<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}
span.EstiloCorreo20
{mso-style-type:personal-reply;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:656155539;
mso-list-type:hybrid;
mso-list-template-ids:-1429167996 1771448032 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-weight:bold;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1
{mso-list-id:1810324793;
mso-list-template-ids:727729818;}
@list l1:level1
{mso-level-start-at:6;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2
{mso-list-id:1865434086;
mso-list-template-ids:1189118686;}
@list l2:level1
{mso-level-start-at:2;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l3
{mso-list-id:2135907917;
mso-list-template-ids:-432356038;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=ES link="#467886" vlink="#96607D" style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-left:36.0pt;text-indent:-18.0pt'><b><span lang=EN-US><o:p> </o:p></span></b></p><p class=MsoNormal style='margin-left:36.0pt;text-indent:-18.0pt'><b><span lang=EN-US>FINAL MINUTES OF SCWG September 12, 2024<o:p></o:p></span></b></p><p class=MsoListParagraph><span lang=EN-US><o:p> </o:p></span></p><ol style='margin-top:0cm' start=1 type=1><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><b><span lang=EN-US>Attendees</span></b><span lang=EN-US>: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (VikingCloud), Ben Wilson (Mozilla), Brianca Martin (Amazon), Bruce Morton (Entrust), Chad Dandar (Cisco Systems), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), David Kluge (Google), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Gregory Tomko (GlobalSign), Inaba Atsushi (GlobalSign), Iñigo Barreira (Sectigo), Jaime Hablutzel (OISTE Foundation), Ji Eun Seong (MOIS (Ministry of Interior and Safety) of the republic of Korea), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran Tummala (Microsoft), Llew Curran (GoDaddy), Luis Cervantes (GoDaddy), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Miguel Sanchez (Google), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Nicol So (CommScope), Nome Huang (TrustAsia), Paul van Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rollin Yu (TrustAsia), Scott Rea (eMudhra), Stephen Davidson (DigiCert), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Zermeno (SSL.com), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority)<o:p></o:p></span></li></ol><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><ol style='margin-top:0cm' start=2 type=1><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>The antitrust note well was read<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>The agenda was reviewed. Paul asked if we could talk about SC79 and this was added to the agenda. Dean asked if we could address the questions that came into the questions list. This will also be added.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Prior meeting minutes of August 29<sup>th</sup> were approved.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>MOIS associate membership: discussion on moving them to full member. They have met the attendance requirements, and it was confirmed that their root was present in Microsoft. Approval to move to full member granted.<o:p></o:p></span></li></ol><p class=MsoNormal style='margin-left:18.0pt'><span lang=EN-US>5a. Questions list issue: Clint agreed to provide a draft answer to the question about audit log retention. The answer was sent to the requestor and the questions list.<o:p></o:p></span></p><ol style='margin-top:0cm' start=6 type=1><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Issues/Topics to discuss: Inigo asked for F2F topics or presentations to discuss so they can be put on the agenda. <o:p></o:p></span></li><ol style='margin-top:0cm' start=1 type=a><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 459: “Add domain validation method to Certificate Profiles”. Clint believes this is still valuable and useful. Paul asked why this would be useful for subscribers? Clint said it was primarily to confirm to subscribers/domain owners, an awareness of how their certificates were verified. Also helpful to relying parties to understand what methods are being used and to what extent. This information can be kept very small in the subscriber certificate. Dimitris asked if this would allow for multi validation methods. Clint said this had been discussed. Trev asked if it could just be put in the precert but Clint suggested that would not be prudent. Corey said RFC 6962 would not allow it to be removed. It was agreed to add this to the F2F meeting topic list.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 461: “Minor grammatical error in 7.1.2.11.4 Subject Key Identifier”. Appears to have been included in the cleanup. Item closed.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 462: “Inconsistent document formatting (Markdown vs PDF)”. This was also in the cleanup ballot and closed.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 463: “Extra parenthesis in 7.1.2.7.4 Organization Validated”. For next cleanup ballot<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 465: “Incorrect reference in TLS BRs section 7.1”. For next cleanup ballot<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 466: “Unify sections regarding CAA”. Some changes made but Inigo will Aaron to confirm<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Github item 468: “Inconsistency in the use of the defined term “High Risk Certificate Request”. This is referring to the capitalization of this and how sometimes it’s lower case. This is the case with other terms as well. This has not been resolved. Need to clarify that the capitalized terms can be used in plural. Clint said to change the subject of this item to “Clarify that defined terms which are singular apply to usages of the term which are plural”. Nicol said this is not really necessary as it’s commonly understood in standards documents. Hence this item was closed.<o:p></o:p></span></li></ol><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Ballot Status:<o:p></o:p></span></li><ol style='margin-top:0cm' start=1 type=a><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Ballot 67: new version on MPIC has been sent to the list<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Other ballots: Ballot 76- Clarify and improve OCSP requirements. Ballot 78-Alignment of the DBA and assumed name. Ballot 71 – terms of use. <o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level2 lfo3'><span lang=EN-US>Ballot 79: Paul asked to discuss this. Dimitris commented that if both CAs are trusted, they should be allowed to use the any policy OID so that cross signing a root CA with another root CA should be treated with the same policy. Corey said that a complicating factor could be that if the issuing root CA was enabled for EV (as an example), then the other CA would inherit that status. Dimitris said you could add restrictions that would not include the EV policy OIDS. Corey thought CAs could get easily tripped up by this (if an agreement was not in place). Paul would like to see what Ben and Clint thought and sent something to the list. He would like to move forward with this ballot and hold back the creation of actual cross signing CAs today. Tadahiko warned that it might be so easy if this passes to find out what cross certificates exist for different organizations. It was decided to discuss this further at the F2F meeting, notwithstanding Paul’s current ballot. <o:p></o:p></span></li></ol><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Any other business: None<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Next call Sept 26<sup>th</sup>, same as the CA Day in Greece. It was decided to cancel that call.<o:p></o:p></span></li><li class=MsoListParagraph style='margin-left:0cm;mso-list:l0 level1 lfo3'><span lang=EN-US>Adjourn<o:p></o:p></span></li></ol><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p></div></body></html>