[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - August 6, 2020
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Mon Aug 24 04:26:11 MST 2020
These are the Final Minutes of the Teleconference described in the
subject of this message as prepared by Wayne Thayer (Mozilla).
Attendees (in alphabetical order)
Ben Wilson (Mozilla), Chris McMillan (Visa), Clint Wilson (Apple), Corey
Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy),
Dean Coclin (Digicert), Dustin Hollenback (Microsoft), Enrico Entschew
(D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign),
Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading
(GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft),
Li-Chun Chen (Chunghwa Telecom), Mayur Manchanda (Visa), Michael
Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft),
Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter
Miskovic (Disig), Rae Ann Gonzales (Godaddy), Rich Smith (Sectigo), Ryan
Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Digicert),
Tobias Josefowitz (Opera Software AS), Wayne Thayer (Mozilla), Wendy
Brown (US Federal PKI Management Authority)
Minutes
Dimitris is on vacation, so Wayne led the call.
1. Roll Call
The Roll Call was taken.
2. Read Antitrust Statement
The Antitrust Statement was read by Ben WIlson.
3. Review Agenda
No changes to the agenda were noted. Neil Dunbar volunteered to take
minutes for the next SCWG and Forum teleconference.
4. Approval of minutes from last teleconference
Accepted without objections.
5. Validation Subcommittee Update
Tim Hollebeek was not on the call. Wayne reported that last week’s
meeting was brief. The call began with discussion of the TLS Using ALPN
Method ballot. Then the certificate profile work was discussed. The
spreadsheet is linked from our wiki. Doug added the ‘subscriber’ tab,
and it was decided that the committee would work on it next time.
Members were asked to review this tab and make comments prior to the
next meeting. Finally, the ‘cleanups and clarifications’ ballot was
discussed. Ryan is cleaning up the ballot and is planning to move the
ballot into the discussion period soon.
6. NetSec Subcommittee Update
SC28 is in ‘heartbeat’ mode, being kept alive through the month of
August at the request of members who need more time to review and
analyze the implications of the ballot. SC32, the “zones” ballot is
being reworked to discuss and address feedback that has been received.
There are a couple of new ballots that now have explanatory text
completed so they can be introduced to the working group. These ballots
make smaller changes than some of the recent ballots. The Pain Points
group continues discussions of long term CA architecture, such as how to
integrate cloud providers.
7. Ballot Status
Ballots in Discussion Period
SC28 (Logging and Log Retention)
Wayne: Being kept alive through August to provide more time for review.
SC33 (TLS Using ALPN Method)
Wayne: This ballot replaces domain validation method 10 with a new
method 20 that uses the IETF RFC to define the use of TLS with ALPN to
validate domain control. Discussion period ends tomorrow. Planning to
start voting tomorrow.
Ballots in Voting Period
None
Ballots in Review Period
SC30 (Disclosure of Registration/Incorporating Agency)
SC31 (Browser Alignment)
Wayne: Review periods end August 20.
Draft Ballots under Consideration
Spring 2020 cleanup and clarifications (Ryan)
Ryan: Been working on the layout. Content-wise it’s done, but haven’t
had a chance to work on the markdown. It will be coming soon to give CAs
the confidence they need on clarifications
Update to BR section 6.1.1.3 (Chris)
Chris: Have been waiting on SC31’s review period to end since it also
changed section 6.1.1.3. Since the SC31 review period is almost over, we
can move forward with this ballot. Also includes a change to section
4.9.1.1. Will go ahead and push this out for discussion soon.
Offline CA Security Requirements (Ben)
Ben: No updates. This will be discussed at the next subcommittee call.
8. Any Other Business
No other business was discussed.
9. Next call
The next call will take place on August 20, 2020 at 11:00am Eastern Time.
Adjourned
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20200824/4efd972e/attachment-0001.html>
More information about the Servercert-wg
mailing list