<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Georgia;
panose-1:2 4 5 2 5 4 5 2 3 3;}
@font-face
{font-family:"Times New Roman \(Body CS\)";
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
h2
{mso-style-priority:9;
mso-style-link:"Heading 2 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:18.0pt;
font-family:"Calibri",sans-serif;}
h3
{mso-style-priority:9;
mso-style-link:"Heading 3 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:13.5pt;
font-family:"Calibri",sans-serif;}
h4
{mso-style-priority:9;
mso-style-link:"Heading 4 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.Heading2Char
{mso-style-name:"Heading 2 Char";
mso-style-priority:9;
mso-style-link:"Heading 2";
font-family:"Calibri Light",sans-serif;
color:#2F5496;}
span.Heading3Char
{mso-style-name:"Heading 3 Char";
mso-style-priority:9;
mso-style-link:"Heading 3";
font-family:"Calibri Light",sans-serif;
color:#1F3763;}
span.Heading4Char
{mso-style-name:"Heading 4 Char";
mso-style-priority:9;
mso-style-link:"Heading 4";
font-family:"Calibri Light",sans-serif;
color:#2F5496;
font-style:italic;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Georgia",serif;
color:windowtext;
font-weight:normal;
font-style:normal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:779837541;
mso-list-template-ids:2119188760;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:1439065093;
mso-list-template-ids:-511516796;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-family:"Georgia",serif'>Published!<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Georgia",serif'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:Consolas;color:black'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:9.0pt;font-family:Consolas;color:black'>-- <br>Jos Purvis (</span><a href="mailto:jopurvis@cisco.com"><span style='font-size:9.0pt;font-family:Consolas;color:#954F72'>jopurvis@cisco.com</span></a><span style='font-size:9.0pt;font-family:Consolas;color:black'>)<br>.:|:.:|:. cisco systems | Cryptographic Services<br>PGP: 0xFD802FEE07D19105 | Controls and Trust Verification</span><o:p></o:p></p></div><p class=MsoNormal><span style='font-family:"Georgia",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Georgia",serif'><o:p> </o:p></span></p><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:12.0pt;color:black'>From: </span></b><span style='font-size:12.0pt;color:black'>Servercert-wg <servercert-wg-bounces@cabforum.org> on behalf of CABF Server Cert WG <servercert-wg@cabforum.org><br><b>Reply-To: </b>"Dimitris Zacharopoulos (HARICA)" <dzacharo@harica.gr>, CABF Server Cert WG <servercert-wg@cabforum.org><br><b>Date: </b>Thursday, June 11, 2020 at 4:40 AM<br><b>To: </b>CABF Server Cert WG <servercert-wg@cabforum.org><br><b>Subject: </b>[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - May 28, 2020<o:p></o:p></span></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><p class=MsoNormal><br>These are the final Minutes of the Teleconference described in the subject of this message as prepared by Enrico Entschew (D-TRUST).<o:p></o:p></p><h2>Attendees (in alphabetical order)<o:p></o:p></h2><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (<span lang=DE><a href="http://SSL.com"><span lang=EN-US style='color:purple'>SSL.com</span></a></span>), Curt Spann (Apple), Daniel Rendon (<span lang=DE><a href="http://SSL.com"><span lang=EN-US style='color:purple'>SSL.com</span></a></span>), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Jos Purvis (Cisco Systems), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Quo Vadis), Taconis Lewis (US Federal PKI Management Authority), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Andrea Holland (SecureTrust).<o:p></o:p></p><h2>Minutes <o:p></o:p></h2><h3>1. Roll Call<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>The Chair took attendance. <o:p></o:p></p><h3>2. Read Antitrust Statement<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>The Antitrust Statement was read.<o:p></o:p></p><h3>3. Review Agenda<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Accepted without changes. <o:p></o:p></p><h3>4. Approval of minutes from previous teleconference<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Accepted without objections. Neil volunteered to take minutes next call.<o:p></o:p></p><h3>5. Validation Subcommittee Update<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Tim reported that the Subcommittee had a discussion about certificate profiles and the current strategy which is documented in a Google spreadsheet. The Google spreadsheet has an organized view of the requirements for a particular entry into a certificate coalesced into one spot. But its incomplete and the subcommittee is still working on that. Strategy is to go through the BRs line by line and comparing it to the spreadsheet and discussing the interesting topics that come up. They made it through section 7.1.2.2 C before they stopped. <br><br>Tim said that they found it very useful to have a new column Q in the spreadsheet which is where the requirements are put. They will continue going through the spreadsheet and updating it in two weeks.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>The draft minutes of that particular Subcommittee meeting are available at the following thread:<o:p></o:p></p><ul type=disc><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo1'><a href="https://lists.cabforum.org/pipermail/validation/2020-May/001478.html">https://lists.cabforum.org/pipermail/validation/2020-May/001478.html</a> <o:p></o:p></li></ul><h3>6. NetSec Subcommittee Update<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Neil reported that ballot SC28 is now open for discussion. He got some feedback from Ryan. Will respond to that very soon. Still crafting a ballot on removal for unnecessary accounts. Neil has got the text agreed, proposers and endorsers, so that the ballot should be ready to go very soon.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Similarly the SC has got the ballot to remove the secure zones terminology. Got a final text, Ben will propose that and a couple of endorsers are ready. Waiting for red line version to move forward.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>The pain points team still working on authentication controls. This is with regard to replacing section “2.k.” and amending “2.g.” of the NCSSRs and replacing this brute force lock out with another option.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Last meeting Bruce uncovered an ambiguous text in the NSRs. It will probably need a minor cleanup ballot just to make it clear that it's actually remote administrative access that was intended to be controlled, not access as a separate requirement. <br><br>The subcommittee had a long discussion on the availability requirements of OCSP. This was in reference to an outage that was reported on IdentTrust. The BRs have got a kind of vague reference to 24/7 availability and the group discussed it. It might be an additional requirement for CAs to publish their service level objectives (SLO) in the CPS under 4.10.2. in order to be able to demonstrate and test them and comply with this SLO. Currently no ballot text is ready. Discussion is ongoing. <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>The draft minutes of that particular Subcommittee meeting are available at the following thread:<o:p></o:p></p><ul type=disc><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo2'><a href="https://lists.cabforum.org/pipermail/netsec/2020-May/000347.html">https://lists.cabforum.org/pipermail/netsec/2020-May/000347.html</a><o:p></o:p></li></ul><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'>7. Ballot Status <o:p></o:p></h3><h4><u>Ballots in Discussion Period</u><o:p></o:p></h4><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>None.<br> </span><br><b><u>Ballots in Voting Period</u></b><br><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>None.</span><br><br><b><u>Ballots in Review Period</u></b><br><i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>SC29: System Configuration Management (Neil)</span></i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>.<b> Review period ends 15:00 UTC 7 June 2020</b>.<i> </i></span><o:p></o:p></p><h4 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><u>Draft Ballots under Consideration</u><o:p></o:p></h4><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Aligning the BRs with existing Browser Requirements </span></i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>(Ryan)<br>Ryan: Still waiting for feedback from the Mozilla communication, which will be expected on Monday, June 01, 2020.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Adriano raised a question about prohibiting subscriber key generation which is a Mozilla requirement. Ryan sent it out to the list. </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>If Microsoft and Apple are good with the draft and with Mozilla’s feedback it should be stable enough that everyone should be looking at it. Everybody is encouraged to provide feedback soon.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Dimitris asked if Ryan thinks about</span> setting some time aside to discuss for example during the face-to-face meeting in two weeks. <o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Ryan: There is a very long description in the draft about the proposed changes, that should cover everything. Repeating this topic at the face to face makes no sense.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Spring 2020 cleanup (Ryan)</span></i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'><br>Ryan: There are some discussions about what a known weak key means. There can be something that causes you to revoke a certificate. If it is known to be weak at the time when the certificate was issued it is called a known weak.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Ballot is trying to clarify the existing requirements which are causing ambiguities. Ryan got some feedback to the questions list which were reposted over the management list, so that everybody may have seen it. Some questions were about the CA root key generation, terminology of what a root CA key is and the applicability of these requirements to subordinated CA’s. </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>There is the consideration that in certain cases no external auditors are required as witnesses for the key generation ceremony for technically constrained SubCAs. However, this should be included in another ballot. </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Dimitris asked if Ryan plans on addressing the two categories (technically unconstrained and constrained SubCAs) separately. Ryan replied that section 6.1.1.1 applies to technically constrained SubCAs and it would be the goal to exempt them from that. However, </span>that would require a larger restructuring of this section to prevent a loophole. Section 6.1.1.3 must also be considered.<span style='color:black;background:white'> It will be a separate ballot to show that if the key is ever used in an unconstrained SubCA or an unconstrained root CA, the full auditing must go back to the time the key was generated. </span>It's close to the key lifecycle issue that Wayne presented about in Shanghai face to face 45.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Disclosures of data sources (Ryan)</span></i><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'><br>Ryan: The draft is right for discussion. It has been updated, as mentioned in the last call. There was feedback from Tim regarding what the sequencing of things look like and making sure that things like GitHub are permitted. There were some questions raised by Doug, mostly related to the scenario of if a CA does not restrict the type of registration number for that particular registration sources. Some registration sources document proactively what their serial number form is and some don't. It is just intended to clarify that there is an option for the CAs to disclose them.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Looking for endorsers. Microsoft might be willing to do that. Ryan thinks that the Ballot can be brought to a formal discussion period and to vote.<br><br><i>Updating BR Section 6.1.1.3</i><br>Chris: Appreciated the discussion Dimitris, Ryan and Tim had a couple weeks ago. After last call there is now a new language for the proposal that is likely to be accepted. Now the question is whether it should become a separate ballot or be part of the spring clarification and cleanup ballot. </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Ryan: Depends on what the languages is and how exciting that language changes are.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>Chris: Would like this to be decided before we look at the language.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Dimitris: There was a thread proposing very specific language on the public mailing list where Chris, Ryan, Corey and other people participated. Seems to be too complicated to fit in a cleanup or clarification ballot.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Chris: The discussion that Dimitris was referring to was incredibly valuable for our purpose. The language now takes all that into account.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Dimitris: Are you planning to post it to the list?<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Chris: Yes, ASAP.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><i><span lang=DE style='color:black;border:none windowtext 1.0pt;padding:0in;background:white'>SC 28</span></i><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Neil: The purpose is to modify the retention period of evidence, i.e. the duration of data storage for CAs. Thus, instead of a flat rate of 7 years for everything, data should be retained during the lifetime of the object (certificate) and for two years after the certificate has expired. The same applies to CA certificates. Logs should only be backed up for 2 years instead of 7 years, since their value is forensically limited.<o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Ryan has provided some valuable feedback. Most of it has to do with cleaning up the actual text but there was a couple of substantive and semantic issues. Next step: talk through with the NetSecTeam and getting back.<o:p></o:p></p><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'>8. Approval of F2F 50 Agenda<o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'>Dimitris: Removed empty slots. Now the wiki states that the server certificate working group should start on Wednesday at 11:30 am and end at 1:20 pm. On Thursday plenary starts at 10:00 am and ends at 11:40.</span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'> </span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'>If there are new topics to discuss they can be introduced at the beginning of each day.</span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'> </span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'>No objections to the agenda. Agenda is approved.</span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'><span style='font-size:12.0pt'> </span><o:p></o:p></h3><h3 style='mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in'>9. Any Other Business<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>No other business.<o:p></o:p></p><h3>10. Next call<o:p></o:p></h3><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>June 25, 2020 at 11:00 am Eastern Time.<o:p></o:p></p><h3><span lang=DE>Adjourned</span><o:p></o:p></h3></div></body></html>