[Cscwg-public] Final minutes of June 3,2021 CSCWG Call

Dean Coclin dean.coclin at digicert.com
Thu Jun 17 20:34:13 UTC 2021 

Attendees:

Andrea Holland

Atsushi Inaba

Bruce Morton

Corey Bonnell

Dimitris Zacharopoulos

Ian McMillan

Iñigo Barreira

Janet Hines

Robert Quinones

Sebastian Schulz

Tim Crawford

Tim Hollebeek

 

Minute-taker: Corey

 

Bruce read the anti-trust statement.

 

Previous meeting minutes were approved.

 

An email forwarded to the code signing management list concerning the
applicability of CAA-checking as part of application code signing-time
verification was discussed. The group agreed that this is out of the scope
for the working group currently, as CAs are unable to check CAA when
application code is signed by a key certified by the CA. It was agreed that
it could be addressed at some point as we focus more on signing services in
the future, as a signing service could perform such a check. It was also
agreed to re-send the message originally sent to the management list to the
public list so discussion can continue there.

 

The next topic was agenda and time allocation for the F2F meeting in two
weeks.

 

Agenda items:

    - Signing service models

    - Wrap up cleanup ballot

    - Subscriber key protection

    - Log retention ballot

    - Change to RFC 3647 and Pandocification

 

It was agreed to request 2 hours at the F2F for signing service discussion,
1 hour for cleanup ballot, and 1 hour for other items.

 

The next topic was the cleanup ballot, which was circulated to the list. The
plan is to make any final changes and bring to a vote in July. It was agreed
that the prohibition on certificate suspension will be removed from the
cleanup ballot. It was further agreed that suspension and revocation
services in general will be discussed in detail at a future bi-weekly
meeting.

 

The final topic was Ian's draft ballot for log retention. The ballot text is
based on the current TLS BRs with specific changes for code signing and
timestamping. Dimitris mentioned that the netsec-wg is also working in this
area, so we should review those changes. It was agreed that we would not
integrate this draft ballot in the cleanup ballot, but would potentially
have both ballots in the voting period simultaneously.

 

Meeting adjourned.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210617/292ca2e7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210617/292ca2e7/attachment-0001.p7s>

More information about the Cscwg-public mailing list