[cabf_netsec] NetSec Subcommittee Minutes 2022-02-01

Daniel Jeffery djeffery at fastly.com
Wed Feb 2 00:12:35 UTC 2022

Clint Wilson leading the meeting.

Request a volunteer for minutes. Dan Jeffery volunteers.

Clint reads the antitrust statement

Attendees: Adam Jones, Antti Backman, Ben Wilson, Brittany Randal,
Christophe Bonjean, Clint Wilson, Corey Bonnell, Corey Rasmussen, Curt
Spann, Daniel Jeffery, Daryn Wright, David Kluge, Dustin Hollenback, Israel
Ventura, Jillian Karner, Kati Davids, Martjin Katerbarg, Niko Carpenter,
Prachi Jain, Roman Fischer, Ruben Annemans, Thomas Connelly, Tim Crawford,
Tobias Josefowitz, Tony Seymour, Trevoli Ponds-White

Discussion of minutes approval and request for changes, accepted by silence

Discussion of meeting time slots and the Doodle poll


   opportunity given to add additional time slots

      no suggestions

   request to complete by next meeting

      currently Monday at 0800 Pacific is leading

   Clint will send a reminder if few responses are coming in

Cloud services subgroup has been meeting regularly and is completely
helpful work


   shall we convert the cloud services subgroup into an official NetSec

      Dan, Prachi and Trev voiced support

   David was asked if he'd continue to lead it

      he suggests changing the name to be a little more versatile

      Trev suggests raising visibility into what the committee is doing for
      those who don't attend

      David is asked to summarize

         we determined that current expectations assume a certain CA
         architecture or design

         this makes cloud services difficult or unclear within the current

         this group is investigating how we could modify this to allow more
         versatility while preserving security

         have reviewed various aspects including audit frameworks, where
         cloud services might be most useful, relationships between CA
and cloud
         service provider

         led to current effort which is focused on generating a better risk
         assessment framework

      Clint asks for any further questions on what the subcommittee is
      trying to accomplish - none

      do we need a ballot

         discussion of why we'd want a ballot

            Trev raises "why do it if we don't have to"

            Ben points out that having a set of specific expectations and
            purposes seems worthwhile

            general consensus seems to be that it's worth doing a ballot

         discussion of whether we should continue meeting until ballot is

            general consensus is that meetings should continue

            Tobias checks the server cert WG practice on this and
            determines there is nothing clearly written

         Clint will create the ballot, Trev will endorse

Request for any comments on Ballot NS-001: Adopt Network and Certificate
System Security Requirements


   no comments were offered

Vote on David Kluge for vice-chair raised by Ben Wilson


   David is willing, Clint presents and Ben seconds

      no opposition, multiple 'thumbs up'

Prachi raises that she has a change to the NSRs which will need a ballot


   someone else needs to shepard through Prachi's change as Fastly is only
   an interested party

   we will wait until after the NSR is voted on

   Ben and Clint offer to take it at that time, if no one else is willing

Closed meeting early with reminder to vote and provide feedback in Doodle

*Daniel Jeffery* | TLS
fastly.com | @fastly <https://twitter.com/fastly> | LinkedIn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20220201/e844d98e/attachment-0001.html>

More information about the Netsec mailing list