[cabfpub] Teleconference agenda - CA/B Forum - 2 May 2013

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Tue Apr 30 14:58:35 MST 2013


Ben - thanks for sending out the link to the NIST document.  I will miss the first 30 minutes of our call, so let me offer my thoughts on the NIST Reference Certificate Policy, http://csrc.nist.gov/publications/drafts/nistir-7924/draft_nistir_7924.pdf

I think it would be a mistake for the Forum to require members to edit their CPs/CPSs to match a NIST template.  I would say that none of the CA breaches to date are the result of inadequate CPs/CPSs as documents, and the more complex a CA's CPS becomes, the greater chance that it simply becomes wallpaper and won't be followed with any real fidelity.

On the other hand, I DO think it would be very valuable to analyze the NIST CP document for its substantive requirements, especially in security areas, and where appropriate strengthen the existing BRs and our draft Security Guidelines for later incorporation in updated the WebTrust / ETSI audit requirements.

Put another way, so long as we extract the best practices from the NIST document and put them in our CA requirements that are annually audited, I don't think there's any real need to include them in our CPSs (which are already dense enough and hard for the public to read).

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Tuesday, April 30, 2013 2:41 PM
To: public at cabforum.org
Subject: [cabfpub] Teleconference agenda - CA/B Forum - 2 May 2013

All,

Here is draft 1 of Thursday's agenda.  For approximately 20 minutes at the start of the meeting we will have a guest speaker presentation NIST/NSA on the NIST Reference CP.   It is available for review and comment here -- http://csrc.nist.gov/publications/PubsDrafts.html#NIST-IR-7924.

I will send this agenda out again tomorrow to the management list with any revisions and the dial-in information.  Thanks.

Sincerely yours,
Ben


Time

Start

Stop

Slot

Description

Notes / Presenters

(Thur) 2 May 2013

0:03

16:00

16:03

1

Roll Call



0:01

16:03

16:04

2

Agenda Review



0:20

16:04

16:24

3

Review Reference CP (NIST IR 7294)

Guest speakers from NIST/NSA will review and explain NIST IR 7294

0:02

16:24

16:26

4

Approve Minutes of 18 April 2013

Ben's Email on 23 April

0:10

16:26

16:36

5

Ballots -  Ballot 99 - Add DSA Keys closes on 3 May 2013 at 21UTC; follow-up on Ballot 89 - Guidelines for Processing EV; proposed Ballot ___ re:  OCSP responders that respond "good" to non-issued certificates



0:06

16:36

16:42

6

Other Announcements - Date Change for Ankara F2F (September 24-26); recent ITU Actions



0:10

16:42

16:52

7

NFC Forum proposal to revise "Signature Record Type Definition - Technical Specification" (NFCForum-TS-Signature_RTD-1.0)

Jeremy

0:10

16:52

17:02

8

Continued discussion of audit requirements / technical constraints for external subCAs



0:05

17:02

17:07

9

Mozilla Inclusion Policy and Suspension/CRLReason=certificateHold

Clarification needed - see email from Gerv on Mozilla dev security policy list 30 Apr. "Re: Update Mozilla policy regarding version 1.1.3 of the BRs?"

0:05

17:07

17:12

10

Any Other Business



0:01

17:12

17:13

11

Next call -- Thurs. May 16th



0:00

17:13

17:13

12

Adjourn





Additional Potential Topics to Discuss


Updating the CAB Forum Web Site


Collaborative work with other groups - IETF, etc.


Coordinating schedules for updates to Audit Criteria


OCSP Stapling and Must-Staple Efforts


Short-Form IPR Agreement


Code Signing Update


Baseline Requirement audit issues


Fixes and updates to BRs or EV Guidelines




<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20130430/a9de3845/attachment-0001.html 


More information about the Public mailing list