<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:"Yu Gothic";
        panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"\@Yu Gothic";
        panose-1:2 11 4 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;
        mso-ligatures:standardcontextual;
        mso-fareast-language:EN-US;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        mso-add-space:auto;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;
        mso-ligatures:standardcontextual;
        mso-fareast-language:EN-US;}
p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst
        {mso-style-priority:34;
        mso-style-type:export-only;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        mso-add-space:auto;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;
        mso-ligatures:standardcontextual;
        mso-fareast-language:EN-US;}
p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle
        {mso-style-priority:34;
        mso-style-type:export-only;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        mso-add-space:auto;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;
        mso-ligatures:standardcontextual;
        mso-fareast-language:EN-US;}
p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast
        {mso-style-priority:34;
        mso-style-type:export-only;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        mso-add-space:auto;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;
        mso-ligatures:standardcontextual;
        mso-fareast-language:EN-US;}
span.EmailStyle20
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;
        mso-ligatures:none;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:442727045;
        mso-list-type:hybrid;
        mso-list-template-ids:1957301288 134807553 134807567 134807557 134807553 134807555 134807557 134807553 134807555 134807557;}
@list l0:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level2
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l0:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level5
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l0:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l0:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level8
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l0:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l1
        {mso-list-id:562372502;
        mso-list-template-ids:-284265442;}
@list l1:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l1:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l1:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l2
        {mso-list-id:598024656;
        mso-list-template-ids:-1348988820;}
@list l2:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l2:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:"Courier New";
        mso-bidi-font-family:"Times New Roman";}
@list l2:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l2:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3
        {mso-list-id:769929418;
        mso-list-template-ids:-795581160;}
@list l3:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level2
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l4
        {mso-list-id:1531915126;
        mso-list-template-ids:873204862;}
@list l4:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l4:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:"Courier New";
        mso-bidi-font-family:"Times New Roman";}
@list l4:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l4:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l5
        {mso-list-id:1755397088;
        mso-list-template-ids:-1862652098;}
@list l5:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level2
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l5:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link="#0563C1" vlink="#954F72" style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Here are the </span><span lang=EN-IN style='mso-ligatures:none;mso-fareast-language:EN-GB'>approved<span style='color:#212121'> minutes for the 2023-10-19 Validation-sc meeting, as taken by Scott Rea (thanks!).<o:p></o:p></span></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:11.0pt;mso-ligatures:none;mso-fareast-language:EN-GB'><o:p> </o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Roll call<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Aaron Poulsen (Amazon), Abhishek Bhat (eMudhra), Andrea Holland (VikingCloud), Ben Wilson (Mozilla), Bruce Morton (Entrust), Cade Cairns (Google), Chris Clements (Google), Clint Wilson (Apple), Corey Bonnell (DigiCert), Corey Rasmussen (OATI), David Kluge (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Janet Hines (VikingCloud), Michael Slaughter (Amazon), Michelle Coon (OATI), Nargis Mannan (VikingCloud), Nate Smith (GoDaddy), Rebecca Kelley (Apple), Rollin Yu (TrustAsia Technologies, Inc.), Ryan Dickson (Google), Scott Rea (eMudhra), Stephen Davidson (DigiCert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority)<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Note well read<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Approval of minutes<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Minutes for the F2F meeting (Oct 4<sup>th</sup> ) session that were distributed to management list a week ago, were approved.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Next meeting<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Next meeting planned for Nov 2<sup>nd</sup> and Corey will be traveling, so Wayne will lead the discussion</span><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'><o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Review of Agenda<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Approved<o:p></o:p></span></p><ul type=disc><li class=MsoNormal style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l4 level1 lfo3'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Update from MPIC team (Ryan & Chris)<o:p></o:p></span></li><li class=MsoNormal style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l4 level1 lfo3'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Update from domain validation threat modelling team (Slaughter)<o:p></o:p></span></li><li class=MsoNormal style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l4 level1 lfo3'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Revisit project items on backlog/tracking on Git Hub to prioritise what to work on next<o:p></o:p></span></li></ul><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Update from MPIC team<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Ryan gave the update. 2nd endorser (Wayne) has been obtained so ballot has now been created: SC-067 Require Multi-Perspective Issuance Corroboration. Currently fielding and adjudicating comments on Git Hub in respect to proposed modification to the draft. Ryan going on paternity leave (congrats) so GH account for this purpose will transition to Chris (as an FYI for those seeking it’s location). Plan is to capture a clear draft that includes/addresses the comments/edits to date across the pre-ballot work.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Update from domain validation threat modelling team<o:p></o:p></span></b></p><p class=MsoNormal><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Michael explained that the threat modelling Tiger Team presented results for delegated domain validation at the F2F which generated wonderful discussion and feedback, so now next step is to move on to actual language modifications. Its anticipated there will be 2 tracks: a) modifications to existing methods; b) introduction of a new validation method.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'><o:p> </o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>A Google Doc will be created with proposed language based on discussion and comments/feedback solicited for track (a). Track (b) is anticipated to be a longer process and invitations or expressions of interest in participating in that were sought from the group. NOTE: link to report will be circulated appropriately once permissions are validated.</span><span lang=EN-IN style='font-size:10.5pt;font-family:"Times New Roman",serif;mso-ligatures:none;mso-fareast-language:EN-GB'><o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Parked/Backlog items<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Corey leads this review:<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:11.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>In-Progress Items<o:p></o:p></span></b></p><ul type=disc><li class=MsoNormal style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo6'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>3 Items in In-Progress list (#366, #359, #362) are all progressing well<o:p></o:p></span></li><li class=MsoNormal style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo6'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>#366 Improving Requirements where CA is the Applicant/Subscriber – one of the items being talked about is the “servicer”, and of course #366 kicked off other separate items in our list<o:p></o:p></span></li></ul><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:11.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>On-Deck Items<o:p></o:p></span></b></p><ul type=disc><li class=MsoListParagraphCxSpFirst style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>#353 Define standard CAA semantics for limiting cert issuance – 3 different types of potential restrictions envisioned. After Discussion of individual items (below) it was decided not to split this into 3 separate items just yet, but to evaluate and prioritise them as a group, and decide if splitting out is relevant after sufficient consideration and discussion.<o:p></o:p></span></li><ol start=1 type=1><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level2 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>DCV method – to specify which methods should be allowed, could be placed with random value in DNS TXT record. <o:p></o:p></span></li><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level2 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Account Identifier – Only the specified CA account can make the request<o:p></o:p></span></li><ul type=square><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Dimitris: Concern over potential for applicant to lock themselves out of being able to get a cert (like pinning created previously). Better the Identifier is used only as a preference.<o:p></o:p></span></li><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Slaughter: Do we have any historical data about lockouts when CAA was introduced? (any lock outs were resolved quickly)<o:p></o:p></span></li><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Corey: there is an RFC (8657) for CAA records related to ACME that defines Account ID and main validation methods. No reason it can’t be generalized beyond ACME.<o:p></o:p></span></li><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Scott: Concern over potential leakage of private info if Acct ID is not constructed appropriately. Take away is to go read the RFC.<o:p></o:p></span></li><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Ryan: Would Forum draft recommendations on this or funnel things through the RFC? Suggested approach for us to make recommendations on which methods in the RFC Should or Shall be utilized and leave the definition language in the RFC itself.<o:p></o:p></span></li></ul><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level2 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Cert type (DV/IV/OV/EV) – only the specified cert type can be requested<o:p></o:p></span></li><ul type=square><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level3 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>Scott: Was the intention to have globally defined types or is each implementation CA-specific? That level of detail has not been discussed at this point.<o:p></o:p></span></li></ul></ol><li class=MsoListParagraphCxSpMiddle style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>#153 Clarify validation requirements for .arpa. Proposed to sunset this issue since there are no logged recent issuance of these. Suggestion to specify them as no longer publicly trusted and sunset this item. Volunteers to shepherd this one through are called for – it would be a good exercise for newbie’s to cut their teeth on because it should not be too onerous.<o:p></o:p></span></li><li class=MsoListParagraphCxSpLast style='color:#212121;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:0in;mso-add-space:auto;mso-list:l0 level1 lfo9'><span lang=EN-IN style='font-size:10.5pt;mso-ligatures:none;mso-fareast-language:EN-GB'>#448 CAA checking for Onion Domain Names – Discussion on this item leads to the outcome to delay any dealing with this for now until it become relevant (when other work on Onion related stuff is complete).<o:p></o:p></span></li></ul><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'><o:p> </o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:11.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Backlog Items<o:p></o:p></span></b></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>#457 Amend 3.2.5 to not require IV validation for DV – This came out of analysis of BRs and there is conjecture over whether there is an issue or not. Expected to be a fast resolution, so decision to move it to In-Progress list.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>#351 Peter’s register challenge-response validation method (“Method 13”) in validation summit document – (originally raised by Peter Bowen – Amazon) Discussion centered around situation where CA is also a Registrar. Some discussion regarding whether this would constitute creating a Method 13 or not or whether it was just a mod of Method 12 – but if 12 is deprecated then it could indeed become a new Method 13 in the doc (since 12 does not have challenge-response). Path forward was to have existing registrars to discuss to see if there is value in promoting this still.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span lang=EN-IN style='font-size:10.5pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>#352 Require DNSSEC validation for CAA records when the domain is DNSSEC enabled – This item may become superfluous as MPIC may negate the need for the original reason this was raised. Decision to leave this item in the Backlog until MPIC work is completed and then revisit.<o:p></o:p></span></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><b><span lang=EN-IN style='font-size:14.0pt;color:#212121;mso-ligatures:none;mso-fareast-language:EN-GB'>Adjourned<o:p></o:p></span></b></p><p class=MsoNormal><span style='font-size:11.0pt;mso-fareast-language:JA'><o:p> </o:p></span></p></div></body></html>