[cabfpub] Final minutes of CA/B Forum meeting April 14, 2022

Dean Coclin dean.coclin at digicert.com
Thu Apr 28 15:17:57 UTC 2022 

CA/Browser Forum Meeting April 14, 2022



1.	Opening Procedures- Dean

1.	Roll Call

Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland 
(SecureTrust), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton 
(Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell 
(Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin 
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico 
Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Heather Warncke 
(Amazon), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management 
Authority), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos 
Purvis (Cisco Systems), Karina Sirota (Microsoft), Khairil Nizam Abdul Malek 
(MSC Trustgate Sdn Bhd), Paul van Brouwershaven (Entrust), Peter Miskovic 
(Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Stephen Davidson 
(Digicert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), 
Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), 
Yoshiro Yoneya (Japan Registry Services)

a. Read Antitrust Statement- Jos Purvis

b. Review Agenda

c. Approval of minutes of last call

1.	Approved



2.	Forum Infrastructure Subcommittee update given by Jos Purvis

1.	Had successful migration of DNS to GoDaddy and now can stand up a dev host 
for membership tool to start testing

1.	Going to create a label of 'interested person' for someone who is 
interested but not as a group in the tool

0.	Creating a style guide on how to post things to the website-e.g. picking a 
consistent date for minutes to make sure things are consistent
a.	There was a website issue over the weekend but it has been resolved. It was 
an internal issue but it was corrected very quickly.
b.	Talked about tools page- adding more sections per type of interested person 
and adding additional tools



3.	Code Signing Certificate Working Group update given by Bruce Morton

1.	Approved ballot 13 for subscriber key protection. It's in IPR and will be 
effective 11/15/2022.
2.	Moving on to finalize format change to RFC 3647 format.



4.	SMIME working group update given by Stephen Davidson

1.	Draft of BRs is complete
2.	Working through fringe cases that are not included in other types of BRs- 
common names, functional names (like help desk) or a pseudonym, as well as 
field serial number, which is can be used in different ways in S/MIME certs, 
like an employee ID number or a personal identifier like in ETSI
3.	Moving into formal pre-ballot discussion period shortly. Now is the time 
for organizations to review and read
4.	Goal to move into ballot in the summer.



5.	NetSec Working Group given by Clint Wilson

1.	Risk Assessment is ongoing
2.	Discussion on OCSP uptime requirements in the BRs and it's essentially 
24/7- which is an Atypical SLA. Starting to discuss what would be more 
realistic

1.	Move towards drafting a requirement that requires Cas to report this in 
their CPS to get a better understanding of what would be more reasonable.
2.	This couldn't be a NetSec ballot since it's in the BRs, but it should be in 
either the Server Cert group or maybe in the validation group

1.	Should be added to the server certificate working group agenda- maybe add 
it to next week
2.	Other working groups will have to also update their BRs if they need it
3.	Should there a baseline of baselines? That is the baseline requirements 
that goes for every type of certificate and then working groups make their own
4.	Suggested that this conversations should be made on the mailing lists, not 
in a specific meeting.

0.	Went through an complied issues in Github of things that have been 
discussed over the years to start going through





6.	Any Other Business:

1.	Meeting in Poland is still in on. Wiki sign-ups are open. Notices will be 
sent out and all information is online

1.	Is there anything we can do to help make the remote experience good?
2.	Dean will check with the hosts



 MEETING ADJOURNED



F2F Meeting Schedule:

*    2022

*    June 6-8 - Poland (Note: Meeting dates are Mon-Weds and will be followed 
by the Trusted Economy Forum on Weds-Thurs), MEETING IS CONFIRMED

*    Oct 24-26 - Berlin (Note: Meeting dates are Mon-Weds and will be followed 
by the CA Day and TSP event on Thurs/Fri)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20220428/8ffacd58/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20220428/8ffacd58/attachment-0001.p7s>

More information about the Public mailing list