30

18:30

Depart for organ recital



19:00

19:30

Organ recital in Gethsemane church, Prenzlauer Berg (Kim Nguyen,
organ), works by Karg-Elert, Mendelssohn and Bach
https://en.wikipedia.org/wiki/Gethsemane_Church 



19:45

20:00

Arrive at Evening Event at Hofbräuhaus Berlin
(https://www.hofbraeu-wirtshaus.de/en/berlin/)



20:00

22:00

Event and Dinner



22:00

22:00

Depart for hotel





Wednesday, 26 October 2022 - CA/B Forum Meeting (Day 3) 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


11:00

11:00

Get situated in Room and virtual room, test audio/video 



11:00

11:00

0

Call to Order - Server Certificate Meeting Take attendance, read anti-trust
statement 

Jos Purvis (Fastly)




 


11:00

11:00

1

Validation WG Meeting 

Corey Bonnell (Digicert)


13:00

13:00

Adjourn Validation Meeting



13:00

14:00

Lunch available in main floor (see signs)



14:00

14:00

2

Network Security Meeting 

Clint Wilson (Apple)


15:15

15:15

Adjourn Network Security Me

[cabfpub] Final Minutes CA/B Forum Meeting-Aug 18 2022

[Dean Coclin via Public]

 

CA/Browser Forum Final Minutes August 18, 2022

 

1.  Opening Procedures- Dean 

a.  Roll Call 

Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller
(SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce
Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint
Wilson (Apple), Corey Bonnell (Digicert), David Kluge (Google), Dustin
Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail
(MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Jamie Mackey (US
Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox
(TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina
Sirota (Microsoft), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa
Telecom), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo),
Michael Guenther (SwissSign), Michelle Coon (OATI), Rebecca Kelley (Apple),
Roman Fischer (SwissSign), Ryan Dickson (Google), Tadahiko Ito (SECOM Trust
Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US
Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

 

2.  Read Antitrust Statement- Jos Purvis
3.  Review Agenda
4.  Approval of minutes of last call

a.  Approved

 

2.  Forum Infrastructure Subcommittee update given by Jos Purvis

The production of the membership tool and has been turned over to Martin for
code implementiation

 

3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  2 ballots approved and under review

a.  Clean up ballot that closed a lot of parking lot items

b.  Going to move forward with work on signing service update and the
requirements
c.  Making a change regarding revocation due to signing malware or key
compromise

 

4.  SMIME working group update given by Mad Henriksveen

a.  Get feedback on the SMIME baeline requirements draft

a.  Discussed framework approach for signature methods used for identity
and we removed parts of this

b.  Discussed path to ballot for the SMIME BRs- plans for September

 

5.  NetSec Working Group given by Clint Wilson

a.  Talked about ballot for redline on what cloud hosted infrastructure
would mean and what the expectations are for airgapped Cas vs non-airgapped
CAs

 

6.  Any Other Business:

a.  Berlin page on Wiki is open for signups and details

a.  Can we add discussion from browsers about post-quantum in the next
face-to-face? 

i.  Ben agrees that it would be good to talk about since NIST selected
an algorithm. Clint further agrees.
ii. Jos noted that some of the first post-quantum TLS options are being
pushed in sandboxes as examples but it's still very early. 

 

 

 

F2F Meeting Schedule 

*2022

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.

PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

 

*2023

 

*Spring TBD

*June: Redmond, WA (Microsoft)

*October: Portsmouth, NH (Globalsign)

 

 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call September 29, 2022

[Dean Coclin via Public]

 

CA/B Forum Meeting – September 29, 2022

 

Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Arno Fiedler 
(D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Clements 
(Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell 
(Digicert), Daryn Wright (GoDaddy), David Kluge (Google), Dean Coclin 
(Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin 
Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry 
Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Hogeun Yoo (NAVER Cloud), 
Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor 
Systems), John Mason (Microsoft), Johnny Reading (GoDaddy), Jos Purvis 
(Fastly), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lynn Jeun 
(Visa), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg 
(Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van 
Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic 
(Disig), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen Davidson 
(Digicert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias 
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers 
(GoDaddy), Wayne Thayer (Fastly), Yoshiro Yoneya (Japan Registry Services)

 

Minutes: Martijn Katerbarg

 

Read Antitrust Statement

Jos Purvis read the antitrust statement.

 

Review Agenda

No changes were made to the agenda.

 

Approval of Minutes from Last Teleconference

We’re still waiting on the minutes of the August 18th meeting. Minutes of 
September 15st were approved.

 

Forum Infrastructure report

One bug discovered in the membership tool during member registration. This was 
resolved and it seems to be working well now. 

We’re working on upgrading php with GoDaddy.

Ben Wilson sent out a list of pages to be updated and while some have been 
done, the list is still very large and there is no particular ownership of 
these. We will be looking to splitting up the list, so if you’re willing to 
help please let us know.

A PR request is open for tooling updates that generates the guideline 
documents. Individual working groups will need to look at upgrading and check 
that no documents are broken by this change. Each working group will also need 
to figure out if a formatting change will need a new document version.

 

Code Signing Working Group report

Ballot CSC-15 for the summer cleanup is now complete through the IPR period.
Ballot CSC-16 in which the date to require keys on hardware is postponed passed 
and is now in the IPR period.

Still working on signing service updates, malware proposals and timestamping.

 

NetSec report

Chair election ballot will close in a few hours. After the results are posted 
the Vice-Chair nominations will open. Other than that NetSec is moving onwards 
with the threat assessment.

 

S/MIME report

Formal discussion period for the ballot is underway but has been extended due 
to a number of discussion items. The pending issue of having a SHALL for OCSP 
is raised by Stephen. Some of the CAs have asked for OCSP to become a MAY, 
however Microsoft as Certificate Consumer has OCSP as a requirement in their 
Root Store Policy. Yet, at least one CA has made it clear that they have 
received confirmation by Microsoft that they only require OCSP for TLS 
Certificates, not code signing and S/MIME. Stephen has requested a 
representative from Microsoft to contribute to the discussion to get clarity. 
Kiran Tummala clarified that internal discussions are ongoing which is leaning 
towards making it optional, however it will be up to Karina to come with the 
official response once final decision has been made.

Dimitris mentioned that HARICA is one of the CAs that received a letter from 
Microsoft basically stating the OCSP requirement applies only to TLS 
certificates.

Dimitris also raised that there was also a discussion regarding the use of 
countryName. Stephen has put in and merged a PR that should resolve this issue.

 

Any other business

Election status: Code Signing Chair election is completed. Other working groups 
are about to close.

We will be extending the Vice-Chair nomination period for all WGs and the Forum 
itself.

 

The face to face meeting is cap is raised to 70 people. We have 64 signed up 
and 27 remote at this moment. A draft agenda has been published, with a start 
time of 11am local time except for Monday, which will start at 1pm.

If anything needs to be added to the agenda please submit this to Dean.

The evening event is set to start at 7pm but may be moved earlier.

 

Dimitris added that the CA Day and TSP Day agenda is now posted. 

 

Meeting adjourned.

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, October 13, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

NOTE: I will not be able to make the call, hence Karina will chair the
meeting.

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Karina


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Karina


0:01

11:34

11:35

4.

Approval of minutes of last calls September 29th  (still need mins from Aug
18)

Karina


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business- VC nominations/status, F2F signups/Agenda update

Karina


0:01

11:59

11:59

10.

Next call: F2F Meeting



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
Special Vice Chair Election Ballot: In discussion  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) PLEASE SIGN UP ON WIKI IF
YOU ARE ATTENDING IN PERSON OR REMOTE. CAPACITY INCREASED TO 70. SIGNUPS ARE
CLOSING NEXT WEEK!

*   2023

*   March TBD  Ottawa, Canada (Entrust)
*   June TBD: Redmond, WA (Microsoft)
*   October TBD: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, October 13, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

NOTE: I will not be able to make the call, hence Karina will chair the
meeting.

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Karina


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Karina


0:01

11:34

11:35

4.

Approval of minutes of last calls September 29th  (still need mins from Aug
18)

Karina


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business- VC nominations/status, F2F signups/Agenda update

Karina


0:01

11:59

11:59

10.

Next call: F2F Meeting



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
Special Vice Chair Election Ballot: In discussion  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) PLEASE SIGN UP ON WIKI IF
YOU ARE ATTENDING IN PERSON OR REMOTE. CAPACITY INCREASED TO 70

*   2023

*   March  Ottawa, Canada (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call September 15, 2022

[Dean Coclin via Public]

CA/B Forum Meeting - September 15, 2022

 

Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Andrea Holland
(SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Clint Wilson
(Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright
(GoDaddy), David Kluge (Google), Dean Coclin (Digicert), Dimitris
Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan
Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi
(GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor Systems),
Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft),
Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lynn Jeun
(Visa), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon
(OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Peter
Miskovic (Disig), Rebecca Kelley (Apple), Stephen Davidson (Digicert),
Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Tobias
Josefowitz (Opera Software AS), Vijayakumar (Vijay) Manjunatha (eMudhra),
Wayne Thayer (Fastly), Yoshiro Yoneya (Japan Registry Services)

 

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

 

2. Review Agenda

No changes were made to the agenda.

 

3. Approval of Minutes from Last Teleconference

Minutes of September 1st were approved.

On the last call we approved minutes from Aug 18th however, those minutes
had not been published yet. Hence we cannot approve them. Karina will work
to get those published.

 

4. Forum Infrastructure report

Jos gave the report. Mew Membership tool is up and running. Webex
integration requires a special license. Cutover plan to new system
discussed.  Oct 1st is the target date to make the old system read only.
Ballots will also be tabulated in the new tool. Future integrations with
Mailman are planned but will require an upgrade of our system. Admin emails
are going to a special mailbox. 
Working on upgrading php with GoDaddy.

 

5. Code Signing Working Group report

Bruce gave the report. Microsoft proposed moving the date to require keys on
hardware to fall 2023. After discussion, it was decided to move that to June
2023. This will help provide some relief to those trying to become
compliant. A new ballot is in process. Still working on signing service
updates, malware proposals and timestamping.

 

6. S/MIME report

Stephen Davidson gave the report. Formal discussion period for the ballot is
underway with much discussion taking place. A number of items have been
raised toward the end of the discussion period. Some are minor but others
involve more discussion. Hence there will likely be a delay going into
ballot. This is not unusual, given this is the first version of this
standard. Some minor changes include references to outdated ETSI standards.
Effective date is 10 months from now so if something is found before then,
changes can be made without affecting that date. 

 

7. NetSec report

Clint gave the update. Working on risk assessment. Group would like to pause
and gather feedback on it. Looked at air gap system requirements for NSSRs.
Not quite finished but making progress. 

 

8. Any other business

The face to face meeting is capped at 60 people but we have 63 signed up and
21 remote. Dean is talking to the host about expanding capacity to 70 but if
that is not possible, we will have to limit the number of guests. Then we
will have to go to the member list and limit the number of members from
individual companies. A draft agenda has been published, with a start time
of 11am local time with a 4pm end time (possibly longer for working groups).
Dean is looking for topics to add to the agenda. The CA Day and TSP Day
signups are open for Thursday and Friday that week. 

 

Nominations Status: Forum Chair nominations are in and voting period will
start soon. Vice Chair nominations will  start soon.

 

Meeting adjourned.

 

 

 

Dean Coclin

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum Call September 1, 2022

[Dean Coclin via Public]

 

Minutes for CA/B Forum Plenary meeting 2022-09-01

 

1. Roll call

 

Attendees: Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton
(Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson
(Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright
(GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug
Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew
(D-TRUST), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC
Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo),
Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis
(Fastly), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lynn
Jeun (Visa), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn
Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul
van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter
Miskovic (Disig), Rebecca Kelley (Apple), Ryan Dickson (Google), Stephen
Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek
(Digicert), Trevoli Ponds-White (Amazon), Vijayakumar (Vijay) Manjunatha
(eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management
Authority), Yoshiro Yoneya (Japan Registry Services)

 

2.  Antitrust statement

 

The Antitrust statement was read

 

3.  Approval of previous meetings

 

- Aug 18 meeting minutes were approved

- July 21st meeting minutes were approved

 

4.  Forum Infrastructure subcommittee

 

- Membership tool web site is now in production. Thank you Martijn!

- All data was imported from the current lists so all the profiles should be
present. Each Member should log in and check the records.

 

5.  Code Signing WG

 

- Discussed ballot regarding revocation in case of signing malware. The WG
is close to getting a ballot out for that.

- Signing service proposal is now on GitHub for the WG to review. 

- Updates in time-stamping issues coming up.

 

6.  S/MIME WG

 

- Pre-ballot discussion period last minute comments/requests for changes.

- The intent is to move to ballot and official discussion period within the
next week.

- Several topics are parked for v2 already (CAA, key escrow, etc).

 

7.  NetSec WG

 

- Update on the threat modelling discussion. Working on a redline
specifically around logical and physical equipment protections

 

Two major topics:

- The need to eliminate/reduce OCSP logging for privacy issues desire to
move to downgrading or eliminating OCSP requirement

- Trusted Roles and why do we have Trusted Roles, perhaps change the
terminology.

 

8.  Any Other business

 

a. Chair nominations

- Dimitris Zacharopoulos has been nominated as Chair of the Plenary group,
Karina is automatically nominated unless she declines.

- Stephen mentioned that he will be running for another term as SMCWG Chair

- Mads (current vice chair) said he needs more time to consider whether he
will be a candidate for SMCWG Chair or not.

- Clint is also interested in another term as NetSec Chair

- No candidates for SCWG Chair

 

b. F2F meeting in Berlin

- Berlin meeting is scheduled from Monday to Wednesday during the last week
of October. Already have 38 in person participants signed up. Capacity is
60. 

- Interesting place (former GDR headquarters building with a lot of history)

- More information will be out on the wiki over the next weeks. Visa letters
can be directed to Enrico.

- Guest speaker Dr Lochter will speak on PQC efforts within the German BSI

- On Thursday and Friday there is ENISA Trust Services Forum and CA Day
event. Very interesting event with many topics for CAs. CABF Members are
encouraged to stay until Friday. The event is held at the same location,
same building. Sign-up is not open yet but will open soon. It's limited to
100 persons to be physically present but there is also remote participation
capability.

 

c.  Spring Meeting

- March meeting 1st or 2nd week in Ottawa, Canada.

 

9. Next call 

Next scheduled call is on September 15.

 

Dean Coclin

CA/B Forum Chair

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, September 15, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls September 1st (still need mins from Aug
18)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business- nominations/status, F2F signups

Dean


0:01

11:59

11:59

10.

Next call: Sept 29, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) PLEASE SIGN UP ON WIKI IF
YOU ARE ATTENDING IN PERSON OR REMOTE. CAPACITY IS LIMITED TO 60!

*   2023

*   March  Ottawa, Canada (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, September 15, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls September 1st (still need mins from Aug
18)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business- nominations/status, F2F signups

Dean


0:01

11:59

11:59

10.

Next call: Sept 29, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) PLEASE SIGN UP ON WIKI IF
YOU ARE ATTENDING IN PERSON OR REMOTE. CAPACITY IS LIMITED TO 60!

*   2023

*   March  Ottawa, Canada (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum call July 21st, 2022

[Dean Coclin via Public]

Final Minutes of CA/B Forum call July 21st, 2022

 

Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller
(SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce
Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Chris
McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey
Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Devon
O'Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie
(GlobalSign), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry
Services), Hogeun Yoo (NAVER Cloud), Hubert Chao (Google), Inaba Atsushi
(GlobalSign), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Johnny
Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran
Tummala (Microsoft), Lynn Jeun (Visa), Marcelo Silva (Visa), Michelle Coon
(OATI), Nargis Mannan (SecureTrust), Nicolas Lidzborski (Google), Paul van
Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelley (Apple),
Sooyoung Eo (NAVER Cloud), Stephen Davidson (Digicert), Steven Deitte
(GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com),
Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer
(Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya
(Japan Registry Services)

 

Meeting conducted by vice-chair Karina Sirota

 

1.  The anti-trust statement was read.

 

2.  The agenda was reviewed. No changes.

 

3.  Approval of minutes of last call. Approved.

 

4.  Forum Infrastructure Report: Jos gave the report. Spam pull requests
on github were discussed at the last meeting (as one had recently occurred).
This raised the question of how to restrict this. The group is researching
it. In the meantime, a field will be added to the management membership tool
of github user names. This will help keep track of the authorized users.  A
discussion of the website also occurred. Ben will discuss with GoDaddy. Also
a discussion about mail delivery took place, which seems stable at this
point. Lastly, the membership management tool is almost ready. Will discuss
with Martijn when he returns. For phase 2, the membership tools will do the
mailing list management automatically. 

 

5.  Code Signing Working Group report: Janet Hines gave the update. The
signing service discussion was deferred until Bruce's return.  On
timestamping, a further discussion needs to take place before a draft ballot
is proposed. The malware proposal will be discussed on the next call.

 

6.  S/MIME Working Group report: Stephen gave the update. Certipath has
joined as an Associate Member and Visa has joined as a Certificate Issuer.
The S/MIME draft discussions are continuing. Topics around Org ID will
necessitate some tweaks to the draft. Expecting a formal ballot at the end
of the summer.

 

7.  NetSec Working Group report: Clint gave the update. A threat
assessment update was discussed and the github backlog was reviewed. If
anyone has comments, please look in the CA/B Forum Netsec repository and
provide your feedback.

 

8.  Any other business: Forum-18 is in discussion period. Next F2F in
Berlin is open for signup. CA Day is also the same week. Wayne asked if any
information has been published yet. Enrico and Arno are the ones to
follow-up with. 

 

9.  Meeting Adjourned

 

 

 

Dean Coclin

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, September 1, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls July 21st and Aug 18th

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business-vice chair nominations

Dean


0:01

11:59

11:59

10.

Next call: Sept 15, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   March  Ottawa, Canada (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, September 1, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls July 21st and Aug 18th

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business-vice chair nominations

Dean


0:01

11:59

11:59

10.

Next call: Sept 15, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   March  Ottawa, Canada (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum call August 4, 2022

[Dean Coclin via Public]

CA/B Forum FINAL Meeting Minutes 2022-08-04

1.  Roll Call
2.  Attendance: Aaron Poulsen (Amazon Trust Services), Andrea Holland
(SecureTrust), Chris Clements (Google Chrome), Chris Kemmerer (SSL.com),
Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI),
Daryn Wright (GoDaddy), Dean Coclin (DigiCert), Dustin Hollenback
(Microsoft), Enrico Entschew (D-Trust), Fumi Yoneda (JPRS), Hazhar Ismail
(MSC Trustgate), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie
Mackey (GSA FPKIMA), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Kiran
Tummala (Microsoft), Lynn Jeun (VISA), Mads Henriksveen (Buypass), Martijn
Katerbarg (Sectigo), Michelle Coon (OATI), Mike Gunther (SwissSign), Nargis
Mannan (SecureTrust), Pedro Fuentes (OISTE), Peter Miskovic (Disig), Rebecca
Kelley (Apple), Ryan Dickson (Google Chrome), Stephen Davidson (DigiCert),
Steven Deitte (GoDaddy), Tadahiko Ito (SECOM), Trevoli Ponds-White (Amazon
Trust Services), Tyler Myers (GoDaddy), Vijay Manjunatha (eMudhra), Wayne
Thayer (Fastly), Wendy Brown (FPKI), Yoshiro Yoneya (JPRS)
3.  Antitrust Statement read
4.  Review Agenda 
5.  Meeting Minutes:

a.  July 21st minutes: Still being drafted
b.  F2F minutes: Approved. 

6.  Infrastructure Subcommittee

Jos: Membership tool production rollout.  Once it is up we will let people
know so they can update their information. Phase 2 feature list: 1.
automated membership signup of mailer lists 2. field to declare GitHub user
id for CAB Forum business. Website Ben is working with GoDaddy to coordinate
updating php backend from 7 to 8. The website is also getting a revamp of
the template and restructuring of the content. 

7.  CS WG

Dean: Visa applied as an interested party and has been approved. For signing
services, Bruce is looking at turning the reformatted document to a ballot
and is waiting on Ian for additional review. Timestamping has been tabled to
wait for Ian from Microsoft to be back from vacation. For malware update,
Martijn is waiting on comments from Tim Hollebeek then he will move forward
with ballot.

8.  SMIME WG

Stephen: Exploring fringe cases of membership categories. There was a debate
over the description of certificate consumer category in the charter and if
a webhost provider meets the requirements. The resolution was to provide
associate membership for a webhost provider that does not have a mail user
agent.  For the draft requirements, changes are being checked into the draft
and last few items are being reviewed with the expected target for ballot
within the next month. 

9.  NetSec WG

Clint: Update on progress of Threat Assessment which is ongoing. Call for
additional participation Wednesdays after Infrastructure meeting, ping David
Kluge to join. 

10. Any Other Business:

Dean: Forum 18 has passed this allows for sitting Chairs and Vice Chairs to
remain in those roles for only the Working Groups. We will be starting
elections before August 30th.  A proposal to have elections for all working
group Vice Chairs and Forum Vice Chair on a single ballot. Then another
separate ballot for Chairs. Reminder the ballot process is to send your vote
via email to 2 separate auditors who will tally the votes.

Jos: Coordinating elections across the Working Groups makes things easier,
so each WG won't have to coordinate their own elections. 

Inigo: Potential problem with the timing and holidays with August having
many people away.

Dean: We have to follow the bylaws which state "At least 60 days prior to
the expiration of the current Chair or Vice Chairs term." October 30th is
the expiration date. Plan is that on August 30th announce that nominations
are open with two weeks for nominations and then a week for election which
would be in September. 

Inigo: That should work.

Dean: Reminder Vice Chair gets an automatic nomination to Chair on the Forum
level unless they decline. Anyone can be nominated for Vice Chair or Chair
there is no requirement that a person held a previous role. Please ensure
that the person you nominate wants to be nominated. 

11. Next Call: August 18th 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, August 18, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls July 21st and Aug 4th 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - Spring meeting update

Dean


0:01

11:59

11:59

10.

Next call: Sept 1, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   March  TBD (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, August 18, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last calls July 21st and Aug 4th 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: Sept 1, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
No Ballots  


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   March  TBD (Entrust)
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Voting Results: FORUM-18, Allow Re-election of CWG Chairs and Vice Chairs

[Dean Coclin via Public]

Voting on Ballot Forum-18 has closed and the quorum was met. Results are
below:

 

CAs voting in favor: Actalis, Buypass, Comsign, DigiCert, Disig, eMudhra,
Entrust, Fastly, GDCA, GlobalSign, GoDaddy, HARICA, Izenpe, JPRS, OISTE,
SECOM, Sectigo, SSL.com, SwissSign, TrustCor, Visa

Against: None

Abstaining: None

 

Certificate Consumers voting in Favor: Apple, Google, Mozilla, 360

Against: None
Abstaining: None

 

Therefore the ballot has PASSED.

 

Since this ballot does not involve IPR, there will be no IPR review.

 

Dean Coclin

CA/B Forum Chair

 

 

 

From: Public  On Behalf Of Tim Hollebeek via
Public
Sent: Wednesday, July 27, 2022 3:10 PM
To: CABforum1 
Subject: [cabfpub] Voting Begins: FORUM-18, Allow Re-election of CWG Chairs
and Vice Chairs

 

 

Ballot FORUM-18, Allow Re-election of CWG Chairs and Vice Chairs

 

Proposed by Tim Hollebeek of DigiCert and endorsed by Ben Wilson of Mozilla
and Wayne Thayer of Fastly.

 

Overview

 

Section 4.1 of the Bylaws describes elections for Forum Chair and Vice
Chair, and says:

 

"No person may serve as Chair for more than a two-year period or be elected
to Vice Chair upon expiration or termination 

of the person's service as Chair, but a person is eligible to be elected as
Chair again after having vacated the position

as Chair for at least one (1) term."

 

This makes it clear Forum Chairs and Vice Chairs cannot be re-elected (be
elected to a new term for the same office they

currently hold), but the situation is less clear for Chairs and Vice Chairs
of Chartered Working Groups (CWGs).

 

The current Bylaws have been read by some to allow re-election of CWG Chairs
and Vice Chairs, and by others to prohibit it.  

It has happened once in the past, and whether it is allowed depends on
whether "follow the procedures of Bylaws Section 4.1 

as closely as possible" is merely referring to election procedures, or also
candidate qualifications.

 

This ambiguity was discussed during the spring CA/Browser Forum Face-to-face
meeting, and the consensus was that we should 

update the Bylaws to clarify that re-election is allowed, and the election
process itself is sufficient to determine 

whether members want to retain the existing Chair and/or Vice Chair, or
whether they want to vote for someone else.  

This is important because the pool of qualified and willing candidates is
not particularly large.

 

This ballot retains the existing prohibition on re-election for Forum Chairs
and Vice Chairs.

 

- MOTION BEGINS -

 

The Bylaws of the CA/Browser Forum are amended as described in the following
redline:

 

https://github.com/cabforum/forum/compare/fa1a5cb37a452e53d769ed759c06f05d21
b1cb4b..f197d28fac92c807896d55b6ef43b776b6264aca

 

- MOTION ENDS -

 

The procedure for approval of this ballot is as follows:

 

Discussion (7+ days)

 

Start Time: 2022-07-20 2:45 PM Eastern (US)

 

End Time: 2022-07-27 3:15 PM Eastern (US)

 

Vote for approval (7 days)

 

Start Time: 2022-07-27 3:15 PM Eastern (US)

 

End Time: 2022-08-03 3:15 PM Eastern (US)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, August 4, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call July 21st 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business-Ballot update (see below) and Elections

Dean


0:01

11:59

11:59

10.

Next call: Aug 18, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
Forum-18: Allow Re-election of CWG Chairs and Vice Chairs 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
IT'S NOT TOO EARLY TO SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR
REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] REMINDER: Voting in progress: FORUM-18, Allow Re-election of CWG Chairs and Vice Chairs

[Dean Coclin via Public]

REMINDER:
Voting end Wednesday on Ballot Forum-18.


Dean Coclin

CA/B Forum Chair

 

From: Public  On Behalf Of Tim Hollebeek via
Public
Sent: Wednesday, July 27, 2022 3:10 PM
To: CABforum1 
Subject: [cabfpub] Voting Begins: FORUM-18, Allow Re-election of CWG Chairs
and Vice Chairs

 

 

Ballot FORUM-18, Allow Re-election of CWG Chairs and Vice Chairs

 

Proposed by Tim Hollebeek of DigiCert and endorsed by Ben Wilson of Mozilla
and Wayne Thayer of Fastly.

 

Overview

 

Section 4.1 of the Bylaws describes elections for Forum Chair and Vice
Chair, and says:

 

"No person may serve as Chair for more than a two-year period or be elected
to Vice Chair upon expiration or termination 

of the person's service as Chair, but a person is eligible to be elected as
Chair again after having vacated the position

as Chair for at least one (1) term."

 

This makes it clear Forum Chairs and Vice Chairs cannot be re-elected (be
elected to a new term for the same office they

currently hold), but the situation is less clear for Chairs and Vice Chairs
of Chartered Working Groups (CWGs).

 

The current Bylaws have been read by some to allow re-election of CWG Chairs
and Vice Chairs, and by others to prohibit it.  

It has happened once in the past, and whether it is allowed depends on
whether "follow the procedures of Bylaws Section 4.1 

as closely as possible" is merely referring to election procedures, or also
candidate qualifications.

 

This ambiguity was discussed during the spring CA/Browser Forum Face-to-face
meeting, and the consensus was that we should 

update the Bylaws to clarify that re-election is allowed, and the election
process itself is sufficient to determine 

whether members want to retain the existing Chair and/or Vice Chair, or
whether they want to vote for someone else.  

This is important because the pool of qualified and willing candidates is
not particularly large.

 

This ballot retains the existing prohibition on re-election for Forum Chairs
and Vice Chairs.

 

- MOTION BEGINS -

 

The Bylaws of the CA/Browser Forum are amended as described in the following
redline:

 

https://github.com/cabforum/forum/compare/fa1a5cb37a452e53d769ed759c06f05d21
b1cb4b..f197d28fac92c807896d55b6ef43b776b6264aca

 

- MOTION ENDS -

 

The procedure for approval of this ballot is as follows:

 

Discussion (7+ days)

 

Start Time: 2022-07-20 2:45 PM Eastern (US)

 

End Time: 2022-07-27 3:15 PM Eastern (US)

 

Vote for approval (7 days)

 

Start Time: 2022-07-27 3:15 PM Eastern (US)

 

End Time: 2022-08-03 3:15 PM Eastern (US)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, August 4, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call July 21st 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business-Ballot update (see below)

Dean


0:01

11:59

11:59

10.

Next call: Aug 18, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
Forum-18: Allow Re-election of CWG Chairs and Vice Chairs 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
IT'S NOT TOO EARLY TO SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR
REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum Meting: July 7, 2022

[Dean Coclin via Public]

CA/Browser Forum Meeting July 7, 2022



1.  Opening Procedures- Dean

a.  Roll Call

a.  Aaron Poulsen (Amazon), Adam Jones (Microsoft), Amanda Mendieta 
(Apple), 
Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Chris Clements (Google), 
Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), 
Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Devon 
O'Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), 
Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar 
Ismail (MSC Trustgate Sdn Bhd), Hubert Chao (Google), Inaba Atsushi 
(GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI 
Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor 
Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota 
(Microsoft), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Martijn 
Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul 
van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic 
(Disig), Rebecca Kelley (Apple), Sooyoung Eo (NAVER Cloud), Steven Deitte 
(GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera 
Software AS), Tyler Myers (GoDaddy), Vijay Kumar (eMuhdra), Wayne Thayer 
(Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya 
(Japan Registry Services)

a.  Read Antitrust Statement- Jos Purvis
b.  Review Agenda
c.  Approval of minutes of last call

a.  Available shortly after this call



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  Met shortly and agreed to keep moving forward
b.  Ask for members to continue testing the membership tools



3.  Code Signing Certificate Working Group update given by Corey Bonnell

a.  CSC 14 successfully passed IPR review and become effective last 
Wednesday
b.  Pushed back discussion on signing service requirements due to Bruce's 
absense
c.  Discussion on clean up ballot with minor fixes because of PanDoc format
d.  Martin from Sectigo's revocation requirements improvements ballot was 
discussed very briefly



4.  SMIME working group update given by Stephen Davidson

a.  Canceled. No Update



5.  NetSec Working Group given by Clint Wilson

a.  Discussed  two membership applications- SSL.Com and Fastly. Both have 
been 
approved.
b.  Talked about Risk Assessment- still have some work to do on the first 
component of the risk assessment, but it's getting closer. Once that is done, 
group will move forward to next component
c.  Talked about topics from the backburner

a.  Talked about redline on what cloud hosted infrastructure would mean and 
what the expectations are for airgapped CAs



6.  Any Other Business:

a.  Berlin page on Wiki is open for signups and details





F2F Meeting Schedule

*2022

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.

PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE



*2023



*Spring TBD

*June: Redmond, WA (Microsoft)

*October: Portsmouth, NH (Globalsign)





smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Final CA/Browser Forum agenda - Thursday, July 21, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Agenda revised to include Tim's proposed ballot Forum 18.

 

From: Public  On Behalf Of Dean Coclin via
Public
Sent: Tuesday, July 19, 2022 9:46 AM
To: CABforum1 
Subject: [cabfpub] Final CA/Browser Forum agenda - Thursday, July 21, 2022
at 11:30 am Eastern Time

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call July 7th

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business-Ballot discussion (see below)

Dean


0:01

11:59

11:59

10.

Next call: Aug 4, 2022 



0:00

12:00

12:00

11.

Adjourn




 

BALLOTS STATUS
Forum-18: Allow Re-election of CWG Chairs and Vice Chairs (proposal)


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
IT'S NOT TOO EARLY TO SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR
REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, July 21, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call July 7th

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: Aug 4, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
IT'S NOT TOO EARLY TO SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR
REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, July 21, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call July 7th

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: Aug 4, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
IT'S NOT TOO EARLY TO SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR
REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, July 7, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: July 21, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, July 7, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Dean


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: July 21, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED.
PLEASE SIGN UP ON WIKI IF YOU ARE ATTENDING IN PERSON OR REMOTE

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, June 23, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

F2F MINUTE TAKERS: Please submit your minutes to the wiki etherpad.

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: July 7, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, June 23, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

F2F MINUTE TAKERS: Please submit your minutes to the wiki etherpad.

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: July 7, 2022 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED

*   2023

*   Spring TBD
*   June: Redmond, WA (Microsoft)
*   October: Portsmouth, NH (Globalsign)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum meeting May 26, 2022

[Dean Coclin via Public]

Final Minutes of May 26, 2022 meeting



1.  Opening Procedures- Dean

a.  Roll Call

a.  Attendees: Aaron Poulsen (Amazon), Ben Wilson (Mozilla), Bruce Morton 
(Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Rasmussen 
(OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos 
(HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumi 
Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Inigo Barreira 
(Sectigo), Jamie Mackey (US Federal PKI Management Authority), Janet Hines 
(SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos 
Purvis (Cisco Systems), Karina Sirota (Microsoft), Marcelo Silva (Visa), 
Martijn Katerbarg (Sectigo), Nargis Mannan (SecureTrust), Niko Carpenter 
(SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca 
Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko 
Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Trevoli Ponds-White 
(Amazon), Wayne Thayer (Fastly), Yoshiro Yoneya (Japan Registry Services), 
Lynn Jeun (Visa)

a.  Read Antitrust Statement- Jos Purvis
b.  Review Agenda
c.  Approval of minutes of last call

a.  Minutes are being prepared and should be ready soon.





2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  Looking at changes to the webpage

a.  Adding more tools to the tool page
b.  Tagging system for minutes, ballots and other pages
c.  Focus on updating antiquated pages. Content owners will be reached out
d.  Looking at changing theme on the website
e.  ASK: If anyone knows anything about how to work with CSS and PHP or 
Wordpress, this WG is looking for support
f.  Discussion about wiki and access rights and were able fix all issues
g.  Will work with Github Activity bot will continue even on repos that are 
not 
as active
h.  ASK: New membership testing site is rlive and please go into it and 
test 
it.
i.  Did a review of the infrastructure presentation from last face to face



3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  Closed on ballot CSC 13 and updated CSBRs have been posted
b.  Voting to change format of CSBRs passed and will be going into IPR
c.  Discussed what will be discussed at Face to Face
d.  Relooking at high-risk cert requests because it would allow keys to be 
generated in software, but that was moved
e.  Once format is updated, group will work on eliminating references to 
SSL 
BRs to make CSBRs stand alone
f.  Discussed Amazon Trust Services joining as an associate member and that 
is 
in motion



4.  SMIME working group update given by Stephen Davidson

a.  We are in a 30 day pre-ballot discussion period

a.  Looking to move towards discussing issues in the next face to face and 
make 
a roadmap to move forward
b.  Most comments are about language, not so much about content.



5.  NetSec Working Group given by Clint Wilson

a.  Want to talk at face-to-face about narrative around risks associated 
with 
CA infrastructure
b.  Looking at  definitions in NSRs and TLSBRs and acknowledging the 
guidelines 
in the other BRs

a.  Same terms are used repeatedly but with different definitions
b.  Looking to make a central document for definitions with the BRs





6.  Any Other Business:

a.  Face-to-face June 6-8. There are 28 participants onsite and 50 online 
participants

a.  Agenda will be sent out to list and was shared during the meeting
b.  Meeting times for session were discussed as well.



F2F Meeting Schedule:

*2022

*June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be

followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri)





smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/B Forum meeting minutes May 12, 2022

[Dean Coclin via Public]

Final Minutes of May 12, 2022 meeting



1.  Opening Procedures- Dean

a.  Roll Call

a.  Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Amanda 
Mendieta 
(Apple), Ben Wilson (Mozilla), Brian Keogh (Microsoft), Brittany Randall 
(GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson 
(Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright 
(GoDaddy), David Kluge (Google), Dean Coclin (Digicert), Doug Beattie 
(GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumi 
Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), 
Hogeun Yoo (NAVER Cloud), Inaba Atsushi (GlobalSign), Inigo Barreira 
(Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny 
Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), 
Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen 
(Buypass AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon 
(OATI), Nargis Mannan (SecureTrust), Niko Carpenter (SecureTrust), Paul van 
Brouwershaven (Entrust), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), 
Sooyoung Eo (NAVER Cloud), Stephen Davidson (Digicert), Steven Deitte 
(GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera 
Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijay Kumar 
(India PKI Forum), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI 
Management Authority), Yoshiro Yoneya (Japan Registry Services)

a.  Read Antitrust Statement- Jos Purvis
b.  Review Agenda
c.  Approval of minutes of last call

a.  Approved



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  No update due to no meeting



3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  Closed on ballot and updated CSBRs have been posted
b.  Started a ballot on format update that is currently in discussion period
c.  Relooking at high-risk cert requests because it would allow keys to be 
generated in software
d.  Will discuss Open questions on time stamps
e.  Once format is updated, group will work on eliminating references to 
SSL 
BRs to make CSBRs stand alone



4.  SMIME working group update given by Stephen Davidson

a.  Entered 30 day pre-ballot discussion period to get feedback and the 
discuss 
at the face-to-face in Warsaw
b.  Reviewed changes made to document that included changes to the way that 
organization vetting occurs, introducing some flexibility for naming in the 
legacy profile and consideration of data protection



5.  NetSec Working Group given by David Kluge

a.  Revived older ballot drafts, in particular about offline and air gapped 
root CA systems
b.  Still working on risk assessments and threat modeling to identity 
specific 
risks.

a.  Have guest speaker to talk on this.



6.  Any Other Business:

a.  For F2F, Working groups should have short update presentations and talk 
to 
Dean about timing needed for sessions

a.  22 people will be attending in person and 26 people will be attending 
remotely.
b.  Shared agenda on screen and brief overview of agenda



F2F Meeting Schedule:

*2022

*June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be

followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri)





smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Agenda and Attendance Requirements

[Dean Coclin via Public]

Here is the final agenda for next week's meeting. Please note: VACCINE CARDS
OR A NEGATIVE TEST CERTIFICATE (WITHIN 48 hrs) ARE REQUIRED TO OBTAIN A
BADGE FOR IN PERSON ENTRY INTO THE MEETING.

Webex details will be published to the wiki for remote member attendance.

FINAL AGENDA 

This is the Agenda for the CA/B Forum Meeting.
Timezone is European Central/Poland/Germany Timezone assistance
  


Monday, 6 June 2022 - CA/B Forum Meeting (Day 1)


Sound Garden Hotel, Warsaw, Poland 

ALL TIMES LOCAL TO POLAND 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


12:00

12:30

Lunch available in 



12:30

13:00

Check-in, get situated in Room and virtual room, test audio/video



13:00

13:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Chair)


13:00

13:10

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Chair)


13:10

13:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Chair)


13:10

13:30

2

Future face to face meeting schedule, fall election discussion, working
group chairs

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 



13:30

13:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 



13:40

13:50

4

Google Root Program Update

Ryan Dickson, Devon O'Brien (Google) Minutes: 



13:50

14:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 



14:00

14:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes:



14:10

14:40

8

Guest Speaker: "The impact of quantum cryptography on trust services" 

Robert Poznański (Asseco Data Systems) 


14:40

14:50

7

Break 



14:55

15:30

6

Potential working group on standardized terms across the Forum 

Clint Wilson/Trevoli Ponds-White (Apple/Amazon) Minutes:



Working Groups 


15:30

17:30

9

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


17:30

17:30

10

Adjourn S/MIME Meeting



ADJOURN 5:30pm 


Tuesday, 7 June 2022 - CA/B Forum Meeting (Day 2)


Webex Meeting Link: 

Minute takers, please use: 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes



12:00

13:00

Lunch available 

Room and virtual room, test audio/video



13:00

13:00

Call to Order and Welcome 

Dean Coclin (Chair) 



13:00

13:10

0

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo Policy,
Logistics, Antitrust Statement, Code of Conduct

Dean Coclin (Chair)



Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:15

13:30

1

Continued discussion on fall elections 

Dean CoclinMinutes:


13:30

13:45

2

ETSI Update

Nick Pope (Vice Chair ETSI ESI) Minutes: 


13:45

14:00

3

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


14:00

14:30

4

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


14:30

14:45

5

Break 

Summary Presentations from Working Groups since last meeting 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


15:55

16:15

6

SCWG

Jos Purvis (Cisco), Doug Beattie (GlobalSign)Minutes: 


16:15

16:25

7

CSCWG

Bruce Morton (Entrust)Minutes: 


16:25

16:35

8

SMCWG

Stephen Davidson (DigiCert)Minutes: 


16:35

16:45

9

NetSec WG

Clint Wilson (Apple)Minutes: 


16:45

17:00

10

Infrastructure Subcommittee



Working Groups 


17:00

18:30

11

Code Signing Working Group 

Dean Coclin(DigiCert)

Minutes: 


18:30

18:30

12

Adjourn Code Signing Meeting



19:00

19:00

Meet in Hotel Lobby for departures to evening event



19:10

19:10

Depart Hotel by Taxi



19:30

19:30

Arrive at  Restaurant



19:30

22:00

Event and Dinner



22:00

22:00

Depart for hotel





Wednesday, 8 June 2022 - CA/B Forum Meeting (Day 3)


Webex Meeting Link: 

Minute takers, please use: 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


12:00

12:00

Lunch available in 



12:45

13:00

Get situated in Room and virtual room, test audio/video



13:00

13:00

0

Call to Order - Server Certificate Meeting 

Jos Purvis (Cisco), Doug Beattie (GlobalSign)


13:00

15:00

1

Validation WG Meeting 

Corey Bonnell (Digicert)


15:00

15:00

Adjourn Validation Meeting



15:00

15:30

2

Guest speaker: European Federation of Qualified Trust Service Providers

Viktor Varga, Guest Speaker


15:30

17:00

3

Network Security Meeting 

Clint Wilson (Apple)


17:00

17:00

Adjourn Network Security Meeting



17

[cabfpub] F2F Draft Agenda

[Dean Coclin via Public]

Here's the draft agenda for the F2F meeting in Warsaw:

 

This is the Agenda for the CA/B Forum Meeting.
Timezone is European Central/Poland/Germany Timezone assistance
  


Monday, 6 June 2022 - CA/B Forum Meeting (Day 1)


Warsaw, Poland 

ALL TIMES LOCAL TO POLAND 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


12:00

12:30

Lunch available in 



12:30

13:00

Check-in, get situated in Room and virtual room, test audio/video



13:00

13:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Chair)


13:00

13:10

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Chair)


13:10

13:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Chair)


13:10

13:30

2

Future face to face meeting schedule, fall election discussion, working
group chairs

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 



13:30

13:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 



13:40

13:50

4

Google Root Program Update

Ryan Dickson, Devon O'Brien (Google) Minutes: 



13:50

14:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 



14:00

14:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes:



14:10

14:30

7

Break 



14:30

15:00

8

Guest Speaker: "The impact of quantum cryptography on trust services" 

Robert Poznański (Asseco Data Systems) 


15:00

15:30

6

Potential working group on standardized terms across the Forum 

Clint Wilson/Trevoli Ponds-White (Apple/Amazon) Minutes:



Working Groups 


15:30

17:30

9

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


17:30

17:30

10

Adjourn S/MIME Meeting



ADJOURN 5:30pm 


Tuesday, 7 June 2022 - CA/B Forum Meeting (Day 2)


Webex Meeting Link: 

Minute takers, please use: 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes



12:00

13:00

Lunch available 

Room and virtual room, test audio/video



13:00

13:00

Call to Order and Welcome 

Dean Coclin (Chair) 



13:00

13:10

0

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo Policy,
Logistics, Antitrust Statement, Code of Conduct

Dean Coclin (Chair)



Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


13:15

13:30

1

Continued discussion on fall elections 

Dean Coclin Minutes:


13:30

13:45

2

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 


13:45

14:00

3

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


14:00

14:30

4

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


14:30

14:45

5

Break 

Summary Presentations from Working Groups since last meeting 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


15:55

16:15

6

SCWG

Jos Purvis (Cisco), Doug Beattie (GlobalSign)Minutes: 


16:15

16:25

7

CSCWG

Bruce Morton (Entrust)Minutes: 


16:25

16:35

8

SMCWG

Stephen Davidson (DigiCert)Minutes: 


16:35

16:45

9

NetSec WG

Clint Wilson (Apple)Minutes: 


16:45

17:00

10

Infrastructure Subcommittee



Working Groups 


17:00

18:30

11

Code Signing Working Group 

Dean Coclin(DigiCert)

Minutes: 


18:30

18:30

12

Adjourn Code Signing Meeting



19:00

19:00

Meet in Hotel Lobby for departures to evening event



19:15

19:15

Depart Hotel 



19:30

19:30

Arrive at event destination and reception



20:00

22:00

Event and Dinner



22:00

22:00

Depart for hotel





Wednesday, 8 June 2022 - CA/B Forum Meeting (Day 3)


Webex Meeting Link: 

Minute takers, please use: 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


12:00

12:00

Lunch available in 



12:45

13:00

Get situated in Room and virtual room, test audio/video



13:00

13:00

0

Call to Order - Server Certificate Meeting 

Jos Purvis (Cisco), Doug Beattie (GlobalSign)


13:00

15:00

1

Validation WG Meeting 

Corey Bonnell (Digicert)


15:00

15:00

Adjourn Validation Meeting



15:00

15:30

2

Guest speaker: European Federation of Qualified Trust Service Providers

TBD, Guest Speaker


15:30

17:00

3

Network Security Meeting 

Clint Wilson (Apple)


17:00

17:00

Adjourn Network Security Meeting



17:00

17:30

Wrap up




 

 

Dean Coclin

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public maili

[cabfpub] Final CA/Browser Forum agenda - Thursday, May 26, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

F2F Meeting signups end this FRIDAY! Please sign up!

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting, Membership requests

Dean


0:01

11:59

11:59

10.

Next call: F2F Meeting 



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, May 26, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

All-F2F Meeting signups end this FRIDAY! Please sign up!

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting, Membership requests

Dean


0:01

11:59

11:59

10.

Next call: ??



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri) MEETING IS CONFIRMED

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/B Forum minutes April 28th, 2022

[Dean Coclin via Public]

Final CA/Browser Forum Minutes April 28, 2022



1.  Opening Procedures- Dean

1.  Attendees: Adam Jones (Microsoft), Amanda Mendieta (Apple), Andrea 
Holland 
(SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer 
(SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen 
(OATI), Daryn Wright (GoDaddy), David Kluge (Google), Dean Coclin (Digicert), 
Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback 
(Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), 
Heather Warncke (Amazon), Hogeun Yoo (NAVER Cloud), Hubert Chao (Google), 
Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal 
PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor 
Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota 
(Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), 
Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Nargis Mannan 
(SecureTrust), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rae Ann 
Gonzales (GoDaddy), Rebecca Kelley (Apple), Stephen Davidson (Digicert), 
Thomas Zermeno (SSL.com), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera 
Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne 
Thayer (Fastly), Yoshiro Yoneya (Japan Registry Services)Read Antitrust 
Statement- Jos Purvis

Review Agenda

a.  Approval of minutes of last call

   i. 
Approved



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

1.  Reviewed work that is being done on new membership site- working on 
fixing 
bugs and hopeful to have something to show in the near future
2.  Discussed publication guidelines for posting to the publication website 
as 
written by Ben Wilson to make content on the website more consistent and 
easier to search and find. This will be going out to management list for 
feedback.



3.  Code Signing Certificate Working Group update given by Bruce Morton

1.  Moving focus to reformat ballot with upcoming discussion period. 
Hopefully 
will have format changed to format 3647 in the next month or so
2.  Subscriber key protection follow-up ballot coming to address some 
concerns



4.  SMIME working group update given by Stephen Davidson

1.  Lining up to do wider discussion on the ballot for adoption of the 
draft. 
Feedback is already coming in and the WG has gone back to review the 
specification.

1.  The organizational identity requirements had been lifted from the EV 
TLS 
guidelines and there was some concern that there were some parts that weren't 
as relevant for S/MIME. Current discussions are continuing to find the right 
level of validation.



5.  NetSec Working Group given by Clint Wilson

1.  Discussed OCSP uptime ballot and agreed that it should go to the server 
certificate working group but the S/MIME WG should follow to add this topic 
into their BRs and others as well. This can become a template for other 
things.

1.  Request to others to look over David Kluge's draft and review and 
provide 
feedback

0.  Q: Is there good participation in the meetings?

1.  Yes and looking for more participants



6.  Any Other Business:

1.  Meeting in Poland is still in on and there won't be conflict with the 
other 
meeting
2.  Discussed what time it should meet, but likely will be starting around 
noon 
in Poland, which is about 6am on the east coast
3.  Wiki sign-ups are open.





2022 F2F Meeting Schedule:

*June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be followed 
by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be followed 
by the CA Day and TSP event on Thurs/Fri)





smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, May 12, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

All-just a reminder to sign up for the upcoming face to face meeting in
Warsaw (on the wiki). A strawman agenda is now live on the wiki.

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting 

Dean


0:01

11:59

11:59

10.

Next call: May 26, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, May 12, 2022 at 11:30 am Eastern Time

[Dean Coclin via Public]

All-just a reminder to sign up for the upcoming face to face meeting in
Warsaw (on the wiki). A strawman agenda is now live.

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting 

Dean


0:01

11:59

11:59

10.

Next call: May 26, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum meeting April 14, 2022

[Dean Coclin via Public]

CA/Browser Forum Meeting April 14, 2022



1.  Opening Procedures- Dean

1.  Roll Call

Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland 
(SecureTrust), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton 
(Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell 
(Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin 
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico 
Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Heather Warncke 
(Amazon), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management 
Authority), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos 
Purvis (Cisco Systems), Karina Sirota (Microsoft), Khairil Nizam Abdul Malek 
(MSC Trustgate Sdn Bhd), Paul van Brouwershaven (Entrust), Peter Miskovic 
(Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Stephen Davidson 
(Digicert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), 
Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), 
Yoshiro Yoneya (Japan Registry Services)

a. Read Antitrust Statement- Jos Purvis

b. Review Agenda

c. Approval of minutes of last call

1.  Approved



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

1.  Had successful migration of DNS to GoDaddy and now can stand up a dev 
host 
for membership tool to start testing

1.  Going to create a label of 'interested person' for someone who is 
interested but not as a group in the tool

0.  Creating a style guide on how to post things to the website-e.g. 
picking a 
consistent date for minutes to make sure things are consistent
a.  There was a website issue over the weekend but it has been resolved. It 
was 
an internal issue but it was corrected very quickly.
b.  Talked about tools page- adding more sections per type of interested 
person 
and adding additional tools



3.  Code Signing Certificate Working Group update given by Bruce Morton

1.  Approved ballot 13 for subscriber key protection. It's in IPR and will 
be 
effective 11/15/2022.
2.  Moving on to finalize format change to RFC 3647 format.



4.  SMIME working group update given by Stephen Davidson

1.  Draft of BRs is complete
2.  Working through fringe cases that are not included in other types of 
BRs- 
common names, functional names (like help desk) or a pseudonym, as well as 
field serial number, which is can be used in different ways in S/MIME certs, 
like an employee ID number or a personal identifier like in ETSI
3.  Moving into formal pre-ballot discussion period shortly. Now is the 
time 
for organizations to review and read
4.  Goal to move into ballot in the summer.



5.  NetSec Working Group given by Clint Wilson

1.  Risk Assessment is ongoing
2.  Discussion on OCSP uptime requirements in the BRs and it's essentially 
24/7- which is an Atypical SLA. Starting to discuss what would be more 
realistic

1.  Move towards drafting a requirement that requires Cas to report this in 
their CPS to get a better understanding of what would be more reasonable.
2.  This couldn't be a NetSec ballot since it's in the BRs, but it should 
be in 
either the Server Cert group or maybe in the validation group

1.  Should be added to the server certificate working group agenda- maybe 
add 
it to next week
2.  Other working groups will have to also update their BRs if they need it
3.  Should there a baseline of baselines? That is the baseline requirements 
that goes for every type of certificate and then working groups make their own
4.  Suggested that this conversations should be made on the mailing lists, 
not 
in a specific meeting.

0.  Went through an complied issues in Github of things that have been 
discussed over the years to start going through





6.  Any Other Business:

1.  Meeting in Poland is still in on. Wiki sign-ups are open. Notices will 
be 
sent out and all information is online

1.  Is there anything we can do to help make the remote experience good?
2.  Dean will check with the hosts



 MEETING ADJOURNED



F2F Meeting Schedule:

*2022

*June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be followed 
by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be followed 
by the CA Day and TSP event on Thurs/Fri)



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, April 28, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting status

Dean


0:01

11:59

11:59

10.

Next call: May 12, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, April 28, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business - F2F meeting status

Dean


0:01

11:59

11:59

10.

Next call: May 12, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum meeting March 31, 2022

[Dean Coclin via Public]

Here are the final minutes for the subject call:





1.  Opening Procedures- Dean

a.  Roll Call

a.  Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda 
Mendieta (Apple), Ben Wilson (Mozilla), Brian Keogh (Microsoft), Brittany 
Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint 
Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin (Digicert), Devon 
O'Brien (Google), Dimitris Zacharopoulos (HARICA), Dustin Hollenback 
(Microsoft), Fumi Yoneda (Japan Registry Services), Heather Warncke (Amazon), 
Hogeun Yoo (NAVER Cloud), Hubert Chao (Google), Inaba Atsushi (GlobalSign), 
Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), 
Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco 
Systems), Karina Sirota (Microsoft), Mads Henriksveen (Buypass AS), Martijn 
Katerbarg (Sectigo), Michelle Coon (OATI), Miguel Sanchez (Google), Paul van 
Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic 
(Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Renne Rodriguez 
(Apple), Ryan Dickson (Google), Sooyoung Eo (NAVER Cloud), Stephen Davidson 
(Digicert), Tadahiko Ito (SECOM Trust Systems), Trevoli Ponds-White (Amazon), 
Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI 
Management Authority), Yoshiro Yoneya (Japan Registry Services)Read Antitrust 
Statement- Jos Purvis
b.  Review Agenda
c.  Approval of minutes of last call (3/17/2022)

a.  Approved

c.  Approval of minutes from face-to-face 55

a.  Approved



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  New Membership tool code is in a private GitHub repo and being 
discussed 
and reviewed with features. It is looking promising.
b.  Did DNS cutover on past Monday, which means the Forum has direct 
control 
over DNS router now. We can create DNS records for tools on our own. No issues 
with cutover.
c.  Discussed website update. Ben has completed it, so people should review 
cabforum.org website and provide feedback
d.  Had discussion on making manuals and flows in GitHub, including a style 
guide for markdown to help with best practices for ballots.



3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  Closed out on ballot for weak keys and this ballot is in voting until a 
week from now (4/7/2022)
b.  Discussion on timestamp policy- this discussion will continue next week.
c.  Discussion on subscriber having issues with getting through EV code 
validation. This is currently being investigated to see if this will be a 
topic in the future.



4.  SMIME working group update given by Stephen Davidson

a.  At an advanced stage of the S/MIME BRs

a.  Examples: exploring organizational identifier, working on ensuring that 
there is international coverage, clarifying the common name field and maybe 
the pseudonym field.

a.  Started discussions on bringing this document to ballot

a.  At some point in the coming weeks, the group will call a pre-ballot 
period 
for discussion for at least 30 days to read the document and review.
b.  Have this completed before officer elections in the fall



5.  NetSec Working Group given by Clint Wilson

a.  Around risk assessment, specifically around assets and where assets are 
located and asset categories and correlating that information to risk 
scenarios
b.  If there are individuals that are specialized in this, the group is 
requesting more eyes looking into the group



6.  Any Other Business:

a.  If there are new members joining from your group, please fill out 
document 
on wiki to help with management list.
b.  Someone is trying to scam the forum to try to join but it's all coming 
from 
a single Gmail account. Dean is keeping an eye on it.
c.  Next Meeting is April 14, 2022





F2F Meeting Schedule:

2022

*June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be

followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be

followed by the CA Day and TSP event on Thurs/Fri)



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, April 14, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: April 28, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, April 14, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Any other business

Dean


0:01

11:59

11:59

10.

Next call: April 28, 2022



0:00

12:00

12:00

11.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call March 17, 2022

[Dean Coclin via Public]

Final minutes of CA/B Forum call March 17, 2022

 

Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda
Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla),
Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer
(SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Ward (SSL.com), Enrico
Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Heather Warncke
(Amazon), Hogeun Yoo (NAVER), Hubert Chao (Google), Inaba Atsushi
(GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor Systems),
Johnny Reading (GoDaddy), Karina Sirota (Microsoft), Kati Davids (GoDaddy),
Khairil Nizam Abdul Malek (MSC Trustgate Sdn Bhd), Kiran Tummala
(Microsoft), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn
Katerbarg (Sectigo), Michelle Coon (OATI), Paul van Brouwershaven (Entrust),
Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales
(GoDaddy), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Ryan Dickson
(Google), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers
(GoDaddy), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya
(Japan Registry Services)

 

1.  Opening Procedures- Dean 

a.  Roll Call- per above
b.  Read Antitrust Statement- Jos Purvis
c.  Review Agenda
d.  Approval of minutes of Feb 3rd call

a.  Approved

 

2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  Working group repo on Github is now working
b.  Terrific demo of membership application web app. This will be a
great step up from current tooling

a.  Next steps are going to be setting up dev pages on AWS and then
start tracking in parallel until finally moving over to it permanently
b.  There is a neat way how to track attendance on Webex, so this could
be automated. 
c.  If anyone has experience with php, the group is looking for help

b.  Difficulties in balloting are more in scope of content rather than
processes

a.  Will do some documentations on how to do the technical aspects

c.  Discussed general revamp of the websites. 
d.  There was a security issue with the site and GoDaddy and Ben were
helpful in cleaning that up. 
e.  Do they know what happened? They think there was an authentication
breach. Do they know which account was breached? No, but anyone who has
access has been asked to change creds. 
f.  Plan for changing over DNS from GoDaddy to AWS soon. May push out
this cutover due to ballot, but will look forward to it. 

 

3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  Long discussion on subscriber key protection, and discussion on
ballot, which should go out shortly. 
b.  Long Discussion on going through the current document on bringing it
up to date on the signing services. 

 

4.  SMIME working group update given by Stephen Davidson

a.  Discussion on wrapping up odds and ends on text for ballot before it
goes out. 
b.  Intend to have a month of pre-ballot discussion in order to find any
issues, discussion
c.  Before going to a proper ballot in accordance with the bylaws. 
d.  Have general agreement on how to go forward
e.  Having general discussions on the details, like the use of the
pseudonym aspect or reuse of common name, as examples. 
f.  In terms of mailbox validation, we are adopting the TLS Baseline
requirements methods for  proving mailbox control. 

a.  There has been an additional discussion that there would be a
variant on the MX method

f.  Draft is here: https://github.com/cabforum/smime/blob/preSBR/SBR.md

 

5.  NetSec Working Group given by Clint Wilson

a.  A shift in the time for the cloud services and infrastructure group
to 9am Pacific time starting next week. This group is progressing in the
risk assessment quite well and still looking for more people. 
b.  Looking at ballots around defined terms, adding definitions and
fixing definitions overall. 
c.  Will continue to give this update going forward. 

 

6.  Any Other Business:

a.  Next meeting is in Warsaw. Will continue to look ahead and make a
decision going forward. 

a.  Will there be a hybrid? Maybe, but we cannot promise quality of the
hybrid. 
b.  Suggest to err on side of having a good hybrid meeting, but wait and
see

a.  Berlin meeting is still scheduled for Oct 24-26

 

 

 

Meeting Adjourned

 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, March 31, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9.

Next call: April 14, 2022



0:01

11:59

12:00

10.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED BUT SUBJECT TO CHANGE
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, March 31, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9.

Next call: April 14, 2022



0:01

11:59

12:00

10.

Adjourn




 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Warsaw, Poland (Note: Meeting dates are Mon-Weds and will
be followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS
CONFIRMED BUT SUBJECT TO CHANGE
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum meeting February 3, 2022

[Dean Coclin via Public]

Here are the final minutes for the subject call:

 

Attendees: Adam Jones (Microsoft), Amanda Mendieta (Apple), Andrea Holland
(SecureTrust), Ben Wilson (Mozilla), Clint Wilson (Apple), Corey Bonnell
(Digicert), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Dimitris
Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback
(Microsoft), Enrico Entschew (D-TRUST), Fumi Yoneda (Japan Registry
Services), Heather Warncke (Amazon), Inaba Atsushi (GlobalSign), Inigo
Barreira (Sectigo), Israel Ventura (US Federal PKI Management Authority),
Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco
Systems), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen
(Buypass AS), Michelle Coon (OATI), Peter Miskovic (Disig), Rae Ann Gonzales
(GoDaddy), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Ryan Dickson
(Google), Stephen Hillier (Entrust), Tamer Ergun (Kamu SM), Tobias
Josefowitz (Opera Software AS), Tom Cloward (Microsoft), Tsung-Han Yang
(Chunghwa Telecom), Wendy Brown (US Federal PKI Management Authority),
Wojciech Trapczyński (Asseco Data Systems SA (Certum)), Yosiaki Iida (SECOM
Trust Systems)

 

Anti-Trust Statement: Jos read the statement

 

Review of agenda: The agenda was reviewed. Dean will add a topic of adding
member names to the agenda.

 

Approval of prior meeting minutes: The minutes from Jan 20th were approved.

 

Forum Infrastructure Subcommittee: Jos gave the update. Meeting was held on
Jan 26th. Discussions centered around automated updates for github and other
items. Discussions took place around balloting/formatting as well as the new
membership spreadsheet to make sure it was working well.  There was also a
discussion about the new NetSec working group and getting them established
on the wiki.

 

Code Signing Working Group: Andrea gave the update. A new interested party
was approved. Discussions are underway on the subscriber key protection
ballot. Endorsers are being sought. Timestamping validity period was
discussed. Timestamping OIDs were discussed briefly. Plans for the face to
face were made to determine the primary topics for that meeting.

 

S/MIME Working Group: Stephen gave the update: The group is continuing
discussions on mailbox validation. A proposed method from Google on using MX
records to validate control of the server was discussed. There has also been
additional discussion on the individual challenge/response to an individual
mailbox and how that should be performed and the reuse period of that. It's
been set at 31 days in the draft document. This is now available in github
if anyone wants to look at it.  A discussion then took place about
enterprise RAs. Stephen said the draft document is advancing very quickly. A
walk thru of the document will take place at the F2F meeting. 

 

NetSec Working Group: Clint had given an update as part of the earlier SCWG
meeting but reiterated that there is a Doodle poll available for the
proposed meeting times. A ballot should be starting to adapt the NCSSRs.
David was confirmed as Vice Chair. 

 

Next F2F Meeting: Over 70 attendees are expected between remote and
in-person (approx. 22 in person). Dean reminded everyone to bring their
vaccine cards and wear masks. We do have a teleconference scheduled for Feb
17th and the group agreed to hold that call as planned. 

 

Membership Lists: Dean mentioned that it is difficult to ascertain who is a
member of which working group. It is not published on our website, only
members of the Forum are listed. Ben said we should publish such a list on
our website. Several other people agreed. Jos said as long as they are not
seen as "endorsers", that should be ok. Dean suggested this list be placed
on the Working Group pages. Ben asked if we can link to the membership
spreadsheet. Dean said that was not publicly available. Trev said that the
website needed some other cleanup so this would be a good time to do this.
Ben suggested that the list from the spreadsheet could be exported and
linked to.  Jos suggested that each WG chair should be responsible for
gathering this list and giving it to the webmaster to publish. Dean
concurred and asked each chair to send their member list to Ben Wilson who
will update the pages. 

 

Meeting adjourned.

 

 

Dean Coclin

CA/B Forum Chair

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, March 17, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Next F2F: Warsaw Poland June 6-8, 2022

Dean


0:01

11:59

12:00

10.

Next call: March 31, 2022

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED
BUT SUBJECT TO CHANGE
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, March 17, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Next F2F: Warsaw Poland June 6-8, 2022

Dean


0:01

11:59

12:00

10.

Next call: March 31, 2022

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED
BUT SUBJECT TO CHANGE
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum February 17, 2022

[Dean Coclin via Public]

Final Minutes of CA/B Forum (February 17, 2022)   


 

Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda Mendieta 
(Apple), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer 
(SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Daryn Wright 
(GoDaddy), Dean Coclin (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback 
(Microsoft), Fumi Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), 
Jamie Mackey (US Federal PKI Management Authority), Joanna Fox (TrustCor 
Systems), Jos Purvis (Cisco Systems), Kati Davids (GoDaddy), Marcelo Silva 
(Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Paul van 
Brouwershaven (Entrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), 
Renne Rodriguez (Apple), Ryan Dickson (Google), Trevoli Ponds-White (Amazon), 
Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI 
Management Authority), Yoshiro Yoneya (Japan Registry Services)

 

*   Roll Call (Dean Coclin, DigiCert)

*   Dean captured the roll and requested new participants to identify 
themselves.
*   Ryan Dickson taking minutes.

 

*   Read Antitrust Statement (Jos Purvis, Cisco)

*   Jos read the antitrust statement. 

 

*   Review Agenda (Dean Coclin, DigiCert)

*   Dean reviewed the agenda. No changes. 

 

*   Approval of February 3, 2022 Meeting Minutes (Dean Coclin, DigiCert) 

*   Meeting minutes are still being finalized.
*   We’ll look to share for the group’s review and approval at the soonest 
opportunity.

 

*   Next F2F: Salt Lake City, Feb 22-24 2022. Final Info (Dean Coclin, 
DigiCert)

*   Overviewed key details in preparation for next week’s F2F meeting.

*   Agenda   posted to the Wiki
*   Breakfast (beginning 1 hour before the meeting) and lunch (continuing 
for 1 hour after the meeting) will be provided daily in the room adjacent to 
the meeting space.

*   Meeting times have been reduced to support the global audience.

*   Tuesday, 22 February 2021 - 9 AM MT - 1PM MT

1.  Agenda will include Browser/Root Program updates, Audit updates, and 
summary presentations from Working Groups

*   Wednesday, 23 February 2022 - 8 AM MT - 12:30 PM MT 

1.  Agenda will include Server Certificate Working Group and Validation 
Subcommittee meeting

*   Thursday, 24 February 2022 - 12:15 PM MT

1.  Agenda will include S/MIME Certificate and Code Signing Certificate 
Working Groups

*   Forecasting attendance:

*   22 in-person

1.  Reminders: 

1.  Bring vaccine cards (any format, photos are OK) and masks
2.  An evening event is planned (Wednesday), will include travel on a bus, 
please see Agenda   for details. 

*   84 remote

1.  WebEx info added to the Agenda 
 , please note meeting info 
changes daily.

 

*   Summer F2F Meeting Announcement (Dean Coclin, DigiCert)

*   Poland (June 6-8), hosted by Certum (Asseco) 
*   Additional details forthcoming

 

*   Any Other Business?

*   None

 

*   Adjourn

*   Meeting adjourned. 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/B Forum face to face meeting schedule

[Dean Coclin via Public]

This is the FINAL Agenda for the CA/B Forum Meeting.


Timezone is US/Mountain Time (MT / Denver) Timezone assistance
  


Tuesday, 22 February 2021 - CA/B Forum Meeting (Day 1)


Grand America Hotel, 555 South Main Street, Salt Lake City, UT 

ALL TIMES LOCAL TO SALT LAKE CITY, MOUNTAIN TIME 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


8:00

9:00

Breakfast available in Imperial Ballroom D



8:30

9:00

Check-in, get situated in Imperial Ballroom C and virtual room, test
audio/video



9:00

9:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Digicert)


9:00

9:15

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Digicert)


9:15

9:20

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Digicert)


9:20

9:30

2

Future face to face meeting schedule

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


9:30

9:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


9:40

9:50

4

Google Root Program Update

Ryan Dickson, Devon O'Brien (Google) Minutes: 


9:50

10:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


10:00

10:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


10:10

10:20

7

Break 


10:20

10:55

8

PSL access “as a service” 

Dr. Peter Thomassen, Guest Speaker

Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


10:55

11:05

9

CCADB Update

Kathleen Wilson (Mozilla) Minutes: 


11:05

11:15

10

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: Clemens


11:15

11:25

11

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: Arno


11:25

11:45

12

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


11:45

11:55

13

Break 

Summary Presentations from Working Groups on accomplishments in 2021 and
plans for 2022 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


11:55

12:15

14

SCWG

Jos Purvis (Cisco)Minutes: 


12:15

12:25

15

CSCWG

Bruce Morton (Entrust)Minutes: 


12:25

12:35

16

SMCWG

Stephen Davidson (DigiCert)Minutes: 


12:35

12:45

17

NetSec WG

Clint Wilson (Apple)Minutes: 


12:45

13:00

18

Infrastructure WG Meeting

Jos Purvis (Cisco)Minutes: 

ADJOURN 1pm 


13:00

14:00

18

Lunch available in Imperial Ballroom D


Wednesday, 23 February 2022 - CA/B Forum Meeting (Day 2)


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


7:00

8:00

Breakfast available Imperial Ballroom D



7:30

8:00

Check-in, get situated in Imperial Ballroom C and virtual room, test
audio/video



8:00

8:00

Call to Order and Welcome 

Dean Coclin (Chair) 


8:00

8:10

0

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo Policy,
Logistics, Antitrust Statement, Code of Conduct

Dean Coclin (Chair)


8:10

8:15

0

Call to Order - Server Certificate Working Group and Validation Meeting 

Jos Purvis (Cisco)


8:15

8:30

1

Antitrust Statement, Attendance, Assign Minute Taking, Approval of SCWG
Minutes from last teleconference

Jos Purvis (Cisco)


8:30

8:45

1a

Code of Conduct Review and Expectations



8:45

9:00

1b

Review of Membership: CommScope

Jos Purvis (Cisco)


9:00

9:45

1c

Discussion of CRL Reason Codes and Revocation for Key Compromise

Led by Ben Wilson (Mozilla) & Kathleen Wilson (Mozilla); Minutes TBD


9:45

10:15

1d

Discussion TBD



10:15

10:30

Break 



10:30

12:30

2

Continue with Validation Meeting 

Corey Bonnell (DigiCert)


12:30

12:30

Adjourn Validation Meeting



13:00

14:00

Lunch available in Imperial Ballroom D



17:15

17:30

Meet in Hotel Lobby for departures to evening event



17:30

17:30

Depart Hotel for custom mini tour



18:15

19:00

Arrive at event destination and reception



19:00

21:00

Event and Dinner



21:00

21:00

Depart for hotel




Thursday, 24 February 2022 - CA/B Forum Meeting (Day 3) 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


7:00

8:00

Breakfast available in Imperial Ballroom D



7:45

8:00

Get situated in Imperial Ballroom C and virtual room, test
audio/video



8:00

8:00

0

Call to Order - S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert)


8:00

10:00

1

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


10:00

10:00

Adjourn S/MIME Certificate Working Group Meeting



10:0

[cabfpub] Final CA/Browser Forum agenda - Thursday, February 17, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call. This will be an abbreviated
call since the F2F is next week


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Feb 3rd) 

Dean






0:10

11:35

11:45

9

Next F2F: Salt Lake City, Feb 22-24 2022. Final Info

Dean


0:01

11:45

11:50

10.

Summer Meeting announcement

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, February 17, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

 

Here is the draft agenda for the subject call. This will be an abbreviated
call since the F2F is next week


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Feb 3rd) 

Dean








0:10

11:35

11:45

9

Next F2F: Salt Lake City, Feb 22-24 2022. Final Info

Dean


0:01

11:45

11:50

10.

Summer Meeting announcement

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum Meeting January 20, 2022

[Dean Coclin via Public]

Attendees: 

 

Aaron Gable (Let's Encrypt), Adam Clark (Visa), Adam Jones (Microsoft), Andrea 
Holland (SecureTrust), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce 
Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson 
(Apple), Corey Bonnell (Digicert), Daryn Wright (GoDaddy), Dean Coclin 
(Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin 
Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan 
Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi 
(GlobalSign), Inigo Barreira (Sectigo), Israel Ventura (US Federal PKI 
Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor 
Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Kati Davids 
(GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Miguel Sanchez 
(Google), Natalia Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul 
van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Pekka Lahtiharju 
(Telia Company), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca 
Kelley (Apple), Ryan Dickson (Google), Stephen Davidson (Digicert), Tadahiko 
Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Hollebeek (Digicert), 
Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler 
Myers (GoDaddy), Vijay Kumar (India PKI Forum), Wayne Thayer (Fastly), Wendy 
Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry 
Services)

 

*   Roll Call

*   Dean captured the roll. 

 

*   Read Antitrust Statement

*   Jos read the antitrust statement. 

 

*   Review Agenda

*   Dean reviewed the agenda. No changes. 

 

*   Approval of minutes of last call (Dec 9th and Jan 6th). 

*   Dec 9th minutes - minor update to NIST 800-63 version (formerly listed 
ast NIST 863)
*   Other than that, no issues were communicated.

 

*   Forum Infrastructure Subcommittee update (Jos Purvis)

*   No meeting, no update. 

 

*   Code Signing Certificate Working Group update (Bruce Morton)

*   Still working on subscriber key protection ballot
*   Eventually will move into changing BR format into 3647 format
*   Working on planning F2F updates 

 

*   S/MIME Certificate Working Group update (Stephen Davidson)

*   Met yesterday (1/19)
*   Several items on agenda, only able to discuss the first.

*   Methods for mailbox validation

1.  Draft language that exists for the domain validation methods coming 
from the BRs, as well as the possibility of authenticating control over an 
individual mailbox (the first option is the bulk authorization for an 
enterprise RA, the second, for example, is for a one off approval)
2.  New proposed method - new to us and the TLS BRs, proposed by Foutis 
(Google) to use mxrecords.

1.  A lot of discussion surrounding this because it has similarities to 
discussions that have taken place in the TLS group related to CNAMEs.
2.  General agreement it’s an important method to include - people are 
digging into how we express it. 

3.  Some discussion on validity of random values (adopted from TLS BRs) - 
where possibly the adopted timeframes were too long and should be revisited.

1.  Have this discussion take place upstream at the TLS group.

4.  Some related discussions that will be picked up at the next meeting 
related to information reuse periods, and different aspects of enterprise RAs.

 

*   NetSec Working group establishment and report

*   Updates from Ben:

*   Need to update Google Sheet/Membership records

1.  Clint has been helping with updates

*   Discussed resetting the meeting time, perhaps into the infrastructure 
committee slot (more participants in the NetSec group, would be ideal if 
infrastructure group could move to a different time).  
*   In any event, there will be a poll to help determine the future meeting 
time.

1.  Current time slot (11 AM PT)  is not favorable for folks in Europe.

 

*   Next F2F: Salt Lake City, Feb 22-24 

*   Chairs and Vice Chairs are meeting on 1/21 to discuss and set agenda.
*   If you are coming in person, please fill out the Wiki (dedicated 
section depending on participant type).

*   If attending in-person, there are discounted rates available at the 
hotel 
*   Dean is looking forward to getting the group together.

 

*   Any Other Business?

*   None. 

 

*   Next call:  

*   February 3, 2022

 

*   Adjourn

*   Meeting adjourned. 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/B Forum face to face meeting schedule

[Dean Coclin via Public]

Below is the draft agenda for the face to face meeting on February 22-24.
Please submit changes to the list.

 

Timezone is US/Mountain Time (MT / Denver) 


Tuesday, 22 February 2021 - CA/B Forum Meeting (Day 1)


ALL TIMES LOCAL TO SALT LAKE CITY, MOUNTAIN TIME 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


8:00

9:00

Breakfast available in Imperial Ballroom D



8:30

9:00

Check-in, get situated in Imperial Ballroom C and virtual room, test
audio/video



9:00

9:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Digicert)


9:00

9:15

0

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics,
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Digicert)


9:15

9:20

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Digicert)


9:20

9:30

2

Future face to face meeting schedule

Dean Coclin (Chair)

Browser Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


9:30

9:40

3

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


9:40

9:50

4

Google Root Program Update

Ryan Dickson, Devon O'Brien (Google) Minutes: 


9:50

10:00

5

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


10:00

10:10

6

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


10:10

10:20

7

Break 


10:20

10:55

8

PSL access “as a service” 

Dr. Peter Thomassen, Guest Speaker

Audit Updates 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


10:55

11:05

9

CCADB Update

Kathleen Wilson (Mozilla) Minutes: 


11:05

11:15

10

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 


11:15

11:25

11

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


11:25

11:45

12

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


11:45

11:55

13

Break 

Summary Presentations from Working Groups on accomplishments in 2021 and
plans for 2022 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


11:55

12:15

14

SCWG

Jos Purvis (Cisco)Minutes: 


12:15

12:25

15

CSCWG

Bruce Morton (Entrust)Minutes: 


12:25

12:35

16

SMCWG

Stephen Davidson (DigiCert)Minutes: 


12:35

12:45

17

NetSec WG

Clint Wilson (Apple)Minutes: 


12:45

13:00

18

Infrastructure WG Meeting

Jos Purvis (Cisco)Minutes: 

ADJOURN 1pm 


13:00

14:00

18

Lunch available in Imperial Ballroom D


Wednesday, 23 February 2022 - CA/B Forum Meeting (Day 2) 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


7:00

8:00

Breakfast available Imperial Ballroom D



7:30

8:00

Check-in, get situated in Imperial Ballroom C and virtual room, test
audio/video



8:00

8:00

Call to Order and Welcome 

Dean Coclin (Chair) 


8:00

8:10

0

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo Policy,
Logistics, Antitrust Statement, Code of Conduct

Dean Coclin (Chair)


8:10

8:15

0

Call to Order - Server Certificate Working Group and Validation Meeting 

Jos Purvis (Cisco)


8:15

10:15

1

Antitrust Statement, Attendance, Code of Conduct Review, Assign Minute
Taking, Approval of SCWG Minutes from last teleconference, General meeting

Jos Purvis (Cisco)


10:15

10:30

Break 



10:30

12:30

2

Continue with Validation Meeting 

Corey Bonnell (DigiCert)


12:30

12:30

Adjourn Validation Meeting



13:00

14:00

Lunch available in Imperial Ballroom D



17:15

17:30

Meet in Hotel Lobby for departures to evening event



17:30

17:30

Depart Hotel for custom mini tour



18:15

19:00

Arrive at event destination and reception



19:00

21:00

Event and Dinner



21:00

21:00

Depart for hotel




Thursday, 24 February 2022 - CA/B Forum Meeting (Day 3) 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


7:00

8:00

Breakfast available in Imperial Ballroom D



7:45

8:00

Get situated in Imperial Ballroom C and virtual room, test
audio/video



8:00

8:00

0

Call to Order - S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert)


8:00

10:00

1

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


10:00

10:00

Adjourn S/MIME Certificate Working Group Meeting



10:00

10:15

2

Break 



10:15

10:15

3

Call to Order - Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust)


10:15

12:15

Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust) 


12:15

12:15

Adjourn Code Signing Certificate Working Group Meeting



12:30

14:00

Lunch available in Imperial Ballroom D



 

 

Dean Coclin

 

 



smime.p7s
Description: 

[cabfpub] F2F minutes published

[Dean Coclin via Public]

FYI-The minutes from the last face to face meeting are now published on the 
website:

https://cabforum.org/2022/01/06/minutes-of-the-ca-browser-forum-f2f-meeting-54-virtual-13-14-october-2021/









smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, February 3, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Jan 20th) 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki and hotel signups open

Dean


0:01

11:59

12:00

10.

Next call: Feb 17th - should we hold off till F2F?

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, February 3, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Jan 20th) 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

NetSec Working group report

Clint


0:04

11:55

11:59

9

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki and hotel signups open

Dean


0:01

11:59

12:00

10.

Next call: Feb 17th - should we hold off till F2F?

Dean


Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum Meeting December 9, 2021

[Dean Coclin via Public]

Here are the final minutes of the subject call:

 

Attendees: Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben
Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris
Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson (Apple), Corey
Bonnell (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback
(Microsoft), Fumihiko Yoneda (Japan Registry Services), Inaba Atsushi
(GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos
Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota
(Microsoft),Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg
(Sectigo), Niko Carpenter (SecureTrust), Pedro Fuentes (OISTE Foundation),
Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple),
Ryan Dickson (Google), Sebastian Schulz (GlobalSign), Tadahiko Ito (SECOM
Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers
(GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management
Authority), Yosiaki Iida (SECOM Trust Systems), Adam Jones (Microsoft),
PekkaLahtiharju (Telia)

 

1.  Opening Procedures- Karina 

a.  Roll Call 
b.  Read Antitrust Statement
c.  Review Agenda
d.  Approval of minutes of last call

a.  Approved

 

2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  Reviewed plugin that will autosync Github content onto Wordpress
site

a.  Looks promising for automated publication of ballots that would
allow it go to through a workflow and get published 
b.  This doesn't really work well for automated minutes publishing
c.  Will likely move forward on templates on how to do this for ballots

a.  Idea of having a governance subcommittee with representation from
the working groups to maintain the bylaws

a.  Could have discussions on the bylaws as a group rather than pushing
it on to the chair

b.  Publication of a new member packet and some checklists and some
thoughts on whats in the Google drive
c.  Github Activity summaries are going out automatically
d.  New membership spreadsheet has been populated
e.  Moving DNS for CABForum.net over

 

3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  95% complete with ballot on subscriber key protection to get it out

a.  Improve keys and how Cas validate that the keys are in the hardware

2.  Close to moving the CSBRs to 3647 format and using the handoff
format

 

4.  SMIME working group update given by Ben Wilson

a.  Talking about identity, vetting, scoring 
b.  Discussed NIST SP 800-63 frameworks for identifying people and to
what degree they want to do that

 

5.  Next F2F: Salt Lake City, Feb 22-24 2022. Wiki and hotel signups
open

 

6.  Any Other Business:

a.  None

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call January 6, 2022

[Dean Coclin via Public]

Here are the final minutes for the subject call:



Attendance:



Adam Jones (Microsoft)

Adrian Mueller (SwissSign)

Andrea Holland (SecureTrust)

Ben Wilson (Mozilla)

Bruce Morton (Entrust)

Chris Kemmerer (SSL.com)

Clint Wilson (Apple)

Corey Bonnell (Digicert)

Dean Coclin (Digicert)

Dimitris Zacharopoulos (HARICA)

Doug Beattie (GlobalSign)

Dustin Hollenback (Microsoft)

Enrico Entschew (D-TRUST)

Fumihiko Yoneda (Japan Registry Services)

Hazhar Ismail (MSC Trustgate Sdn Bhd)

Inaba Atsushi (GlobalSign)

Israr Ahmed (E-tugra)

Joanna Fox (TrustCor Systems)

Johnny Reading (GoDaddy)

Jos Purvis (Cisco Systems)

Karina Sirota (Microsoft)

Kati Davids (GoDaddy)

Mads Henriksveen (Buypass AS)

Marcelo Silva (Visa)

Martijn Katerbarg (Sectigo)

Niko Carpenter (SecureTrust)

Peter Miskovic (Disig)

Rae Ann Gonzales (GoDaddy)

Rebecca Kelley (Apple)

Ryan Dickson (Google)

Stephen Davidson (Digicert)

Tadahiko Ito (SECOM Trust Systems)

Tim Hollebeek (Digicert)

Trevoli Ponds-White (Amazon)

Tyler Myers (GoDaddy)

Vijayakumar (Vijay) Manjunatha (eMudhra)

Wayne Thayer (Fastly)

Wendy Brown (US Federal PKI Management Authority)

Yoshiro Yoneya (Japan Registry Services)







1.  Opening Procedures- Dean

a.  Roll Call



2.  Read Antitrust Statement
3.  Review Agenda
4.  Approval of minutes of last call

a.  Face to Face minutes approved



2.  Forum Infrastructure Subcommittee update given by Jos Purvis

a.  No update due to no meetings since last meeting



3.  Code Signing Certificate Working Group update given by Bruce Morton

a.  Working on ballot for subscriber key protection
b.  Making progress on changing format for CSBRs
c.  Taking about verification for open source projects- how to issue CS 
certificates to open source projects or members of OS projects
d.  Changing the validity period for timestamp authorities certificates and 
rekey requirements



4.  SMIME working group update given by Stephen Davidson

a.  Talking about actual verification regimes covering 3 areas:

a.  The organization
b.  Control over the domain or mailbox
c.  The individual identity

a.  Discussion about OV and EV for S/MIME certificates and how to verify 
the 
legal existence of entities in both cases, but especially EV
b.  Tried to adopt standards that have come out of the baseline requirements

a.  Discussions of where there are deviations from the baseline requirements
b.  Example, there are some stipulations of subscriber keys that are 
specific 
to TLS but don't really apply to S/MIME

c.  Question: When will you have draft BRs out?

a.   2022 is the intent

5.  F2F dates

a.  June meeting- RSA conference was postponed until June meeting with 
Certum. 
Polled of 39 participants on call, 1 has said they may be attending.  No 
additional comments.

a.  Unclear what the status of this meeting is at this time.
b.  The reason for doing it is due to a forum that will be held at the same 
time at that location and thought that Forum participants will want to stay 
and listen for it.
c.  Similar case for Berlin, where Face to Face is scheduled at the same 
time 
as CA Day

a.  People who are going to Salt Lake City should review the registration 
page 
modify the additional columns that were added.



6.  Any Other Business:

a.  None



7.  Next call: January 20th, 2022



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, January 20, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th and Jan 6th) 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki and hotel signups open

Dean


0:04

11:55

11:59

9

NetSec Working group establishment and report

Ben


0:01

11:59

12:00

10.

Next call: Feb 3rd



Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, January 20, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th and Jan 6th) 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki and hotel signups open

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: Feb 3rd



Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), MEETING IS SUBJECT TO
CHANGE DUE TO RSA CONFERENCE MOVE TO THE SAME WEEK
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, January 6, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the final agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th). F2F Minutes approval

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki signups open

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: Jan 20th



Adjourn



 


F2F Meeting Schedule: 


*   2022

*   Feb 22-24 - Salt Lake City, Utah
*   June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be
followed by the Trusted Economy Forum on Weds-Thurs), 
*   Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be
followed by the CA Day and TSP event on Thurs/Fri)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, January 6, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th). F2F Minutes approval

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022. Wiki signups open

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: Jan 20th



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb 22-24 - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Voting Results Announcement for FORUM-17-Amended

[Dean Coclin via Public]

Slight correction to the voting results: the number of CAs voting yes is 22, 
not 23. The error was in the first bullet below.

 

Dean Coclin

 

From: Public  On Behalf Of Dean Coclin via Public
Sent: Monday, December 27, 2021 6:13 PM
To: CABforum1 
Subject: [cabfpub] Voting Results Announcement for FORUM-17

 

 

The voting on ballot FORUM-17 has completed, and the ballot has passed.

 

Voting Results

Certificate Issuers

22 votes total, with no abstentions:

*   23 22 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, 
eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let's 
Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia 
Company, SecureTrust, 
*   0 No Votes
*   0 Abstentions

NOTE: A vote placed by GlobalTrust was not received on the public list and will 
not be counted.

 

Certificate Consumers

2 votes total, with no abstentions:

*   2 Yes votes: Google, Mozilla, 
*   0 No votes
*   0 Abstentions

 

Bylaw Requirements

1. Bylaw 2.3(f) requires:

A "yes" vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of 
Certificate Consumer votes. Votes to abstain are not counted for this purpose.
This requirement was MET for Certificate Issuers and MET for Certificate 
Consumers.

At least one Certificate Issuer and one Certificate Consumer Member must vote 
in favor of a ballot for the ballot to be adopted.
This requirement was MET.

2.Bylaw 2.3(g) requires that a ballot result only be considered valid when 
“more than half of the number of currently active Members has participated”. 
Votes to abstain are counted in determining quorum. Half of the currently 
active members at the start of voting was 14, so the quorum was 15 for this 
ballot.
This requirement was MET.


-  NEXT STEPS - INSTRUCTIONS FOR CA/BROWSER FORUM MEMBERS -

Existing CA/Browser Forum members must declare their intent to participate in 
the NetSec WG by email to  <mailto:questi...@cabforum.org> 
questi...@cabforum.org, including a statement of the Voting Class by which they 
qualify and the names/email addresses of their designated representatives who 
will participate and who will vote. We recommend that this be done by January 
15, 2022.

Once declarations of participation have been gathered, the NetSec WG’s acting 
chair will convene a meeting tentatively scheduled for Tuesday, January 18, 
2022, at 2 PM EDT, the agenda for which will include:
-   Adopting a list of initial members from the list of proposed, 
qualifying applicants in conformance with the NetSec WG Charter
-   Appointing a Chair, Vice Chair, and Webmaster for the NetSec WG

-   Discuss the WG’s first ballot – adoption of the Network and Certificate 
System Security Requirements (NCSSRs) and the IPR review period
-   Outline the goals and deliverables of the NetSec WG

 

In the interim, the NCSSRs remain a valid guideline of the CA/Browser Forum. 
Existing members of the working groups that have adopted the current NCSSRs are 
bound by the IPR Policy’s Royalty-Free license.



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Voting Results Announcement for FORUM-17

[Dean Coclin via Public]

 

The voting on ballot FORUM-17 has completed, and the ballot has passed.

 

Voting Results

Certificate Issuers

22 votes total, with no abstentions:

*   23 Yes votes: Buypass, Certum (Asseco), D-TRUST, DigiCert, Disig, 
eMudhra, Entrust, E-TUGRA, GDCA, GlobalSign, GoDaddy, HARICA, JPRS, Let's 
Encrypt/ISRG, MSC Trustgate, OISTE, SECOM, Sectigo, SSL.com, SwissSign, Telia 
Company, SecureTrust, 
*   0 No Votes
*   0 Abstentions

NOTE: A vote placed by GlobalTrust was not received on the public list and will 
not be counted.

 

Certificate Consumers

2 votes total, with no abstentions:

*   2 Yes votes: Google, Mozilla, 
*   0 No votes
*   0 Abstentions

 

Bylaw Requirements

1. Bylaw 2.3(f) requires:

A "yes" vote by two-thirds of Certificate Issuer votes and by 50%-plus-one of 
Certificate Consumer votes. Votes to abstain are not counted for this purpose.
This requirement was MET for Certificate Issuers and MET for Certificate 
Consumers.

At least one Certificate Issuer and one Certificate Consumer Member must vote 
in favor of a ballot for the ballot to be adopted.
This requirement was MET.

2.Bylaw 2.3(g) requires that a ballot result only be considered valid when 
“more than half of the number of currently active Members has participated”. 
Votes to abstain are counted in determining quorum. Half of the currently 
active members at the start of voting was 14, so the quorum was 15 for this 
ballot.
This requirement was MET.


-  NEXT STEPS - INSTRUCTIONS FOR CA/BROWSER FORUM MEMBERS -

Existing CA/Browser Forum members must declare their intent to participate in 
the NetSec WG by email to   
questi...@cabforum.org, including a statement of the Voting Class by which they 
qualify and the names/email addresses of their designated representatives who 
will participate and who will vote. We recommend that this be done by January 
15, 2022.

Once declarations of participation have been gathered, the NetSec WG’s acting 
chair will convene a meeting tentatively scheduled for Tuesday, January 18, 
2022, at 2 PM EDT, the agenda for which will include:
-   Adopting a list of initial members from the list of proposed, 
qualifying applicants in conformance with the NetSec WG Charter
-   Appointing a Chair, Vice Chair, and Webmaster for the NetSec WG

-   Discuss the WG’s first ballot – adoption of the Network and Certificate 
System Security Requirements (NCSSRs) and the IPR review period
-   Outline the goals and deliverables of the NetSec WG

 

In the interim, the NCSSRs remain a valid guideline of the CA/Browser Forum. 
Existing members of the working groups that have adopted the current NCSSRs are 
bound by the IPR Policy’s Royalty-Free license.



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call, November 11, 2021

[Dean Coclin via Public]

Here are the final minutes for the subject call:

 

1. Attendees: Adrian Mueller (SwissSign), Ali Gholami (Telia), Andrea
Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris
Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean
Coclin (Digicert), Devon O'Brien (Google), Dimitris Zacharopoulos (HARICA),
Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services),
Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo),
Jaime Hablutzel (Wisekey), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco
Systems), Julie Olson (GlobalSign), Kiran Tummala (Microsoft), Karina Sirota
(Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Martijn
Katerbarg (Sectigo), Miguel Sanchez (Google Trust Services), Natalia
Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul van
Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic
(Disig), Rebecca Kelley (Apple), Stephen Davidson (Digicert), Tadahiko Ito
(SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Hollebeek (Digicert),
Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne
Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority)

 

2. The anti-trust statement was read by Jos Purvis

 

3. The agenda was reviewed

 

4. The minutes from the October 28th meeting were approved. The F2F minutes
will be reviewed by the chairs, and minute takers whose sections are still
missing will be alerted. 

 

5. Forum Infrastructure Subcommittee update: Jos Purvis provided the update.


*   Corey Bonnell has implemented a summary bot which pulls items
together from github and sends an email out to the list mailers, so people
can see what's going on without having to go to github
*   Website: The group will work with the WordPress tools and plug-ins
to allow embedding from github repositories to the website directly
*   Discussed creating style guidelines for ballots and minute content.
Would like to start work on this for consistency
*   Reviewed flow charts for ballot process. Need to clearly identify
responsibilities and dates. A "ballot shepherd" would make sure the ballot
process is followed (similar to a parliamentarian).
*   The membership spreadsheet was discussed. Although a database
management tool would make this easier, it would take a lot of time and
effort to implement. Hence it was decided to keep going with the spreadsheet
and look at front end forms that could make it easier to work with.

 

6. Code Signing Working Group update: Bruce Morton gave the report

*   The group reviewed ballot SC50 and the potential impacts to the
CSBRs
*   The group is moving forward with converting the CSBRs to RFC 3647
format
*   CSC 11 has completed IPR review
*   CSC 12 is in IPR review
*   The main topic of discussion was Subscriber Key Protection and the
proposed ballot. Ian provided another draft and good progress is being made

 

7. S/MIME Working Group update: Stephen Davidson gave the update:

*   Discussion around delegated 3rd parties (Enterprise RAs and External
SubCAs). This should be similar to the requirements in the TLS BRs, with
similar roles and stipulations
*   Good progress being made in drafting the S/MIME BRs. Currently in
github with progress on cert profiles

 

8. Next F2F meeting: Dean announced the next meeting will be in Salt Lake
City, hosted by DigiCert, on Feb 22-24, 2022. Accommodations will be made
for remote participation as well. A discussion around safety protocols
including vaccine card requirements, testing requirements and health
measures took place. Dean was meeting with the event planner later in the
day and will bring up these concerns. Stats around infection
rates/hospitalizations were requested.

 

9. No other business. Meeting was adjourned.

 

 

Dean Coclin

CA/B Forum Chair

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, December 9, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: 



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb 22-24 - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, December 9, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Nov 11th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: 



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb 22-24 - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum call October 28, 2021

[Dean Coclin via Public]

Here are the final minutes of the subject call:

 

Attendees: Ali Gholami (Telia), Andrea Holland (SecureTrust), Ben Wilson
(Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan
(Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico
Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi
(GlobalSign), India Donald (US Federal PKI Management Authority), Inigo
Barreira (Sectigo), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy),
Jos Purvis (Cisco Systems), Kati Davids (GoDaddy), Mads Henriksveen (Buypass
AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon
(OATI), Natalia Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul
van Brouwershaven (Entrust), Peter Miskovic (Disig), Rae Ann Gonzales
(GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz
(GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert),
Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Hollebeek
(Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Tyler Myers (GoDaddy), Wendy Brown (US Federal PKI Management
Authority), Yoshiro Yoneya (Japan Registry Services)

 

The anti-trust statement was read.

 

The agenda was reviewed. No changes.

 

No minutes to approve.

 

Forum Infrastructure Report: Jos Purvis gave the update.

There was a very brief discussion on the GitHub digest and Corey has started
poking into implementing the automated digest email digest to GitHub
activity to each of the working groups. He just needs access to send from
the account, which Jos is going to be getting him.

 

Code Signing Working Group Update: Bruce Morton gave the update.

CSC-12 is in the voting period. Working on a ballot for subscriber key
protection. Next priority is to update the code signing service
requirements. Also want to complete changing CSBRs to the RFC 3647 format.

 

S/MIME Working Group Update: Stephen Davidson gave the update.

Continuing the discussion on the validity periods. Apple has settled on 825
days. Would be allowable for the 1 legacy policy, which is intended as kind
of a short term bridge to allow more of the ecosystem to be pulled into this
auditable framework. But the intent is that it would disappear over time.
It's really a debate on the balancing of kind of the desire for automation
and policy agility, versus kind of acknowledging the heavy usage of tokens
and so forth. There has been some willingness on the part of a certificate
consumers to consider 2095 day legacy period, as long as there is a hard
date that it would be deprecated. So that's really an ongoing discussion.
We've also had a discussion of the contents of the version 1, primary
deliverable. Certainly for those who would like to see the evolution of that
document, it is publicly available out In the cab form, GitHub repository,
there's, the S/mine section and you would be looking for the SBR. There's a
version called the Pre SBR that is the working draft. The next step in our
list of discussions there, was a specific request from a certificate
consumer asking to have, as a focused discussion, the topic of external
enterprise RAs. So that's what's next on our agenda.

 

Next Meetings:
Next face to face meeting will be in person hosted by DigiCert in Salt Lake
City. Proposed dates are Feb 22-24. RSA Conference is week of Feb 7th.
Discussed possibly starting meeting on Weds vs. Tuesday. Dean will send out
Doodle poll but preference is to start on Tuesday, Feb 22nd. 

 

Other meetings:
Dates have been set for June and October meetings. 

June 6-8 Poland (Asseco)

October 24-26 Berlin (D-Trust)

 

No other business

 

Meeting adjourned

 

Dean Coclin

CA/B Forum Chair

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Final CA/Browser Forum agenda - Thursday, November 11, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

All meeting links are on the wiki: 
https://wiki.cabforum.org/teleconference_numbers, accessible by members.

 

Dean

 

From: Public  On Behalf Of ahmed--- via Public
Sent: Wednesday, November 10, 2021 9:16 AM
To: CABforum1 
Subject: Re: [cabfpub] Final CA/Browser Forum agenda - Thursday, November 11, 
2021 at 11:30 am Eastern Time

 

Dear Dean Coclin,

Hope you are fine.

Sorry to send message on large audience. How can I get the meeting link for 
tomorrow call?

I tried to find it from WIKI but unable to find. Please share the link or point 
me the location from I can get it. Thanks.

Regards,
Ahmed

- Original Message -
From: Dean Coclin via Public [mailto:public@cabforum.org] 
<mailto:public@cabforum.org> 
To: "CABforum1" mailto:public@cabforum.org> >
Sent: Tue, 9 Nov 2021 20:25:44 +
Subject: [cabfpub] Final CA/Browser Forum agenda - Thursday, November 11, 2021 
at 11:30 am Eastern Time

Here is the final agenda for this week's meeting.

 


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Oct 28th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7.

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022

Dean


0:04

11:55

11:59

9

Any Other Business

 


0:01

11:59

12:00

10.

Next call: No call on Nov 25th (Thanksgiving)

 


 

 

 

 

Adjourn;

 

 


F2F Meeting Schedule:


*   2022: Feb 22-24 – Salt Lake City, June 6-8 - Poland, Oct 24-26 - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, November 11, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the final agenda for this week's meeting.

 


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Oct 28th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: No call on Nov 25th (Thanksgiving)



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb 22-24 - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] FW: Draft CA/Browser Forum agenda - Thursday, November 11, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Resending

 

From: Dean Coclin 
Sent: Monday, November 8, 2021 1:20 PM
To: CABforum1 
Subject: Draft CA/Browser Forum agenda - Thursday, November 11, 2021 at
11:30 am Eastern Time

 

 

 

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Oct 28th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb 22-24 2022

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: No call on Nov 25th (Thanksgiving)



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb 22-24 - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] FW: Final CA/Browser Forum agenda - Thursday, October 28, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Date Correction!

 

 

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Sept 30th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb/Mar 2022

Dean


0:04

11:55

11:59

9

Any Other Business: Discuss Summer 2022 Meeting dates



0:01

11:59

12:00

10.

Next call: November  11, 2021



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb/Mar - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, October 26, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Sept 30th). F2F Minutes status

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb/Mar 2022

Dean


0:04

11:55

11:59

9

Any Other Business: Discuss Summer 2022 Meeting dates



0:01

11:59

12:00

10.

Next call: November  11, 2021



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb/Mar - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, October 26, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Sept 30th)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

Next F2F: Salt Lake City, Feb/Mar 2022

Dean


0:04

11:55

11:59

9

Any Other Business: Discuss Summer 2022 Meeting dates



0:01

11:59

12:00

10.

Next call: November  11, 2021



Adjourn;



 


F2F Meeting Schedule: 


*   2022: Feb/Mar - Salt Lake City, June 6-8 - Poland, Oct 24-26 -
Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/B Forum Virtual F2F Agenda

[Dean Coclin via Public]

Here is the final agenda for this week’s meeting. There was one addition to the 
agenda since the draft was published. All times in US ET (New York):

 


Tuesday, 12 October 2021 - Chartered Working Groups and SCWG Subcommittees 
meetings day


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


9:30

10:00

Check-in, get situated in virtual room, test audio/video



10:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Digicert)


10:00

10:15

1

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics, 
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Digicert)


10:15

Call to Order - Server Certificate Working Group Meeting 

Jos Purvis (Cisco)


10:15

11:15

2

Validation Subcommittee 

Tim Hollebeek (Digicert), Wayne Thayer (Fastly)


11:15

11:30

Break 


11:30

13:30

3

Network Security Subcommittee

Clint Wilson (Apple)


13:30

Adjourn Server Certificate Working Group Meeting



Wednesday, 13 October 2021 - Plenary Meeting (Day 1)


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


9:30

10:00

Check-in, get situated in virtual room, test audio/video



10:00

Call to Order and Welcome - CA/Browser Forum Plenary Meeting 



10:00

10:09

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo 
Policy, Logistics, Antitrust Statement, Code of Conduct, Take Attendance, 
Assign Minute Takers

Dean Coclin (Digicert)


10:09

10:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Digicert)


10:10

10:15

2

Future face to face meeting schedule

Dean Coclin (Chair)


10:15

10:25

3

Infrastructure WG Recap

Jos Purvis (Cisco) 


10:25

11:05

4

What’s in a Name? Exploring CA Certificate Control

Zane Ma, Guest Speaker


11:05

Adjourn CA/Browser Plenary Meeting


Wednesday, 13 October 2021 - Server Certificate Working Group Meeting (Day 1)


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


11:05

Call to Order - Server Certificate Working Group Meeting 

Jos Purvis (Cisco)


11:05

11:10

5

Antitrust Statement, Take Attendance, Assign Minute Taking, Approval of SCWG 
Minutes from last teleconference

Jos Purvis (Cisco)


11:10

11:20

6

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


11:20

11:30

7

Google Root Program Update

Ryan Sleevi, Devon O'Brien (Google) Minutes: 


11:30

11:40

8

Apple Root Program Update

Clint Wilson (Apple) Minutes: 


11:40

11:50

9

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


11:50

12:00

10

CCADB Update

Kathleen Wilson (Mozilla) Minutes: 


12:00

12:10

11

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 


12:10

12:20

12

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


12:20

Adjourn and take Group Photo on the Videoconference! 



12:25

12:30

Break 



12:30

Call to Order - Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust)


12:​30

14:30

Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust) 


14:30

Adjourn Code Signing Certificate Working Group Meeting



Thursday, 14 October 2021 - Server Certificate Working Group Meeting (Day 2)


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


9:45

10:00

Get situated in virtual room, test audio/video



10:00

Continuation of Server Certificate Working Group Plenary Meeting 

Jos Purvis (Cisco)


10:00

10:10

Recap of Preliminary Matters, Logistics, Antitrust Statement, Take 
Attendance, Assign Minute Taking

Jos Purvis (Cisco)


10:10

10:40

12

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


10:40

10:50

13

Break 



10:50

11:10

14

Guest topic: News about qualified certificates for website authentication

Enrico Entschew Minutes: 


11:10

11:30

15

Guest presentation: Designing the new eIDAS 2 browser UI

Chris Bailey Minutes: 


11:30

12:00

16

Certificate Grandfathering 

Rob Stradling Minutes:


12:00

12:05

17

Review accomplishments, list of tasks, next meeting virtual 

Jos Purvis (Cisco)


12:05 

Adjourn SCWG Meeting 



12:05

12:15

Break



12:15

Call to Order - S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert)


12:15

14:00

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


14:00

Adjourn S/MIME Certificate Working Group Meeting



 


Dean Coclin Jos Purvis

CA/B Forum ChairSCWG Chair



smime.p7s
Description: S/MIME cryptographic signature
_

[cabfpub] DRAFT CA/B Forum Virtual F2F Agenda

[Dean Coclin via Public]

 

Below is the DRAFT agenda for the meeting next week for all the CA/B Forum 
meetings. We will use the normal webex info from our bi-weekly calls.

 

Tuesday, 12 October 2021 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes 


9:30

10:00

Check-in, get situated in virtual room, test audio/video



10:00

Call to Order - CA/Browser Forum Meeting 

Dean Coclin (Digicert)


10:00

10:15

1

Welcome, Preliminary Matters, Meeting Recordings, Photo Policy, Logistics, 
Antitrust Statement, Code of Conduct, Take Attendance, Assign Minute Takers

Dean Coclin (Digicert)


10:15

Call to Order - Server Certificate Working Group Meeting 

Jos Purvis (Cisco)


10:15

11:15

2

Validation Subcommittee 

Tim Hollebeek (Digicert), Wayne Thayer (Fastly) Minutes: 


11:15

11:30

Break 


11:30

13:30

3

Network Security Subcommittee

Clint Wilson (Apple) Minutes: 


13:30

Adjourn Server Certificate Working Group Meeting



Wednesday, 13 October 2021 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


9:30

10:00

Check-in, get situated in virtual room, test audio/video



10:00

Call to Order and Welcome - CA/Browser Forum Plenary Meeting 



10:00

10:09

Welcome, Recap of Preliminary Matters, Meeting Recordings, Photo 
Policy, Logistics, Antitrust Statement, Code of Conduct, Take Attendance, 
Assign Minute Takers

Dean Coclin (Digicert)


10:09

10:10

1

Approval of CABF Minutes from last teleconference

Dean Coclin (Digicert)


10:10

10:15

2

Future face to face meeting schedule

Dean Coclin (Chair)


10:15

10:25

3

Infrastructure WG Recap

Jos Purvis (Cisco) 


10:25

11:05

4

What’s in a Name? Exploring CA Certificate Control

Dr. Zane Ma, Guest Speaker


11:05

Adjourn CA/Browser Plenary Meeting

 


Start 

Stop 

Slot 

Description

Discussion Leader / Notes


11:05

Call to Order - Server Certificate Working Group Plenary Meeting 

Jos Purvis (Cisco)


11:05

11:10

5

Antitrust Statement, Take Attendance, Assign Minute Taking, Approval of SCWG 
Minutes from last teleconference

Jos Purvis (Cisco)


11:10

11:20

6

Mozilla Root Program Update

Ben Wilson (Mozilla) Minutes: 


11:20

11:30

7

Google Root Program Update

Ryan Sleevi, Devon O'Brien (Google)


11:30

11:40

8

Apple Root Program Update

Clint Wilson (Apple)


11:40

11:50

9

Microsoft Root Program Update

Karina Sirota (Microsoft) Minutes: 


11:50

12:00

10

CCADB Update

Kathleen Wilson (Mozilla) Minutes: 


12:00

12:10

11

ETSI Update

Arno Fiedler (Vice Chair ETSI ESI) Minutes: 


12:10

12:20

12

Acab'c Update

Clemens Wanko (TÜV AUSTRIA) Minutes: 


12:20

Adjourn and take Group Photo on the Videoconference! 



12:25

12:30

Break 



12:30

Call to Order - Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust)


12:​30

14:30

Code Signing Certificate Working Group Meeting 

Dean Coclin (Digicert), Bruce Morton (Entrust) 


14:30

Adjourn Code Signing Certificate Working Group Meeting



Thursday, 14 October 2021 


Start 

Stop 

Slot 

Description 

Discussion Leader / Notes


9:45

10:00

Get situated in virtual room, test audio/video



10:00

Continuation of Server Certificate Working Group Plenary Meeting 

Jos Purvis (Cisco)


10:00

10:10

Recap of Preliminary Matters, Logistics, Antitrust Statement, Take 
Attendance, Assign Minute Taking

Jos Purvis (Cisco)


10:10

10:40

12

Webtrust Update 

Jeff Ward (BDO), Don Sheehy (CPA Canada) Minutes: 


10:40

10:50

13

Break 



10:50

11:10

14

Guest topic: News about qualified certificates for website authentication

Enrico Entschew Minutes: 


11:10

11:30

15

Guest presentation: Designing the new eIDAS 2 browser UI

Chris Bailey Minutes: 


11:20

11:50

16



11:50

11:55

17

Review accomplishments, list of tasks, next meeting

Jos Purvis (Cisco)


11:55 

Adjourn SCWG Meeting 



11:55

12:00

Break



12:00

Call to Order - S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert)


12:00

14:00

S/MIME Certificate Working Group Meeting 

Stephen Davidson (Digicert) Minutes: 


14:00

Adjourn S/MIME Certificate Working Group Meeting



 

 

Dean Coclin Jos 
Purvis

CA/B Forum Chair  SCWG Chair



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

Re: [cabfpub] Organization change notice

[Dean Coclin via Public]

Please see the notice below from Primekey.



Dean



From: Tomas Gustavsson
Sent: Friday, October 1, 2021 8:52 AM
To: Dean Coclin
Subject: Organization change notice





I tried to send this notice to the public list, but it seems I'm not allowed 
to post as an IP.

-



---

As an Interested Party in CA/B Forum, we would like to make a public notice 
that from June 2021 PrimeKey has merged with Keyfactor. The change of 
ownership does not involve any change to our representatives in CA/B Forum, 
nor any of the software developed as related to our participation in CA/B 
Forum.

-





Cheers,

Tomas







smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum Meeting, September 16, 2021

[Dean Coclin via Public]

Final Minutes of CA/B Forum Meeting, September 16, 2021

 

Attendees: Ali Gholami (Telia), Amanda Mendieta (Apple), Andrea Holland
(SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce
Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey
Bonnell (Digicert), Dean Coclin (Digicert), Doug Beattie (GlobalSign),
Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services),
Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), Inigo Barreira
(Sectigo), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos
Purvis (Cisco Systems), Kati Davids (GoDaddy), Mads Henriksveen (Buypass
AS), Marcelo Silva (Visa), Natalia Kotliarsky (SecureTrust), Paul van
Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelley (Apple),
Ryan Sleevi (Google), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust
Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra),
Wayne Thayer (Mozilla), Yoshiro Yoneya (Japan Registry Services)

 

Jos Purvis read the anti-trust statement


The agenda was reviewed. No changes

 

Minutes of the August 19th call were approved. Minutes for September 2nd
call have not been submitted yet.

 

Forum Infrastructure Subcommittee Update: The update was provided by Jos
Purvis. A meeting was held on the 8th of September. Discussions around
updating the ballot pages on the website. Ben has adjusted the display to
show the ballots from each working group separately. The group discussed
content tagging to help with automated updates and a process for publishing
to the website. The bylaws could use some clarity in this area and the group
plans to propose updates. 

 

Code Signing Certificate Working Group Update: Bruce Morton provided the
update. Corey Bonnell will be the webmaster for the group and a discussion
on training to use Wordpress will be provided by Ben Wilson. Ballots CSCWG 9
and 10 have passed the IPR process. A new ballot on log retention is coming,
being proposed by Ian from Microsoft. The group is working on moving the CS
BRs to Pandoc and RFC 3647 format. A discussion on "invalidity date"
occurred on the list.

 

S/MIME Working Group Update: Stephen Davidson provided the update. The group
is making good progress on the cert profiles, having worked on mailbox,
organization, sponsored individuals, and now personal individuals. The group
discussed the Key Usage Data Encipherment field which legacy profiles may be
using, hence amendments are being made to the profile. Lastly, there was an
inquiry from a certificate consumer on information from CAs issuing certs
with ECC S/MIME usage. Stephen will do a survey to get that information. 

 

Fall F2F meeting: Dean reminded everyone to register for the meeting. There
are 48 registrations as of today. 

 

No other business, meeting adjourned. Next call on September 30th.

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call September 2, 2021

[Dean Coclin via Public]

Here are the final minutes for the subject call.



1.  Opening Procedures- Dean

a.  Roll Call

Adrian Mueller (SwissSign), Ali Gholami (Telia), Amanda Mendieta (Apple), 
Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall 
(GoDaddy), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson 
(Apple), Corey Bonnell (Digicert), David Kluge (Google), Dean Coclin 
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumihiko 
Yoneda  (Japan Registry Services), Hazhar Ismail (MSC Trustgate), Inaba 
Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor 
Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota 
(Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Mike Min 
(GoDaddy), Mike Reilly (Microsoft), Niko Carpenter (SecureTrust), Paul van 
Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Rebecca Kelley 
(Apple), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson 
(Digicert), Tadahiko Ito (SECOM Trust Systems), Trevoli Ponds-White (Amazon), 
Vijayakumar (Vijay) Manjunatha (eMudhra), Yoshiro Yoneya (Japan Registry 
Services), Steven Deitte (GoDaddy)

2.  Read Antitrust Statement
3.  Review Agenda
4.  Approval of minutes of last call

-Ask to look through previous minutes



2.  Forum Infrastructure Subcommittee update given by Jos

a.  Github tagging is enabled and the last couple of ballots up to the 
current 
release and 48 were tagged
b.  Discussion of issues and issue tracking and whether to come out with 
labeling or guides for labeling issues
c.  Brief issue with publication of smart ligatures in the SC48 update. 
Style 
guide was updated with dash types
d.  For SC47, there was a last minute date fix that opened discussion about 
how 
to reopen a branch.
e.  There were several suggestions on how to update the ballot table on the 
website. The working group is trying out options.
f.  Adding DMARC into reporting status and then will move it into a 
quarantine 
status.
g.  GoDaddy is looking at doing is moving the primary DNS records for 
CABforum.org to Amazon's route 53 and then keeping GoDaddy as the secondary. 
That means, we'll be able to control our own DNS but will still have GoDaddy 
as a backup
h.  Will be starting from scratch on a new membership spreadsheet

a.  We will asking each member organization to supply a fresh set of the 
canonical member list for your organization



3.  Code Signing Certificate Working Group update given by Andrea

a.  Had 2 ballots (SC 9 and 10) that had been approved that are in the IPR 
period now
b.  Discussed Ian's ballot for logging and audit retention
c.  Discussed Ian's ballot for subscriber keys. Will  be waiting for a 
clean-up 
ballot for that to go through
d.  Will be reviewing some of the past SC ballots for any impact to the 
code 
signing BRs
e.  Cory is working on the new formatting to move the code signing BRs to 
Pandoc

a.  Will be comparing version 2.5 of the CSBRs and where it now is in the 
new 
doc compared to the 3647 structure and also how it was modified.

e.  Discussed blank sections in the code signing documents to decide how 
the 
working group wants to handle that.



4.  SMIME working group update given by Stephen

a.  Certificate profiles for mailbox validation are basically agreed on for 
individuals representing an organization
b.  Next step is to look at certificate profile for personal certificates
c.  These profiles will lead into the creation of the SMIME BRs



5.  Fall F2F dates

a.  October 12-14, 2021
b.  Guest speaker will be Professor Zane Ma from Georgia Tech
c.  Please let us know comments about the agenda



6.  Any Other Business:

a.  None



7.  Next call: September 16







smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, September 30, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Sept 2nd and Sept 16)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, 65 registrants. PLEASE REGISTER!

Dean


0:04

11:55

11:59

9

Any Other Business: Discuss Summer 2022 Meeting dates



0:01

11:59

12:00

10.

Next call: F2F Meeting  



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, September 30, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (Sept 2nd and Sept 16)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, 65 registrants. PLEASE REGISTER!

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: F2F Meeting  



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final minutes of CA/B Forum call August 19, 2021

[Dean Coclin via Public]

Final minutes of CA/B Forum call August 19, 2021

 

1.  Opening Procedures- Dean 

a.  Roll Call: Adrian Mueller (SwissSign), Amanda Mendieta (Apple),
Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust),
Chris Kemmerer (SSL.com), Chris McMillan (Visa), Christy Berghoff (US
Federal PKI Management Authority), Clint Wilson (Apple), Christy Berghoff
(US Federal PKI Management Authority), David Kluge (Google), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico
Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi
(GlobalSign), India Donald (US Federal PKI Management Authority), Janet
Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading
(GoDaddy), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota
(Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Michelle
Coon (OATI), Mike Min (GoDaddy), Mike Reilly (Microsoft), Niko Carpenter
(SecureTrust), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian
Schulz (GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert),
Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli
Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy
Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry
Services), Anuj Saxena (Web.com), Steven Deitte (GoDaddy)
b.  Read Antitrust Statement
c.  Review Agenda
d.  Approval of minutes of last call

i.  Brief discussion of previous minutes. 

 

2.  Forum Infrastructure Subcommittee update given by Jos 

a.  Github work continuing steadily. The most recent release at SC47
included the new tagging. We'll be posting the documentation on that so that
people understand how to do it in the future.
b.  Digging into the website revamp and then we'll be opening a Google
Doc to track any changes on the test website so that we can replicate them
in the live website. we have to kind of do them in 1 place, approve them and
then do them again on the existing site. 
c.  Ben did some updates per Dimitris's request to the ballots table on
the public website
d.  We'll be looking at how to revamp membership spreadsheet, redo it
and hopefully clean that up into something much more.

 

 

3.  Code Signing Certificate Working Group update given by Bruce

a.  In the last 2 weeks, we have 2 ballots approved. 1 was our clean up
and clarification ballot that closed off a lot of our Parking lot items
we've been creating. This one is under IPR. The other one we pushed in the
new audit requirements, for the merged CSBR document that we have in the
forum. Also under IPR Review. 
b.  We're making some progress at working towards going to the new
format to the RFC 3647 and in the pandoc format. So it's some work there.
And our goal is to get that done by the end of the year
c.  Progress will start on the signing service work that we want to do,
to work on the code signing service requirements in September or October
timeframe.

 

4.  SMIME working group update given by Stephen 

a.  There is a new certificate issuer joining, IdenTrust . there are
currently 29 cert issuers, 6 cert consumers, 3 associate members, 6
interested parties.
b.  Working on the certificate profiles, which has lead to some revisits
of use cases based on what we know of real world use of S/MIME today, to
help clarify which fields and settings are appropriate.
c.  Profile types are mailbox, organization, Individual -affiliated (w/
organization), Individual - personal.
d.  Validation for Org details - at least for the Strict versions of
those profiles - will be drawn from EVG procedures.  Reflecting that vetting
the Subject may use the OrganizationalIdentifer as defined in EVG 9.2.8. and
Appendix H.
e.  Ryan: Is there any hope of a publication of a document that focuses
on the primary deliverable namely, the verification of control over an email
address?

i.  Stephen: Yes. The draft already defines verification of control over
an email address.  Our discussions have also touched upon other Subject
verification topics inasmuch as they impact cert profile fields.  As
decisions made on one cert profile affects other, progress accelerates as we
move from one to the next. 
ii. Ryan: is the working group focused on delivering this primary
deliverable or is the working group focused on the secondary things that
have long been identified? 
iii.Stephen: We do have draft text for email control will be established
and domain control, which is drawn upon the existing work from the baseline
requirements
iv. Ryan: Are we looking at something that might be coming to a vote
within, say, 2 to 3 months or are we looking at something that's, you know,
looking at half a year to year because of work on the secondary features? 
v.  Stephen: Once we have completed our draft cert profiles, which the
WG defined as our first deliverable and I do not

[cabfpub] Final CA/Browser Forum agenda - Thursday, September 16, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, 46 registrants. PLEASE REGISTER!

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 30th  



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, September 16, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, 46 registrants. PLEASE REGISTER!

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 30th  



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, September 2, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, Guest Speaker

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 16th 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, September 2, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14, Guest Speaker

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 16th 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of the CA/B Forum meeting August 5, 2021

[Dean Coclin via Public]

Attendees: Ali Gholami (Telia), Andrea Holland (SecureTrust), Ben Wilson
(Mozilla), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell
(Digicert), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug
Beattie (GlobalSign), Hazhar Ismail (MSC Trustgate), Inaba Atsushi
(GlobalSign), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Johnny
Reading (GoDaddy), Jos Purvis (Cisco Systems), Kati Davids (GoDaddy), Mads
Henriksveen (Buypass AS), Mike Reilly (Microsoft), Niko Carpenter
(SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig),
Rebecca Kelley (Apple), Ryan Sleevi (Google), Shelley Brewer (Digicert),
Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tobias
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer
(Mozilla), Wendy Brown (US Federal PKI Management Authority), Natalia
Kotliarsky (SecureTrust), Brittany Randall (GoDaddy), Tyler Myers (GoDaddy),
Fumihiko Yoneda (Japan Registry Services), Yoshiro Yoney  a (Japan Registry
Services), Mike Min (GoDaddy), Rachel McPherson (Trustcor), Jose Guzman
(GoDaddy)

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Roll Call

Dean Coclin read the roll.

3. Review Agenda

No changes were made to the agenda.

4. Approval of minutes from last teleconference

*   July 8 minutes were approved
*   July 22 minutes were approved

5. Forum Infrastructure Subcommittee update

*   Met on 28 July.  Covered version packet implemented in GitHub.
Gives ability to see which pull request made changes to a document.  Tags go
back only a few versions for documents but will be complete going forward.
*   Redlines is the next thing they are digging into for ballot process.
Moving to an automated process.  In recent ballot had some redline problems
with how MSWord was functioning.

6. Code Signing Certificate Working Group update

*   CSC 9 in voting period.  Ends today and looks like it will pass
*   CSC 10 will go to ballot shorting which will clarify WebTrust
version 2 audit criteria
*   Discussed moving the CS BRs to the new format.  Dimitris created a
Google doc to help map the migration from old to new format
*   Moving out next session on signing services to September

7. S/MIME Certificate Working Group update

*   Met on 4 Aug.  Over past two sessions clarifying direction on
profiles, common terminology, etc.  This is resetting the certificate
profiles.  How Corporate certs were being used was complicating the approach
for profiles.  Resetting the terminology will help move forward.  Profile
will include:

*   Mailbox
*   Legal person
*   Natural person

*   Good, positive discussion in the last two meetings.

8. REMINDER: Fall F2F Dates: Oct 12-14

*   Reminder of the dates for upcoming f2f.  Once Karina is back the
sign up page will be set up and ready to go
*   Keeping an eye on the COVID situation for future F2F meeting impacts

9. Any Other Business

Yoshiro Yoneya asked if anyone had attended the IETF meetings last week.
Any updates?

Ryan stated that Google, DigiCert (Tim Hollebeek) were involved in the LAMPS
discussion. ACME was covered.  DigiCert is working in the LAMPS group.
Document signing EKU creation was discussed.  Google is not supportive for
many reasons.  Long discussions on this topic in the IETF meeting and best
to review the minutes: (https://datatracker.ietf.org/doc/minutes-111-acme/)

Where CABF comes in?  Ryan doesn't think this EKU makes sense and he's
advocated that if this is important for the CABF (e.g. SMIME Working Group)
then there is an opportunity for orgs (e.g. ETSI) or CABF to charter a work
group to define what a document signing cert would look like and how would
it be used. IETF has not adopted anything at this point so the question is
if the CABF needs to adopt a position.

Tadahiko Ito stated there is a demand to have a public document signing EKU
for not using emailProtection certs for (non-email)document signing.  There
might be different ways of realizing EKUs for that purpose.

UTA (Using TLS in Applications) is also a topic being discussed in IETF.
Details can be found in the IETF minutes

10. Next call: August 19th, 2021 at 11AM Eastern

Adjourn


smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, August 19, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 2nd 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, August 19, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement

Jos


0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call 

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: September 2nd 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum call July 22, 2021

[Dean Coclin via Public]

Here are the final minutes of the subject call:

 

1.  Opening Procedures- Dean 

a.  Roll Call 
b.  Read Antitrust Statement
c.  Review Agenda
d.  Approval of minutes of last call

i.  Will send out last week's for review next week  

d.  Introduction of new members

 

2.  Forum Infrastructure Subcommittee update given by Jos 

a.  Will be updating branching for version releases. Each branch will
get released with version number and documents. Each branch will get tagged
with the documents each branch modifies. Will only be updating as long as
GitHub has been used. Should help with redline version as well. 
b.  We will be manually deleting branches about a week after the ballot
is done, but would eventually like to do this automatically. 
c.  Eventually would like to move to doing automatic redlining ballot,
but this is currently a manual process. 

i.  Ryan clarified that there is some redlining going on for certain
types of docs, but not for everything and to reach out to the group if help
is needed. 

 

 

3.  Code Signing Certificate Working Group update given by Bruce

a.  Minute from face-to-face were approved, so those can be posted.
b.  There is an issue with the audit criteria for the new document,
which is causing some issues in the CCADB.
c.  Ballot for cleanup and clarification has been put out. Ian is
working on log data retention ballot currently
d.  Decided to work on signing service in the working group, not in a
subcommittee. 
e.  Trying to work ahead on moving the document to RFC 3647 and the new
PanDoc format. 

 

4.  SMIME working group update given by Stephen 

a.  Discussed the sponsored validation profile- this is a certificate
that has both organization information and personal information, e.g. an
employee of an organization. 

 

 

5.  Fall F2F dates

a.  October 12-14, 2021
b.  Looking at Professor from Israeli University as a guest speaker

 

6.  Any Other Business:

a.  None

 

7.  Next call: August 5th

 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final Minutes of CA/B Forum meeting July 8, 2021

[Dean Coclin via Public]

Here are the final minutes of the subject call:

 

 

1.  Opening Procedures- Dean 

a.  Roll Call 
b.  Read Antitrust Statement
c.  Review Agenda
d.  Approval of minutes of last call

i.  Approved 

d.  Introduction of new members

 

2.  Forum Infrastructure Subcommittee update given by Jos 

a.  No call was initiated, should review co-hosts. 
b.  Infrastructure sub-committee should talk about calendars in the next
call.   No other discussion. 

 

3.  Code Signing Certificate Working Group update given by Bruce

a.  Discussed signing services and question about sub-committee, but
high level discussion overall. Will go back to the group to discuss further

 

4.  SMIME working group update given by Stephen 

a.  Laid out 4 types of email certificates. The goal is to get the
entire S/MIME certs in to an auditable certificate profile ASAP. 
b.  The decision making on documents is cumulative, so it'll show up
later in different areas.
c.  One of the biggest issues is on the validation types, since that
will be different from current ballots and will be adopted from the existing
CA/b Forum standards. Does adopting EV validation mean that it will go
through to the profile
d.  GlobalTrust (E-commerce monitoring) has joined as a certificate
member, which means there are 28 members

i.  Dean: they need to go through addition steps. They will work
offline.

 

5.  Fall F2F dates

a.  Please check calendars. A poll will go out shortly. 

i.  End of October there is a conflict ICANN and WS#. Dean- it won't be
that late. 
ii. Potential Conflicts with CA Days. People can post conflicts on a
conference page on Wiki. Dimitris will share this.  
iii.Dean to suggest week of October 4 or week of October 11. 

5.  Any Other Business:

a.  None

6.  Next call: July 22

 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Final CA/Browser Forum agenda - Thursday, August 5, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

 

Here is the Final agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement



0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (and the prior call)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: August 19th 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Draft CA/Browser Forum agenda - Thursday, August 5, 2021 at 11:30 am Eastern Time

[Dean Coclin via Public]

Here is the draft agenda for the subject call:


CA/Browser Forum Agenda


Time

Start(ET)

Stop

Item

Description

Presenters


0:02

11:30

11:32

1.

Roll Call

Dean


0:01 

11:32

11:33

2.

Read Antitrust Statement



0:01

11:33

11:34

3.

Review Agenda

Dean


0:01

11:34

11:35

4.

Approval of minutes of last call (and the prior call)

Dean


0:05

11:35

11:40

5.

Forum Infrastructure Subcommittee update

Jos 


0:05

11:40

11:45

6.

Code Signing Certificate Working Group update

Bruce


0:05

11:45

11:50

7. 

S/MIME Certificate Working Group update

Stephen


0:05

11:50

11:55

8.

REMINDER: Fall F2F Dates: Oct 12-14

Dean


0:04

11:55

11:59

9

Any Other Business



0:01

11:59

12:00

10.

Next call: August 19th 



Adjourn;



 


F2F Meeting Schedule: 


*   2021: Fall- Virtual
*   2022: Mar - US, June - Poland, Sept - Berlin

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public

[cabfpub] Fall virtual F2F meeting

[Dean Coclin via Public]

As mentioned on today's call, the fall F2F meeting will take place October
12-14th. Please mark your calendars. The wiki will be updated shortly with a
sign up page. Details to follow.

 

Dean Coclin

CA/B Forum Chair

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://lists.cabforum.org/mailman/listinfo/public