<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
h2
{mso-style-priority:9;
mso-style-link:"Heading 2 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:18.0pt;
font-family:"Calibri",sans-serif;
color:black;}
h3
{mso-style-priority:9;
mso-style-link:"Heading 3 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:13.5pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.Heading2Char
{mso-style-name:"Heading 2 Char";
mso-style-priority:9;
mso-style-link:"Heading 2";
font-family:"Calibri",sans-serif;
color:black;
font-weight:bold;}
span.Heading3Char
{mso-style-name:"Heading 3 Char";
mso-style-priority:9;
mso-style-link:"Heading 3";
font-family:"Calibri",sans-serif;
color:black;
font-weight:bold;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:816340191;
mso-list-type:hybrid;
mso-list-template-ids:849623670 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<h2><a name="_Hlk116919592">Minutes of SMCWG<o:p></o:p></a></h2>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">December 7, 2022<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">These are the Approved Minutes of the Teleconference described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.<br>
(Updated with correction to date from Dec 12 to Dec 7, and fixing links that had been transformed by mail client).<o:p></o:p></span></p>
<h3><span style="mso-bookmark:_Hlk116919592">Attendees <o:p></o:p></span></h3>
<h3><span style="mso-bookmark:_Hlk116919592"><span style="font-size:11.0pt;font-weight:normal">Adrian Mueller - (SwissSign), Ashish Dhiman - (GlobalSign), Ben Wilson - (Mozilla), Bruce Morton - (Entrust), Chad Ehlers - (IdenTrust), Clint Wilson - (Apple), Corey
Bonnell - (DigiCert), Dimitris Zacharopoulos - (HARICA), Don Sheehy - (CPA Canada/WebTrust), Eusebio Herrera - (AC Camerfirma SA), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Marco Schambach - (IdenTrust), Patrycja Tulinska - (PSW), Paul van
Brouwershaven - (Entrust), Pekka Lahtiharju - (Telia Company), Rebecca Kelley - (Apple), Renne Rodriguez - (Apple), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Tim Crawford - (CPA Canada/WebTrust), Tim Hollebeek - (DigiCert)</span></span><span style="mso-bookmark:_Hlk116919592"><o:p></o:p></span></h3>
<h3><span style="mso-bookmark:_Hlk116919592">1. Roll Call<o:p></o:p></span></h3>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="mso-bookmark:_Hlk116919592">The Roll Call was taken.<o:p></o:p></span></p>
<h3><span style="mso-bookmark:_Hlk116919592">2. Read Antitrust Statement<o:p></o:p></span></h3>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="mso-bookmark:_Hlk116919592">The Antitrust/Compliance Statement was read.<o:p></o:p></span></p>
<h3><span style="mso-bookmark:_Hlk116919592">3. Review Agenda<o:p></o:p></span></h3>
<h3><span style="mso-bookmark:_Hlk116919592">4. Approval of minutes from last teleconference<o:p></o:p></span></h3>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">NA<o:p></o:p></span></p>
<h3><span style="mso-bookmark:_Hlk116919592">5. Discussion <o:p></o:p></span></h3>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">The WG agreed to drop the planned teleconference for December 21. The January 4 meeting will tentatively go ahead, if only to confirm the effective date of the SBR and the pending availability of
audit criteria.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Stephen Davidson confirmed that the IP Review as underway until January 1 and at this time no essential claims had been filed.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Stephen questioned how the WG would like to handle future ballot dates, proposing a fixed schedule of dates which allowed for better planning by Certificate Issuers, and most importantly more orderly
communication with certificate users. He proposed 6 possible effective dates (15th of every-other month, starting in January). Bruce Morton said he thought two dates were probably adequate for most routine SBR updates, March 15 and September 15.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Dimitris Zacharopoulos commented that the CABF itself was looking at the same question at a forum level. Urgent updates could still be made as needed. Clint Wilson said he’d prefer that such a system
be tried informally before it became a formal policy of CABF. Don Sheehy said this would be helpful in aligning the WebTrust criteria annually, which is typically done at the end of year. Stephen summarized that there seemed to be support in SMCWG for the
idea of routine effective dates.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Tim Hollebeek noted that there probably would be errata that come up in the early new year as people look at SBR implementation – we already know of an improvement for EdDSA – so hopes people speak
up early if amendments should to be made.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">One example was raised by Bruce Morton, noting that the SBR require that info in the cert must come from a government agency – and this was carried through to Section 3.2.6 as the source for contact
details as a Reliable Method of Communication (RMOC). He noted that in the EVG there is an allowance for QIIS (third party databases) for address and phone info. Stephen noted that he was not opposed to using these for contact information to establish a
RMOC, but not for attributes that would be included in the certificate. The address attributes, if included, must match the registered entity reflected in the OrgID attribute. Tim and Bruce agreed to confer on a possible proposal.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Noting that he believed there was support for the use of CAA in S/MIME by enterprises, Stephen introduced the subject of CAA for “issuemail”.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraphCxSpFirst" style="margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk116919592">Certification Authority Authorization (CAA) Processing for Email Addresses, Draft-bonnell-caa-issuemail-00 at
</span><a href="https://datatracker.ietf.org/doc/draft-bonnell-caa-issuemail/"><span style="mso-bookmark:_Hlk116919592">https://datatracker.ietf.org/doc/draft-bonnell-caa-issuemail/</span><span style="mso-bookmark:_Hlk116919592"></span></a><span style="mso-bookmark:_Hlk116919592">
<o:p></o:p></span></li><li class="MsoListParagraphCxSpLast" style="margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo1">
<span style="mso-bookmark:_Hlk116919592">Draft CAA text for S/MIME BR at </span><a href="https://github.com/srdavidson/smime/blob/CAA/SBR.m"><span style="mso-bookmark:_Hlk116919592">https://github.com/srdavidson/smime/blob/CAA/SBR.m</span><span style="mso-bookmark:_Hlk116919592"></span></a><span style="mso-bookmark:_Hlk116919592"><o:p></o:p></span></li></ul>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Tim encouraged parties who support the use of CAA for S/MIME to join the IETF discussion at
</span><a href="https://mailarchive.ietf.org/arch/msg/spasm/chcrIZEit6HcdGyFGNzyiL7Dg6k/"><span style="mso-bookmark:_Hlk116919592">https://mailarchive.ietf.org/arch/msg/spasm/chcrIZEit6HcdGyFGNzyiL7Dg6k/</span><span style="mso-bookmark:_Hlk116919592"></span></a><span style="mso-bookmark:_Hlk116919592">.
He noted that we could also “go it alone” as was done for VMC but that the RFC approach allowed more detail to be provided on security considerations.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">Stephen noted that CAA if adopted would most likely take effect after the September effective date of the SBR v1.0.0. Dimitris commented that there are CAs that issue S/MIME that do not issue TLS,
and for whom CAA may be new, so any deadline should have adequate implementation time.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<h3 style="mso-margin-top-alt:1.0pt;margin-right:0in;margin-bottom:1.0pt;margin-left:0in">
<span style="mso-bookmark:_Hlk116919592">6. Any Other Business<o:p></o:p></span></h3>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_Hlk116919592">None<o:p></o:p></span></p>
<h3><span style="mso-bookmark:_Hlk116919592">7. Next call<o:p></o:p></span></h3>
<h3><span style="mso-bookmark:_Hlk116919592"><span style="font-size:11.0pt;font-weight:normal">Next call: tentative Wednesday, January 4, 2023 at 11:00 am Eastern Time<o:p></o:p></span></span></h3>
<h3><span style="mso-bookmark:_Hlk116919592"><span lang="DE">Adjourned</span></span><span style="mso-bookmark:_Hlk116919592"></span><o:p></o:p></h3>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
</div>
</body>
</html>