[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - December 12 2019

[Dimitris Zacharopoulos (HARICA)]

These are the Final Minutes of the Teleconference described in the 
subject of this message.


    Attendees (in alphabetical order)

Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Corey Bonnell 
(SecureTrust), Daniela Hood (GoDaddy), David Moeller (Sectigo), Dean 
Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie 
(GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), 
Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management 
Authority), Joanna Fox (GoDaddy), Leo Grove (SSL.com), Li-Chun Chen 
(Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michelle Coon (OATI), 
Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Patrick Nohe 
(GlobalSign), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden 
(Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer 
(Digicert), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software 
AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown 
(US Federal PKI Management Authority).


    Minutes


      1. Roll Call, assign minute-taker

The Chair took attendance. Wendy Brown volunteered to take minutes.


      2. Read Antitrust Statement

The Antitrust Statement was read.


      3. Review Agenda

Accepted without change.


      4. Approval of minutes from previous teleconference


Accepted without objections.


      5. Application for OISTE Foundation

Dean said he had reviewed it and the application is in order. They want 
to be involved in both the Server Certificate WG and S/MIME WG when it 
is established.  They are the owner/operator of the WiseKey subordinate 
CA as well as operating the root CA.

Application was approved with no objections.


      6. Application for NAVER BUSINESS PLATFORM Corp.

Dean said the had reviewed, the application is in order, however he 
would like to verify that the person signing the agreement has the 
authorization to sign on behalf of the company.  Therefore, he asked 
that approval be provisional on successful verification.

Provisional approval for the application was approved with no objections.


      7. Application for iTrusChina to become a full Member

iTrusChina is already an Associate Member pending inclusion of their 
root in at least one public trust store. They are now included in 360 
Browser.

Full membership was approved with no objections

Dean will contact all three companies to let them know of approval.

Dimitris will make sure the web site is updated.


      8. Validation Subcommittee Update

  * Method 6 ballot - ready to go
  * Validation sources are being collected and reviewed - creating a
    document to help CAs provide validation sources
  * Fixing problem of which subject attributes are allowed in
    Intermediate CAs – the plan is to start with whitelisting all the
    current attributes used and then discuss what may need to change
  * Any other business - TOR has changed onion handling - will need to
    update guidelines to correspond to these changes
  * Bruce asked for clarification if the validation sources are only
    being collected for the EV guidelines
  * The answer was we are starting with EV, but it may expand to the BRs
    later based on whatever decision is made
  * Will make the scope clear on the Wiki


      9. NetSec Subcommittee Update

  * Neil is still coming up to speed - taking over the chair from Ben
  * Updating SC20 - continuous monitoring for unauthorized changes
  * SC21 went through ballotting before SC20 so a review is needed to
    ensure SC20 language agrees with the approved SC21 changes
  * Take away wiggle room to ensure continuous change control & monitoring
  * Looking at modeling of sub components
  * Meeting right after this session


      10. Ballot Status

No further discussion.


        _Ballots in Discussion Period_

None///
///
_*Ballots in Voting Period*_
////None

_*Ballots in Review Period*_
/SC23 v3: Precertificates

SC24 v2: Fall Cleanup///


        _Draft Ballots under Consideration_


/SC20 Ballot (NSR 2): System Configuration Management/
A request was made that they review the minutes from the last 
teleconference and add a problem statement as to why the ballot is being 
proposed. Neil said there is a problem statement in the ballot language, 
so this can be provided.

/SC25: Define New HTTP Domain Validation Methods /(Doug)
Doug stated this is getting close to be ready for discussion, he needs 
to turn the email version into a github version for discussion and 
voting. It is not yet in the official discussion period.

/LEI Ballot/ (Tim H.)
No update.

/Formatting changes to Guidelines /(Jos)
The 2 ballots in review will need to be merged to the master branch and 
then rebase the document for formatting changes in order to create a ballot.

/Aligning the BRs with existing Browser Requirements /(Ryan)
Ryan has not received any additional inputs recently.  He will wait for 
the formatting changes ballot to go first and then re-base to the latest 
BRs so the proposed changes are clear against the latest version of the 
BRs. Further feedback from Root Programs is welcomed. Ryan is also 
waiting for Microsoft to finish the update that started in October. 
Mozilla policy 2.7 has also just been released and will be reviewed.


      11. Approval of F2F 48 minutes

Minor updates were made to the minutes that were initially circulated.

Minutes as updated were approved with no objections.


      12. Action items from F2F 48

Dimitris has created a Wiki page for action items from the F2F 48 
meeting, he invited others to make use of this new page.


      13. Any Other Business

No other Business raised.


      14. Next call

January 9, 2020 at 11:00 am Eastern Time.


      Adjourned


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200113/4dfae8ca/attachment-0001.html>