[cabfpub] FINAL Minutes of CA/B Forum meeting of July 7th

[Dean Coclin]

FINAL MINUTES

 

Attendees: Andrew Whalley (Google), Anuj Saxena (Network Solutions), Atsushi
Inaba (Globalsign), Ben Wilson (Digicert), Billy VanCannon (Trustwave),
Bruce Morton (Entrust), Curt Spann (Apple), Dean Coclin (Symantec), Geoff
Keating (Apple), Kirk Hall (Entrust), Li-Chun Chen (Chunghwa Telecom), Mads
Henriksveen (BuyPass), Michele Coon (OATI), Peter Bowen (Amazon), Peter
Miscovic (Disig), Rick Andrews (Symantec), Robin Alden (Comodo), Ryan Sleevi
(Google), Sissel Hoel (BuyPass), Tim Shirley (Trustwave), Tyler Myers
(GoDaddy), Virginia Fournier (Apple), Wayne Thayer (GoDaddy). 

 

 

1.                   Roll Call completed.

 

2.                   Antitrust Statement was read by Dean

 

3.                   Agenda Reviewed - no changes

 

4.                   Minutes of F2F of June 23, 2016 - Minutes were approved
and will be posted to the public list.  Reinstatement of SECOM membership:
SECOM signed the new IPR policy and their membership was reinstated. 

 

5.                   Ballot Status: Ballot 164 is in the voting period and
it appears it will pass. Ballots 171 and 172 had both passed last week.
Jeremy was not on the call to discuss the SRV ballot but Peter said the
"underscore" proposal had been removed. The ballot also had the IDN portion
removed and would be addressed separately. 

 

6, 7.        Quantum Computing: Topic was not discussed as Philip was not on
the call. It was suggested that Philip send something out to the list.

 

8.            Comsign membership application: Ryan sent some questions to
Bryan Walker of AICPA regarding this application. Acceptance of this
application was tabled until Bryan's response can be reviewed. The questions
revolved around the version of the WebTrust audit that was used. Further
updates will be given on the next call.

 

9.            Governance Change WG: A face to face meeting has been
scheduled on August 10th in the Bay area. Ben will send out minutes from the
latest call. The group is still discussing the primary goals to insure we go
down the right path. Everything from doing nothing to a full blown reform
are being considered. Things like IPR, participation and sub groups are
being discussed. Kirk had written up a summary on the various positions on
the last call and is looking for feedback from participants. Dean said the
F2F meeting is open to all members. In addition, we may invite outside
participants that have experience in this area to share their expertise. 

 

10.          Validation Working Group: Kirk said the ballot is "ready to go"
and is discussing the best way to put it forward. Peter concurred that the
work was complete and a red line version should be published soon. 

 

11.          IPR Update: Cisco was not on the call but Dean had heard from
Jos who said there were no updates other than they are continuing to have
their legal review it. Ben said further changes to IPR should be tabled
until we know what is going to happen with governance change. 

 

12.          Policy Review WG: Discussion about the state/locality proposal
from Li-Chun continues in the working group. Li-Chun will update his
proposal. Kirk asked if a general rule can be written rather than writing up
a list of specific countries. Ben said that had not been discussed. 

 

13.          Information Sharing WG: Ben said activity in this group is
waning and asked if it should continue. Complications arose about different
jurisdictions and things like antitrust law which are impeding progress.
Dean suggested a meeting at the next F2F to review the goals and where the
group stands before deciding what to do. Ben concurred. Dean will add to the
next F2F agenda. 

 

14.          Other Business: Dean encouraged members to register for the
fall meeting on the wiki. He reminded everyone that hotel rates had spiked
and people should reserve a room now to lock in a good rate. 

 

Dean advised that one company will likely come forward to request a SHA-1
exception. He asked whether there will be a lessons learned document after
exception requests are reviewed. Ryan agreed that something should be
written but given that we don't know what the data patterns collected would
look like, it would be hard to describe exactly what we should write up. He
said the info is relevant and valuable but the report is contingent on how
many and what patterns emerge. Bruce wondered if we should do a post mortem
on migrating from SHA-1 with this data as input to the report. Dean
suggested we have a session at our next F2F meeting in October to review the
results and see if we can prepare such a report.

 

15.          The next call is on July 21st.

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160721/17199dda/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5723 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160721/17199dda/attachment.p7s>