<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<div dir="ltr"><b>Attendees</b>
<div>Aaron Gable - (Let's Encrypt), Abhishek Bhat - (eMudhra),
Adam Jones - (Microsoft), Adriano Santoni - (Actalis S.p.A.),
Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Brianca
Martin - (Amazon), Brittany Randall - (GoDaddy), Bruce Morton -
(Entrust), Chad Dandar - (Cisco Systems), Clint Wilson -
(Apple), Corey Bonnell - (DigiCert), Corey Rasmussen - (OATI),
Dimitris Zacharopoulos - (HARICA), Dong Wha Shin - (MOIS
(Ministry of Interior and Safety) of the republic of Korea),
Doug Beattie - (GlobalSign), Enrico Entschew - (D-TRUST), Georgy
Sebastian - (Amazon), Gregory Tomko - (GlobalSign), Inaba
Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Jaime
Hablutzel - (OISTE Foundation), Johnny Reading - (GoDaddy), Jos
Purvis - (Fastly), Keshava Nagaraju - (eMudhra), Kiran Tummala -
(Microsoft), Luis Cervantes - (GoDaddy), Mads Henriksveen -
(Buypass AS), Marco Schambach - (IdenTrust), Michelle Coon -
(OATI), Miguel Sanchez - (Google), Mrugesh Chandarana -
(IdenTrust), Nargis Mannan - (VikingCloud), Nate Smith -
(GoDaddy), Naveen Kumar - (eMudhra), Nicol So - (CommScope),
Nome Huang - (TrustAsia), Rebecca Kelly - (SSL.com), RIch Smith
- (DigiCert), Rollin Yu - (TrustAsia), Scott Rea - (eMudhra),
Stephen Davidson - (DigiCert), Steven Deitte - (GoDaddy),
Tadahiko Ito - (SECOM Trust Systems), Tathan Thacker -
(IdenTrust), Tim Hollebeek - (DigiCert), Tobias Josefowitz -
(Opera Software AS), Trevoli Ponds-White - (Amazon), Tsung-Min
Kuo - (Chunghwa Telecom), Wayne Thayer - (Fastly), Wendy Brown -
(US Federal PKI Management Authority)
<div><br>
</div>
<div><b>Administrivia</b><br>
- Aaron Gable taking minutes</div>
<div>- Roll call taken via Webex<br>
- Dimitris Zacharopoulos read the note-well<br>
- Minutes from April 25 approved<br>
<br>
<b>Server Certificate Working Group update (Inigo Barreira)<br>
</b>- Continued triage of GitHub issues<br>
- Patent Advisory Group created as a result of exclusion
notice filed on SC-070 had its first meeting, elected Ben
Wilson as chair, and drafted and sent an email requesting
clarification from GoDaddy<br>
- Currently soliciting F2F agenda topics<br>
- The EVGs have published a new version based on Ballot SC-072
<br>
<br>
<b>Validation Subcommittee update (Corey Bonnell)<br>
</b>- Continued discussion of identifying Delegated Third
Parties in validation methods<br>
<br>
<b>Code Signing Certificate Working Group update (Bruce
Morton)<br>
</b>- Still working on a ballot to pull various EV
requirements into the CSBRs<br>
- Ran into some difficulties regarding Organization
Identifier, so will probably leave that field as-is for now<br>
- Also still updating the Timestamp ballot<br>
- Discussing reducing the maximum validity of code-signing
certificates, from 39 months to 15 months<br>
- Discussing unifying EV and non-EV code-signing certificates
into just one type<br>
- Still finalizing F2F agenda, expect to discuss the topics
above<br>
- Dimitris points out that the CSBRs reference a specific
version of the NetSec requirements, and will also have to do a
ballot to update that version<br>
<br>
<b>Forum Infrastructure Subcommittee update (Jos Purvis)<br>
</b>- Working through issues with mailing lists, considering
upgrading mailman<br>
- Ran an experiment to convert a list to Google Groups, which
mostly works, but involves rewriting headers<br>
- One solution would be to change MX records and do all mail
delivery via Google, but would likely result in a temporary
disruption of mail delivery<br>
- Intend to create a test plan to propose to all other working
groups<br>
- Lots of documentation work, which is a Forum-wide effort<br>
- Intend to set up the IPR Subcommittee on Google Groups as a
test subject, since it is intended to be a short-lived group<br>
<br>
<b>S/MIME Certificate Working Group update (Stephen Davidson)<br>
</b>- Ballot SMC-06 exits IPR at the end of this week, has
effective date in September<br>
- Upcoming ballot to create parity with recent BRs logging
changes<br>
- Some concerns about shorter validity periods from smartcard
providers due to more difficult provisioning<br>
- New certificate consumer member: Posteo, a webmail provider<br>
<br>
<b>NetSec Working Group update (Clint Wilson)<br>
</b>- Ballot NS-03 is in IP Review period<br>
- Ballot to update Section 4 still being workshopped,
particularly for clarity around cadence/timelines of things
like penetration tests<br>
<br>
<b>IPR Subcommittee update (Ben Wilson)<br>
</b>- Ballot FORUM-022 would establish this new subcommittee<br>
- Ballot is currently in discussion period, no comments so far<br>
<br>
<b>Bylaws update preparation (Dimitris Zacharopoulos)<br>
</b>- No update<br>
<br>
<b>F2F#62 agenda preparation (Dimitris Zacharopoulos)<br>
</b>- KeyFactor will not be able to present their plans for a
linting engine<br>
- Still soliciting additional topics<br>
<br>
<b>Any other business<br>
</b>- Trevoli Ponds-White reports that Amazon has been asked
to move the October F2F from Oct 1-3 to Oct 8-10, due to a
major holiday<br>
<br>
<b>Next meeting<br>
</b>- May 23 (not cancelled)<br>
- Will start 1 hour after the ServerCert WG call would
normally start<br>
<br>
<b>Meeting adjourned</b><br>
</div>
</div>
</div>
</body>
</html>