[cabfpub] Final Minutes for CA/Browser Forum Teleconference - April 18, 2019

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Fri May 3 11:40:44 UTC 2019


These are the final Minutes of the Teleconference described in the 
subject of this message.


    Attendees (in alphabetical order)

Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin 
(Digicert), Devon O'Brien (Google), Dimitris Zacharopoulos (HARICA), 
Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico 
Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), 
Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco 
Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), 
Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly 
(Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter 
(SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi 
(Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim 
Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt 
(SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI 
Management Authority).


    Minutes


      1. Roll Call

The Chair took attendance


      2. Read Antitrust Statement

The Antitrust Statement was read


      3. Review Agenda

Today's Agenda was approved.


      4. Approval of minutes from F2F 46 and previous teleconference

The minutes from the previous teleconference were approved and will be 
circulated to the public list.

The minutes from F2F 46 will be considered for approval at the next 
teleconference.


      5. Forum Infrastructure Working Group update

Jos reported that the wiki will migrate to the new instance between May 
6 and May 10. During that time, the wiki will be switched to read-only 
mode so we don't get into a split-brain situation. Members should be 
aware of this and proceed with any wiki updates (like registering for 
the F2F in Thessaloniki) before May 6th.

For the mailers, there is a plan to further discuss the migration 
process so that it is as smooth as possible. The most critical part is 
to maintain the integrity of the list archive. Jos recommended to 
Members who have ballots in Discussion Period, to NOT START the Voting 
Period within the week of May 6th. No voting should take place during 
that week to avoid unexpected behavior by the mailers.

In regards to Document Management, we have made progress with trying 
pandoc as a conversion mechanisms from Markdown to HTML, DOCX and PDF. 
This tool was able to resolve several existing issues with the current 
conversion mechanism and is able to produce a cover page, page numbers 
and a table of contents getting pretty close to what we publish today on 
the public web site.

We also discussed about the ability to make editorial/formatting changes 
to the GitHub repository. These are changes that don't change the 
contents but just the formatting. We already configured the repo to 
require 4-eye principle so every recommended change needs to be reviewed 
by another authorized repo maintainer. if anyone has concerns about 
these changes, a subscription to GitHub will enable "notifications" to 
be sent everytime there is a recommended change to master and raise 
concerns if something needs to be balloted. We also proposed a policy to 
delay 3 days before merging any formatting change, giving a chance for 
members to object if they think there is something concerning about the 
merge. Before changing from Kramdown/weasy-print to pandoc, we will 
probably ballot these formatting changes because they change the layout.

Finally, the Infrastructure Working Group discussed about compute power 
that is currently missing. Jos will contact Dave Blunt from Amazon.


      6. Code Signing Working Group update

Dean reported that the CSCWG had a call last week. There are several 
candidate members that are interested in becoming Certificate Consumers 
and large users of Code Signing Certificates in the category of 
Interested Parties. Qualcomm and Intel have expressed interest of 
joining so we are working with them to navigate through the IPR process.

The WG also agreed to proceed with updating the EV Code Signing 
Guidelines, while we are in the process of adopting the Minimum 
Requirements for Code Signing as a formal Forum document. The WG was 
advised by Dimitris that the new guideline would require a 60-day IPR 
review period because it is a new guideline and not a maintenance guideline.

The WG is also collecting and processing possible improvements to the 
document so when the Guideline is approved, these changes will have 
already been discussed.

Members of the WG will continue to solicit members from the Certificate 
Consumer category.


      7. Follow-up on new S/MIME WG Charter


Dean reported that the intent was to have a ballot to establish the WG 
before the F2F in Thessaloniki. Dimitris mentioned that more people can 
assist if necessary. The S/MIME WG Charter would be using the Code 
Signing WG Charter as a template. We have already identified some of the 
challenges specific to the S/MIME WG but we could start the discussion 
period starting from a first draft charter. Tim agreed and said we would 
have something out in the next few weeks.


      8. Expectations for Hosting a F2F meeting

Dimitris sent out a message to the management list with a link to a 
Google Document that contains recommendations and expectations for 
members that volunteer to host a F2F meeting. It was discussed whether 
we should ballot this as an "official" procedure for Members that plan 
on hosting a F2F meeting. The consensus was to keep this document on the 
wiki and use it as guidance for candidate hosts. The document will be 
linked to the wiki. Peter Miskovic from Disig, hosting the F2F in March 
2020 found it very useful.

Dean recalled some past discussions when Dimitris had thoughts about 
setting certain criteria for inviting Guests at F2F meetings. Currently 
the Bylaws give full discretion to the Chair for invitations. If this 
was to be somehow formulated, it would probably need to enter in the 
Bylaws and balloted. Dimitris said that this is a different topic and 
plans on discussing it in the future.


      9. Any Other Business

Peter Miskovic mentioned that the F2F 49 in Bratislava will take place 
February 18-20.


      10. Bylaws and existing Server Certificate Working Group Charter
      update


Wayne sent a redline of the updated Bylaws and SCWG. Since this ballot 
includes several changes, it is very difficult to create the "Ballot 
language" and since there is a precedent with ballot 206, Wayne will 
send a complete new version of the Bylaws and the SCWG Charter and a 
redline for each of those, and Members will need to vote based on that 
information. Another option would be to create a PDF and attach that in 
the ballot.

Wayne asked the group if there are any objections to having a ballot in 
which the language of the motion itself points to GitHub for the changes 
that are being voted on. No objections were raised on the call so Wayne 
will proceed with that plan and members can still object when the 
discussion period starts. He already has one endorser (Dimitris) and is 
looking for another member willing to endorse.


      11. Next call

May 2, 2019 at 11:00 am Eastern Time.


      Adjourned


      *F2F Meeting Schedule: *

  * 2019: June 11-13, 2019 – Greece (HARICA), October 28-31– Guangzhou
    (GDCA)
  * 2020: Feb18-20 Bratislava (Disig), June – Minneapolis (OATI),
    October – Tokyo (GlobalSign)
  * 2021: Feb-March Dubai (DarkMatter), June – Poland (Asseco-Certum),
    October [Open]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20190503/e6cf2b7a/attachment.html>


More information about the Public mailing list