[cabf_validation] Minutes from the Validation Subcommittee meeting of 27 September 2018

[Bruce Morton]

Here are minutes from the Validation Subcommittee meeting on 27 September 2018.


1.      SC4 - Email and CAA Contact
Tim plans to post and update to the ballot today (27 September 2018).


2.      SC7 - IP Address validation Methods
Wayne stated this ballot is almost ready to post. There was discussion about the effective date which would be about 6 months or April/May 2019. On the effective date all new certificate must be issued using the new IP address validation methods.


3.      SC5 - Method 3 and Phone CAA Contact
Doug is waiting for any issues with SC4 to be resolved before completing this ballot.
Ryan advised that both SC4 and SC5 could advance if CAA was the only method to verify the email address or the phone number as there appears to be no issues with using CAA.
Tim requested concreate issues on using DNS TXT to obtain the email address or phone number. Ryan responded that these comments have been provided on the DL and would like to keep this as a separate conversation.
Tim requested if the DNS TXT issues could be discussed at the next Validation Subcommittee meeting in 2 weeks (11 October 2019). Ryan stated yes.
It was suggested that SC5 might need to split up into 2 parts: 1) how to get a phone number and 2) how to use the phone number.


4.      Ballot 225 - Improvements to EV Guidelines
Tim stated there is an issue with D&B being a QIIS. Planning to discuss defining who is a QIIS or QTIS.


5.      Validation method OIDs in Certificates
Wayne is waiting for the Bylaws to be updated as they may need IPR review. It was stated that no the Bylaws do not need IPR review and IPR review is only required when guidelines are updated. As such, Wayne plans to proceed with the ballot.


6.      Clean Up ballot
Suggested there should be a cleanup ballot this fall and not wait until the spring.
There are some changes which are required to both the Bylaws and the BRs. It was noted that as there are different voters for each of these documents, then there must be 2 clean up ballots, one for the Forum (Bylaws) and one for the Servercert WG (BRs).


7.      Discussion Priorities

a.      BGP/DNS robustness

b.      Method 9 removal

c.      Method 10 update. Ryan stated there are still issues as the RFC is still in final call. Tim would not like the RFC to be normative. Ryan stated that it would be best to start with the RFC and then make changes based on how CAs are using Method 10. As such there could be 2 methods where one is based on the RFC and the other is modified. It was recommended that the CAs provide information on how they are using Method 10. Ryan plans to propose text.

d.      Method 6 work on HTTP method


8.      Underscore in DNS Names
Wayne would like to clean up the issue with underscore in domain names. Google and Mozilla that underscore in domain names is not allowed per RFC 5280. However, some CAs consider this to be a grey area based on the previous ballot. A ballot will determine the outcome and get this issued closed.


Thanks, Bruce.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20181001/83fe0858/attachment.html>