<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Lucida Console";
panose-1:2 11 6 9 4 5 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-GB link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='mso-fareast-language:EN-US'>This is a first draft of the minutes. I will check and add the attendees and post a final version.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Present: (tbc)<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne Thayer chaired the meeting.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal>1. Preliminaries<o:p></o:p></p><p class=MsoNormal>** Assign minute taker<o:p></o:p></p><p class=MsoNormal>** Read antitrust statement<o:p></o:p></p><p class=MsoNormal>** Review/update agenda<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>2. Priorities from F2F:<o:p></o:p></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>1. Default deny.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug posted a google doc in which we can identify areas that would benefit from attention.<o:p></o:p></span></p><p class=MsoNormal><a href="https://docs.google.com/document/d/1i3CvNbd6mHI9KYYith94C7RQ-ny6ibuo7x7j7m9hSM4/edit">https://docs.google.com/document/d/1i3CvNbd6mHI9KYYith94C7RQ-ny6ibuo7x7j7m9hSM4/edit</a><span style='mso-fareast-language:EN-US'><o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>2. Permitted fields in the subject of CA certificates.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>(related to default deny)<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>A number of CA certs have more than the 3 fields mentioned in the BRs.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan was drafting a ballot.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Still a priority, but probably no work to do until we have a ballot.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan looking at a sunsetting strategy.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>3. Creating a list of registration agencies (or JoIs)<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Last week at the F2F we agreed that the list is much narrower than had been targeted by CAs so far.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>This is specific to registration agencies. It has become apparent that CAs may not have such a list.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Do we want to pursue this? - If so, how do we move forward.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>(silence)<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Dean: Joanna from GoDaddy has some experience.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: We can take a small subset list.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>E.g. we discussed LEI, and curtail it for jurisdictions and see about adopting that list and using that as a forcing function to see what sources CAs use.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan will draft a ballot requiring disclosure.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Does a 3 month phase-in feel like enough?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: Depends on how new items are added.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>If we can add new items on an ad-hoc list going forward, then OK.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: Yes, a CA could modify the list whenever they want. But how long does it take place to put a procedure in place to allow a CA to modify their list and publish it.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: You may go through an entity that provides the info.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: The CA discloses as part of their procedure the list of agencies they trust.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: more acceptable if CAs can add to the list after using it. "within 90 days.."<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>BR ballot or EV ballot?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: EV. Registry of Incorporation.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: We're not going forward asking CAs to update the spreadsheet?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: That's right.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>4. CAA semantics<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>A set of standard semantics for expressing DV/OV/EV/IV in CAA methods.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>The semantics for validation methods was thought to be harmful as it could prevent updates to those methods.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: Just validation types? - <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>5. Updating requirements for OU fields in certificates.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Is there energy around updating these?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Robin – Sectigo is interested in seeing these updated.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>* Dimitris pointed out that OU can't be used at all.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>* OU appear in DV certificates?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>* Does the OU field in a cert need to be bound to the subject identity?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>* Conversation ensued around the issue of purpose - is this for the subscriber, for the relying party (e.g. brand of CA), Uniqueness requirements<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: interested 1st in the purpose and use cases for it, as requirements will be shaped by that.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Looking across the spectrum of OU values, there appear to be multiple motivations, and that could be a good starting point to elaborate on the use cases for the OU. (relying party, subscriber, what ?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Sectigo will work on this.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>6. LEI ballot.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Tim still working on it. <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: haven't seen movement since 1st draft. recap: The purpose and the requirements.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Do we know what feedback he is addressing or rejecting?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: It will be on the agenda for our next meeting.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'> <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>7. Movement to standardize state and province names.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Short discussion at F2F. A difficult topic and not a big priority.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Does anyone feel this is a priority?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: State and Province, no, Jurisdiction fields - that will hopefully get sorted as we make progress getting the incorporating agencies sorted. So maybe backburner this until we have a sense of the sources that CAs use.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>So if a 3 month phase in, then maybe we come back to this in 9-12 months.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: in the US we'd look to Sec of state. Some may abbreviate states and others not. So does the registration agency actually help for S&P?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: Agree. I was thinking that, e.g. for Sec of State, say 4-5 months from now, we'd start seeing the CAs document the Registration agency. 6 months after that we start looking through the sources and normalizing.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>e.g. in US, define expected values for the Jurisdiction fields are for that Registration Authority.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>That would define what the Jurisdiction fields would have. OV fields are more complex, but tackling the Jurisdiction fields first we can bring out the .....<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: It seems we know for US & Canada & a bunch of others, we know the list, so why not start defining some of the known ones. Colleagues point out that e.g. Belgium is complex because of language.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Shelly Brewer: based on our own experience, there are some nation states that are quite easy, but what about contested areas such as Palestine.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Is there a mechanism that we can build a jurisdiction based on consensus?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Rich: One of the things we did a number of years ago was define country code XX for countries not yet recognized and hence not having an ISO code. (e.g. Kosovo, originally) <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Must be recognized where the CA operates.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Put the area in the state or province field.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: .. recognized by at least 2 UN member nations..<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Shelley: That answers a good chunk, but there are outliers that are quite problematic, e.g. HK.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Not very many, but can cause business issues. would like to see some mechanism for places like that.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Seems consistent to what I heard, that a completely consistent list worldwide would be hard.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Where not difficult, come up with the list, and come up with an exception process where not easy to define.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Rich: Against the CABF make adjudication on HK, TW, because that puts us squarely in the middle of political decisions that we don't want to be in the middle of.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Either CN, HK, or HK, HK (listed).<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>We dont want to say 'must use CN'.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: Browsers have had to deal with, and using GLEIF as an example (which CN makes heavy use of), GLEIF uses the HK code.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Browsers and OSs make clear that is a country or region code, not exclusively a sovereign state code.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>That has largely addressed the geopolitical situation.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>'Country or Region' in cert viewer, e.g.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>As Wayne said , not suggesting we do a full list, but in the process for coming up with the registration agency list we will come up with the main ones.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>E.g. HK companies House. There is a canonical way to encode that in a number of different systems.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Tougher to enumerate all the ?? of Belgium. ??<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Use the ISO where it is not hard to solve. <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>If someone doesn't wants to take on the second part, then it becomes a lower priority.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Agendum 3.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Default Deny.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug, thanks for creating the doc.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: I'm not even sure that the scope is, but I thought I'd create a version of the doc we could collaborate on and raise issues. See what is problematic.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>I just started at the beginning and went through.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>For the most part the validation methods are pretty well defined. <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Corey went through and added some comments, as did a few others.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Is it worth dividing it up ? - But not hard to flip through and pick a section and evaluate for whether default deny is a problem.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Any comments on Doug's approach? - I saw comments on focussing on certificate profile, and on enumerated lists.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: Those are areas with ambiguities, so I think those are a good place to look.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>...<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: In Its in scope for the chartered working group, but is it in scope for the sub-committee? <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>My suggestion is that it is on the line. Certificate profile - directly related to cert content, so that’s related to the inclusion of info in certificates.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>OCSP or CRLs - maybe not in scope for validation subcommittee.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>The bylaws have requirements on groups, but subcommittees are more flexible.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>For the whole issue, we may want to bump it up a level.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Practically speaking, is this the right group of people to take on the work?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>My opinion is that this is as good a group as any. Maybe we accept this is marginal on the charter, or review the charter, or set a new group up.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Robin: I think we are the right people. If the subcommittee isn't the right place then we can revue it or kick up to the working group level.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Doug: Agree.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: There is no difference in IP between Wg and subcommittee. The purpose is for communication.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Are there folks on the call who may not be interested?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Are there people not in the SC who would be interested?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>In the past, members have had informal discussions and got on a call to socialize it.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>(terrible option, but..) Similar to the telecons having the forum group and SSL Wkg group, could do both on this call.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>The main caveat is just the time. If this is the right group and the time works, subcommittees are meant to be more flexible.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: I would argue for continuing this work in this subcommittee. Make it known we are doing the work, and invite others to join if they are interested (or to object if they don't like what we're doing in the SC).<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>No objections heard yet, more hypothetical issues.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>I have another Q about this doc. Makes sense to move forward with proposing additional areas of clarification.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Some areas feel a bit more substantial. E.g. fields in CA certs. That is going to require a separate ballot.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Perhaps same thing applies to OU fields. (maybe default deny).<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Perhaps there is a cleanup ballot, but also other ballots that will need to be broken out from this work.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: I agree. Would suggest priority is around cert profile (section 7). <o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>7.1, we’ve talked about CA subject fields, and OU for leaf and sub-CAs.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>OCSP profile - distinct ballot.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Moving to a place where the profile in sec 7 is clean and locked down, then moving to practices.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Does it make sense to pick individual sections on these calls, e.g. next time talk about section 7.1.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Ryan: That is certainly our biggest priority.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>AOB?<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Dean mentioned the paper presented at RSA about the ability to get EV certificates from the dark web.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>The presentation highlights where improvements can be made in the EV process. read the pres.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Wayne: Will add this to agenda for next time.<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Regards<br>Robin Alden<o:p></o:p></span></p><p class=MsoNormal><span style='mso-fareast-language:EN-US'>Sectigo Limited<o:p></o:p></span></p></div><p class=MsoNormal><span style='mso-fareast-language:EN-US'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US>From:</span></b><span lang=EN-US> Validation <validation-bounces@cabforum.org> <b>On Behalf Of </b>Wayne Thayer via Validation<br><b>Sent:</b> 26 February 2020 15:44<br><b>To:</b> validation@cabforum.org<br><b>Subject:</b> [cabf_validation] 27-Feb Validation Subcommittee Meeting Agenda<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div style='border:solid black 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt'><p class=MsoNormal style='line-height:12.0pt;background:#FAFA03'><span style='font-size:10.0pt;color:black'>CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.<o:p></o:p></span></p></div><p class=MsoNormal><o:p> </o:p></p><div><div><div><p class=MsoNormal>I believe that Tim is on holiday this week, so I went ahead and drafted an agenda for tomorrow's call:<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>1. Preliminaries<o:p></o:p></p></div><div><p class=MsoNormal>** Assign minute taker<o:p></o:p></p></div><div><p class=MsoNormal>** Read antitrust statement<o:p></o:p></p></div><div><p class=MsoNormal>** Review/update agenda<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>2. Priorities from F2F:<o:p></o:p></p></div><div><p class=MsoNormal>** Default deny<o:p></o:p></p></div><div><p class=MsoNormal>** Permitted fields in the Subject of CA certs<o:p></o:p></p></div><div><p class=MsoNormal>** Create list of Registration Agencies for JOI + process to maintain the list<o:p></o:p></p></div><div><p class=MsoNormal>** Define CAA semantics<o:p></o:p></p></div><div><p class=MsoNormal>** Update OU field requirements<o:p></o:p></p></div><div><p class=MsoNormal>** LEI ballot<o:p></o:p></p></div><div><p class=MsoNormal>** Standardize State and Province names<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>3. Default Deny Discussion<o:p></o:p></p></div><div><p class=MsoNormal>** Doug's draft: <a href="https://docs.google.com/document/d/1i3CvNbd6mHI9KYYith94C7RQ-ny6ibuo7x7j7m9hSM4/edit">https://docs.google.com/document/d/1i3CvNbd6mHI9KYYith94C7RQ-ny6ibuo7x7j7m9hSM4/edit</a><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>4. Any Other Business<o:p></o:p></p></div><div><p class=MsoNormal>** TLS-ALPN-01<o:p></o:p></p></div></div></div></div></div></body></html>