[cabfpub] Agenda for first Network Security Working Group meeting

Kirk Hall Kirk.Hall at entrustdatacard.com
Tue Jun 27 16:28:02 MST 2017


Here is a draft Agenda for the first Network Security Working Group meeting on Thursday, June 29 at 9:00 am Pacific / 12:00 noon Eastern / 16:00 UTC.  I'm sending this via the Public list because not all of the WG volunteers are yet included on the new netsec WG mailing list.  Future agendas will only be sent to the WG list.

AGENDA FOR NETWORK SECURITY WORKING GROUP MEETING (June 29, 2017)


1.       Call to order - Kirk Hall, WG Chair pro tem

2.       Call for nominees, election of Chair/Co-Chair - Kirk Hall, Chair pro tem



[The balance of the meeting will be conducted by the new Chair / Co-Chairs]



3.       Approval of Agenda

4.       Review of Network Security Working Group charter (see Ballot 203 below)

5.       Discussion of possible approaches, including but not limited to:

a.       Eliminate NetSec Requirements entirely

b.      Short-term "Patch" of existing NetSec Requirements while considering long-term solution

c.       Long-term rewrite of existing NetSec Requirements

d.      Long-term rewrite of requirements using alternative model(s) as a starting point

e.       Preferred style of new NetSec Requirements - detailed and prescriptive, or goal based but with CA discretion?

6.       Possible alternative models:

a.       CIS Critical Security Controls https://www.cisecurity.org/controls/

b.      Other existing models

7.       Auditability considerations

8.       Timelines - milestones, goals for completion

9.       Next steps

[See Attachments]

*****



Ballot 203: Formation of Network Security Working Group (v2)



In accordance with Section 5.3 of the CA/B Forum Bylaws, the chartering of a new Working Group requires a ballot. This ballot charters the Network Security Working Group.

The CAB Forum's Network Security Guidelines were adopted in August 2012 but have not been updated since. Significant doubts have been raised as to their fitness for purpose in 2017. Therefore, the Working Group's charter will be as follows:

Scope

1. Consider options for revising, replacing or scrapping the Network Security Guidelines.

Deliverables

1. A report with one or more proposals for the future of the Network Security Guidelines.

2. For proposals involving replacement, details of the availability and applicability of the proposed alternative, and what modifications if any would be needed to it in order to make it suitable for use.

3. For proposals involving revision, details of the revisions that are deemed necessary and how the document will be kept current in the future.

4. For proposals involving scrapping, an explanation of why this is preferable to either of the other two options.

5. If there are multiple proposals, optionally a recommendation as to which one to pursue and an associated timeline.

6. A form of ballot or ballots to implement any recommendations.

Expiry

The Working Group shall expire once the deliverables have been completed, or on 2018-06-19, whichever happens first.

The expiry date given above shall be automatically postponed by 1 year on 2018-05-19 ("postponement date") and each anniversary of the postponement date thereafter unless three or more members separately or jointly request on the Public Mail List, within one month prior to a particular postponement date, that expiry of this Working Group not be postponed in that instance.

Members as of June 27:



Name

Company

1

Zhang Yi

CFCA

2

Sun ShengNan

CFCA

3

Jos Purvis

Cisco

4

Phillip Hallam-Baker

Comodo

5

Robin Alden

Comodo

6

Janet Treasure

CPA Canada

7

Jeremy Rowley

DigiCert

8

Kirk Hall

Entrust

9

Bruce Morton

Entrust

10

Xiu Lei

GDCA

11

Doug Beattie

GlobalSign

12

Wayne Thayer

GoDaddy

13

Ryan Hurst

Google

14

Dimitris Zacharopoulos

HARICA

15

Aleksei Ivanov

LeaderTelecom B.V.

16

Mike Reilly

Microsoft

17

Tom Ritter

Mozilla

18

Christian Heutger

PSW GROUP GmbH & Co.

19

Cui Jiuqiang

SHECA

20

Chen Luoqi

SHECA

21

Moudrick Dadashov

SSC

22

Colin McIntyre

Symantec

23

Steve Medin

Symantec

24

Dean Coclin

Symantec

25

Neil Dunbar

Trustcor

26

Tim Hollebeek

Trustwave

27

Tim Shirley

Trustwave

28

Don Sheehy

WebTrust

29

Tony Rutkowski

Yaana Technologies LLC


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Network_Security_Controls_V1.pdf
Type: application/pdf
Size: 53322 bytes
Desc: Network_Security_Controls_V1.pdf
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0004.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CAB Forum Network Security Controls-June-2017.xlsx
Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Size: 32346 bytes
Desc: CAB Forum Network Security Controls-June-2017.xlsx
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0002.xlsx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CAB Forum Network Security Controls-June-2017.pdf
Type: application/pdf
Size: 197031 bytes
Desc: CAB Forum Network Security Controls-June-2017.pdf
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0005.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CABForum_Network_Security_Controls.doc
Type: application/msword
Size: 102912 bytes
Desc: CABForum_Network_Security_Controls.doc
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0001.doc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC Prin Mapping to NSR and WTCA.PDF
Type: application/pdf
Size: 119906 bytes
Desc: CSC Prin Mapping to NSR and WTCA.PDF
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0006.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC Prin Mapping to NSR and WTCA.XLSX
Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Size: 18383 bytes
Desc: CSC Prin Mapping to NSR and WTCA.XLSX
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0003.xlsx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CSC-MASTER-VER61-FINAL.PDF
Type: application/pdf
Size: 1534761 bytes
Desc: CSC-MASTER-VER61-FINAL.PDF
URL: <http://cabforum.org/pipermail/public/attachments/20170627/487b233c/attachment-0007.pdf>


More information about the Public mailing list