[cabf_validation] Validation Committee Draft Minutes 2-19-01-31

Ben Wilson ben.wilson at digicert.com
Thu Jan 31 09:56:10 MST 2019

Here are the draft minutes from today's Validation Committee call.  Please
provide any corrections.  Thanks.

In attendance:  Robin Alden, Ben Wilson, Tim Hollebeek, Wayne Thayer, Doug
Beattie, Ryan Sleevi, Bruce Morton, Frank Corday, Janet Hines, Li-Chun Chen,
Rich Smith, Tim Shirley, Mahmud Khair, 

Ballot Recap:  IP Address Validation Ballot - Review period over, will begin
voting today;  Phone Method Ballot - voting ends today (IETF met and
requested IANA to add phone contact information - we'll need to contact
them/him to coordinate.  Robin has an email address for him); and Ballot to
remove Method 9, which is progressing with voting ending on Tuesday.

ALPN Ballot discussion: language has been proposed. Doug sent out emails. He
doesn't intend to wait for next RFC to begin ballot discussion but plans to
have a prolonged discussion period.  He'll wait for Roland to produce draft
05, to avoid ambiguity.  Wayne wondered about IP address that is mentioned
in the draft. Tim H. preferred that we examine each draft as it comes out.
Sequential drafts might have enhancements, but then we wait for the RFCs.

Method 6 topic:  do we have all of the input? Doug encouraged everyone to
take a look at the Google Doc.  Ryan noted some things are gated on ACME.
Are CAs using any non-ACME methods. Can CAs document the specifics of their
other methods?  Can the provision be generic, or should it specify the
http-01 method? Or can we specify the core part of the ACME method? Tim
added a Trello card "What is the overlap between http-01 and can it be made
generic?"  If 9 of 10 CAs are doing a particular way, then we ought to
codify it. So, do we move forward with a ballot for method 6 - if we did, we
might have to create multiple section numbers in the BRs.  Ryan would like
to hear from CAs on the methods.  Wayne wants a clearer understanding of our
approach - whether we're intending to go  down parallel paths. Tim H. said
he thought that we would take that approach.  Doug would like for us to try
and resolve issues and get to closure and try to include them initially and
remove them if we can't come to consensus.  CAs should do a gap analysis on
the ACME method.  We should go ahead and draft ballot language.  Tim H. will
take the lead.

F2F Agenda:  topics we need to discuss?  We should revisit the methods we
haven't improved yet after last year's summit.  There was Peter's
challenge-response method with the registrar (DNS fragmentation), from the
Herndon, Virginia, F2F meeting, and later in London and before in Seattle.
Another topic is proposed method 13 in the Google Doc where there is a CA
and domain registry (similar to method .11). Tim added a Trello card.
Another idea suggested by Wayne is the Bygone SSL paper.  That is on the
Trello board as well.

Meeting adjourned.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20190131/8d0d313a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4934 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20190131/8d0d313a/attachment-0001.p7s>

More information about the Validation mailing list