[cabfpub] Final minutes of CA/B Forum call March 17, 2022

Dean Coclin dean.coclin at digicert.com
Thu Mar 31 15:35:07 UTC 2022

Final minutes of CA/B Forum call March 17, 2022


Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda
Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla),
Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer
(SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Ward (SSL.com), Enrico
Entschew (D-TRUST), Fumi Yoneda (Japan Registry Services), Heather Warncke
(Amazon), Hogeun Yoo (NAVER), Hubert Chao (Google), Inaba Atsushi
(GlobalSign), Inigo Barreira (Sectigo), Joanna Fox (TrustCor Systems),
Johnny Reading (GoDaddy), Karina Sirota (Microsoft), Kati Davids (GoDaddy),
Khairil Nizam Abdul Malek (MSC Trustgate Sdn Bhd), Kiran Tummala
(Microsoft), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Martijn
Katerbarg (Sectigo), Michelle Coon (OATI), Paul van Brouwershaven (Entrust),
Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales
(GoDaddy), Rebecca Kelley (Apple), Renne Rodriguez (Apple), Ryan Dickson
(Google), Stephen Davidson (Digicert), Tim Hollebeek (Digicert), Tobias
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers
(GoDaddy), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya
(Japan Registry Services)


1.	Opening Procedures- Dean 

a.	Roll Call- per above
b.	Read Antitrust Statement- Jos Purvis
c.	Review Agenda
d.	Approval of minutes of Feb 3rd call

a.	Approved


2.	Forum Infrastructure Subcommittee update given by Jos Purvis

a.	Working group repo on Github is now working
b.	Terrific demo of membership application web app. This will be a
great step up from current tooling

a.	Next steps are going to be setting up dev pages on AWS and then
start tracking in parallel until finally moving over to it permanently
b.	There is a neat way how to track attendance on Webex, so this could
be automated. 
c.	If anyone has experience with php, the group is looking for help

b.	Difficulties in balloting are more in scope of content rather than

a.	Will do some documentations on how to do the technical aspects

c.	Discussed general revamp of the websites. 
d.	There was a security issue with the site and GoDaddy and Ben were
helpful in cleaning that up. 
e.	Do they know what happened? They think there was an authentication
breach. Do they know which account was breached? No, but anyone who has
access has been asked to change creds. 
f.	Plan for changing over DNS from GoDaddy to AWS soon. May push out
this cutover due to ballot, but will look forward to it. 


3.	Code Signing Certificate Working Group update given by Bruce Morton

a.	Long discussion on subscriber key protection, and discussion on
ballot, which should go out shortly. 
b.	Long Discussion on going through the current document on bringing it
up to date on the signing services. 


4.	SMIME working group update given by Stephen Davidson

a.	Discussion on wrapping up odds and ends on text for ballot before it
goes out. 
b.	Intend to have a month of pre-ballot discussion in order to find any
issues, discussion
c.	Before going to a proper ballot in accordance with the bylaws. 
d.	Have general agreement on how to go forward
e.	Having general discussions on the details, like the use of the
pseudonym aspect or reuse of common name, as examples. 
f.	In terms of mailbox validation, we are adopting the TLS Baseline
requirements methods for  proving mailbox control. 

a.	There has been an additional discussion that there would be a
variant on the MX method

f.	Draft is here: https://github.com/cabforum/smime/blob/preSBR/SBR.md


5.	NetSec Working Group given by Clint Wilson

a.	A shift in the time for the cloud services and infrastructure group
to 9am Pacific time starting next week. This group is progressing in the
risk assessment quite well and still looking for more people. 
b.	Looking at ballots around defined terms, adding definitions and
fixing definitions overall. 
c.	Will continue to give this update going forward. 


6.	Any Other Business:

a.	Next meeting is in Warsaw. Will continue to look ahead and make a
decision going forward. 

a.	Will there be a hybrid? Maybe, but we cannot promise quality of the
b.	Suggest to err on side of having a good hybrid meeting, but wait and

a.	Berlin meeting is still scheduled for Oct 24-26




Meeting Adjourned




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20220331/7f6de22a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20220331/7f6de22a/attachment-0001.p7s>

More information about the Public mailing list