[cabfpub] Final minutes of CA/B Forum call August 19, 2021

[Dean Coclin]

Final minutes of CA/B Forum call August 19, 2021

 

1.	Opening Procedures- Dean 

a.	Roll Call: Adrian Mueller (SwissSign), Amanda Mendieta (Apple),
Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust),
Chris Kemmerer (SSL.com), Chris McMillan (Visa), Christy Berghoff (US
Federal PKI Management Authority), Clint Wilson (Apple), Christy Berghoff
(US Federal PKI Management Authority), David Kluge (Google), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico
Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi
(GlobalSign), India Donald (US Federal PKI Management Authority), Janet
Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading
(GoDaddy), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota
(Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Michelle
Coon (OATI), Mike Min (GoDaddy), Mike Reilly (Microsoft), Niko Carpenter
(SecureTrust), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian
Schulz (GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert),
Tadahiko Ito (SECOM Trust Systems), Tim Hollebeek (Digicert), Trevoli
Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy
Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry
Services), Anuj Saxena (Web.com), Steven Deitte (GoDaddy)
b.	Read Antitrust Statement
c.	Review Agenda
d.	Approval of minutes of last call

i.	Brief discussion of previous minutes. 

 

2.	Forum Infrastructure Subcommittee update given by Jos 

a.	Github work continuing steadily. The most recent release at SC47
included the new tagging. We'll be posting the documentation on that so that
people understand how to do it in the future.
b.	Digging into the website revamp and then we'll be opening a Google
Doc to track any changes on the test website so that we can replicate them
in the live website. we have to kind of do them in 1 place, approve them and
then do them again on the existing site. 
c.	Ben did some updates per Dimitris's request to the ballots table on
the public website
d.	We'll be looking at how to revamp membership spreadsheet, redo it
and hopefully clean that up into something much more.

 

 

3.	Code Signing Certificate Working Group update given by Bruce

a.	In the last 2 weeks, we have 2 ballots approved. 1 was our clean up
and clarification ballot that closed off a lot of our Parking lot items
we've been creating. This one is under IPR. The other one we pushed in the
new audit requirements, for the merged CSBR document that we have in the
forum. Also under IPR Review. 
b.	We're making some progress at working towards going to the new
format to the RFC 3647 and in the pandoc format. So it's some work there.
And our goal is to get that done by the end of the year
c.	Progress will start on the signing service work that we want to do,
to work on the code signing service requirements in September or October
timeframe.

 

4.	SMIME working group update given by Stephen 

a.	There is a new certificate issuer joining, IdenTrust . there are
currently 29 cert issuers, 6 cert consumers, 3 associate members, 6
interested parties.
b.	Working on the certificate profiles, which has lead to some revisits
of use cases based on what we know of real world use of S/MIME today, to
help clarify which fields and settings are appropriate.
c.	Profile types are mailbox, organization, Individual -affiliated (w/
organization), Individual - personal.
d.	Validation for Org details - at least for the Strict versions of
those profiles - will be drawn from EVG procedures.  Reflecting that vetting
the Subject may use the OrganizationalIdentifer as defined in EVG 9.2.8. and
Appendix H.
e.	Ryan: Is there any hope of a publication of a document that focuses
on the primary deliverable namely, the verification of control over an email
address?

i.	Stephen: Yes. The draft already defines verification of control over
an email address.  Our discussions have also touched upon other Subject
verification topics inasmuch as they impact cert profile fields.  As
decisions made on one cert profile affects other, progress accelerates as we
move from one to the next. 
ii.	Ryan: is the working group focused on delivering this primary
deliverable or is the working group focused on the secondary things that
have long been identified? 
iii.	Stephen: We do have draft text for email control will be established
and domain control, which is drawn upon the existing work from the baseline
requirements
iv.	Ryan: Are we looking at something that might be coming to a vote
within, say, 2 to 3 months or are we looking at something that's, you know,
looking at half a year to year because of work on the secondary features? 
v.	Stephen: Once we have completed our draft cert profiles, which the
WG defined as our first deliverable and I do not foresee requiring extended
time, the WG will discuss next steps.  The draft of the S/MIME BR based on
our discussions is well advanced. 
vi.	Dean is waiting on Stephen to add Identrust to the S/MIME lists. 

 

5.	Fall F2F dates

a.	October 12-14, 2021

 

6.	Any Other Business:

a.	None

 

7.	Next call: September 2

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20210916/8aeed0c5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20210916/8aeed0c5/attachment-0001.p7s>