Welcome to the CA/Browser Forum
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).
More information for about the forum and information for Site Owners, Developers, Auditors and Assessors, and Potential Members can be found in the About section of this website.
Recent posts
2025-05-22 Minutes of the Server Certificate Working Group
May 22, 2025 by Wayne ThayerCA/B Forum Server Certificate WG Teleconference-20250522Meeting Title: CA/Browser Forum Server Certificate WG Date: 22 May 2025 Chair: Wayne Thayer on belalf of Dimitris Zacharopoulos Minutes Taken By: Lynn Jeun 1. Roll Call Meeting called to order by Wayne Thayer; Begin recording.
May 22, 2025 by Wayne ThayerCA/B Forum Server Certificate WG Teleconference-20250522Meeting Title: CA/Browser Forum Server Certificate WG Date: 22 May 2025 Chair: Wayne Thayer on belalf of Dimitris Zacharopoulos Minutes Taken By: Lynn Jeun 1. Roll Call Meeting called to order by Wayne Thayer; Begin recording.
Ballot SMC012: Introduce ACME for S/MIME
May 19, 2025 by Stephen DavidsoonIPR Review of Ballot SMC012: Introduce ACME for S/MIME This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
May 19, 2025 by Stephen DavidsoonIPR Review of Ballot SMC012: Introduce ACME for S/MIME This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
2025-05-08 Minutes of the Forum
May 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)
More posts of the CA/Browser ForumMay 8, 2025 by CA/B Forum and Server Certificate WG Teleconference - 2025-05-08Meeting Title: CA/Browser Forum Date: 8 May 2025 Chair: Dean Coclin Minutes Taken By: Wayne Thayer 1. Roll Call and Housekeeping Meeting called to order by Dean Coclin; recording in process. 2. Note-well Note-well has already been read. 3. Review Agenda No changes to the agenda. 4. Approval of Minutes April 10th (Trev) - these are still pending. April 24th (Thomas) - have been posted to the management list; minutes approved. F2F#64 - minutes approved. 5. Server Certificate Working Group update (Dimitris) SCWG Discussed recent comments on SC081; no action needed. Discussion on ability to lock comments on PRs and request to Infrastructure SC to standardize. Ballots were discussed. Validation Subcommittee Corey reported focus on SC085 (DNSSEC ballot) and technical details/effective dates. Also discussed SC082 redux and new validation method by Michael Slaughter. Ongoing PR discussion on GitHub. 6. Code Signing Certificate Working Group update (Martijn) No call was held; no updates. 7. S/MIME Certificate Working Group update (Stephen) Discussed ACME for S/MIME ballot. Discussed tagging of pseudonyms in common names to prevent confusion. Broader discussion on adopting the detailed Section 7 structure of the TLS BRs. SMC011 exits IPR on May 14. 8. NetSec Working Group update (Clint) Discussion of NS008 and section 2.2.6 remote connections language. Potential confusion with “access to CA infrastructure” for customer portals. Proposed new term: “privileged access” to clarify. Ballot updated to version 3 and discussion period restarted. Aiming to move to voting on May 14th. 9. Definitions and Glossary Working Group (Tim C.) No update. 10. Forum Infrastructure Subcommittee update (Jos) Reviewed GitHub ‘restrict comments’ setting—agreed to use and document in CLA/readme. Ben’s meeting minutes template added to wiki; plan to test with AI transcription. Suggestion: chairs should clearly call out agenda sections for AI alignment. Concern raised by Wayne: restricting comments may drive demand for write access. Jos: propose self-service update via membership-tools record. 11. Intellectual Property Rights Subcommittee (Ben) Next meeting scheduled for May 15* 12. Bylaws Changes (Ben - Dimitris) No recent progress. Rebecca Kelley to collaborate with Ben. 13. Any Other Business Toronto Face-to-Face meeting approaching. In-person attendance deadline has passed. Reminder to book hotels. Aaron drafted a bylaws update ballot to allow WG chairs to convert relative effective dates to concrete dates post-ballot. Planning to begin discussion period. 14. Next Call May 22, 2025 15. Adjourn Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adriano Santoni (Actalis S.p.A.), Antti Backman (Telia Company), Ben Wilson (Mozilla), Brianca Martin (Amazon), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), Cynethia Brown (US Federal PKI Management Authority), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Iori Kondo (Cybertrust Japan), Jaime Hablutzel (OISTE Foundation), Jeanette Snook (Visa), Jeff Ward (Aprio), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kate Xu (TrustAsia), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Lucy Buecking (IdenTrust), Luis Cervantes (SSL.com), Mahua Chaudhuri (Microsoft), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Matthew McPherrin (Let’s Encrypt), Michael Slaughter (Amazon), Michelle Coon (OATI), Mohd Redha Hamzah (Pos Digicert Sdn. Bhd.), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rich Smith (DigiCert), Rollin Yu (TrustAsia), Ryan Dickson (Google), Scott Rea (eMudhra), Sooyoung Eo (NAVER Cloud Trust Services), Stephen Davidson (DigiCert), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yamian Quintero (Microsoft)