[cabf_netsec] NetSec Subcommittee Minutes 2022-02-01
Daniel Jeffery
djeffery at fastly.com
Wed Feb 2 00:12:35 UTC 2022
Clint Wilson leading the meeting.
Request a volunteer for minutes. Dan Jeffery volunteers.
Clint reads the antitrust statement
Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randal,
Christophe Bonjean, Clint Wilson, Corey Bonnell, Corey Rasmussen, Curt
Spann, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Israel
Ventura, Jillian Karner, Kati Davids, Martjin Katerbarg, Niko Carpenter,
Prachi Jain, Roman Fischer, Ruben Annemans, Thomas Connelly, Tim Crawford,
Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White
Discussion of minutes approval and request for changes, accepted by silence
Discussion of meeting time slots and the Doodle poll
-
opportunity given to add additional time slots
-
no suggestions
-
request to complete by next meeting
-
currently Monday at 0800 Pacific is leading
-
Clint will send a reminder if few responses are coming in
Cloud services subgroup has been meeting regularly and is completely
helpful work
-
shall we convert the cloud services subgroup into an official NetSec
subcommittee
-
Dan, Prachi and Trev voiced support
-
David was asked if he'd continue to lead it
-
he suggests changing the name to be a little more versatile
-
Trev suggests raising visibility into what the committee is doing for
those who don't attend
-
David is asked to summarize
-
we determined that current expectations assume a certain CA
architecture or design
-
this makes cloud services difficult or unclear within the current
NSR
-
this group is investigating how we could modify this to allow more
versatility while preserving security
-
have reviewed various aspects including audit frameworks, where
cloud services might be most useful, relationships between CA
and cloud
service provider
-
led to current effort which is focused on generating a better risk
assessment framework
-
Clint asks for any further questions on what the subcommittee is
trying to accomplish - none
-
do we need a ballot
-
discussion of why we'd want a ballot
-
Trev raises "why do it if we don't have to"
-
Ben points out that having a set of specific expectations and
purposes seems worthwhile
-
general consensus seems to be that it's worth doing a ballot
-
discussion of whether we should continue meeting until ballot is
complete
-
general consensus is that meetings should continue
-
Tobias checks the server cert WG practice on this and
determines there is nothing clearly written
-
Clint will create the ballot, Trev will endorse
Request for any comments on Ballot NS-001: Adopt Network and Certificate
System Security Requirements
-
no comments were offered
Vote on David Kluge for vice-chair raised by Ben Wilson
-
David is willing, Clint presents and Ben seconds
-
no opposition, multiple 'thumbs up'
Prachi raises that she has a change to the NSRs which will need a ballot
-
someone else needs to shepard through Prachi's change as Fastly is only
an interested party
-
we will wait until after the NSR is voted on
-
Ben and Clint offer to take it at that time, if no one else is willing
Closed meeting early with reminder to vote and provide feedback in Doodle
poll
--
*Daniel Jeffery* | TLS
fastly.com | @fastly <https://twitter.com/fastly> | LinkedIn
<http://www.linkedin.com/company/fastly>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20220201/e844d98e/attachment-0001.html>
More information about the Netsec
mailing list