[cabfpub] Final Minutes for CA/Browser Forum Teleconference - April 18, 2019
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Fri May 3 04:40:44 MST 2019
These are the final Minutes of the Teleconference described in the
subject of this message.
Attendees (in alphabetical order)
Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin
(Digicert), Devon O'Brien (Google), Dimitris Zacharopoulos (HARICA),
Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico
Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple),
Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco
Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom),
Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly
(Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter
(SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi
(Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim
Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt
(SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Antitrust Statement was read
3. Review Agenda
Today's Agenda was approved.
4. Approval of minutes from F2F 46 and previous teleconference
The minutes from the previous teleconference were approved and will be
circulated to the public list.
The minutes from F2F 46 will be considered for approval at the next
5. Forum Infrastructure Working Group update
Jos reported that the wiki will migrate to the new instance between May
6 and May 10. During that time, the wiki will be switched to read-only
mode so we don't get into a split-brain situation. Members should be
aware of this and proceed with any wiki updates (like registering for
the F2F in Thessaloniki) before May 6th.
For the mailers, there is a plan to further discuss the migration
process so that it is as smooth as possible. The most critical part is
to maintain the integrity of the list archive. Jos recommended to
Members who have ballots in Discussion Period, to NOT START the Voting
Period within the week of May 6th. No voting should take place during
that week to avoid unexpected behavior by the mailers.
In regards to Document Management, we have made progress with trying
pandoc as a conversion mechanisms from Markdown to HTML, DOCX and PDF.
This tool was able to resolve several existing issues with the current
conversion mechanism and is able to produce a cover page, page numbers
and a table of contents getting pretty close to what we publish today on
the public web site.
We also discussed about the ability to make editorial/formatting changes
to the GitHub repository. These are changes that don't change the
contents but just the formatting. We already configured the repo to
require 4-eye principle so every recommended change needs to be reviewed
by another authorized repo maintainer. if anyone has concerns about
these changes, a subscription to GitHub will enable "notifications" to
be sent everytime there is a recommended change to master and raise
concerns if something needs to be balloted. We also proposed a policy to
delay 3 days before merging any formatting change, giving a chance for
members to object if they think there is something concerning about the
merge. Before changing from Kramdown/weasy-print to pandoc, we will
probably ballot these formatting changes because they change the layout.
Finally, the Infrastructure Working Group discussed about compute power
that is currently missing. Jos will contact Dave Blunt from Amazon.
6. Code Signing Working Group update
Dean reported that the CSCWG had a call last week. There are several
candidate members that are interested in becoming Certificate Consumers
and large users of Code Signing Certificates in the category of
Interested Parties. Qualcomm and Intel have expressed interest of
joining so we are working with them to navigate through the IPR process.
The WG also agreed to proceed with updating the EV Code Signing
Guidelines, while we are in the process of adopting the Minimum
Requirements for Code Signing as a formal Forum document. The WG was
advised by Dimitris that the new guideline would require a 60-day IPR
review period because it is a new guideline and not a maintenance guideline.
The WG is also collecting and processing possible improvements to the
document so when the Guideline is approved, these changes will have
already been discussed.
Members of the WG will continue to solicit members from the Certificate
7. Follow-up on new S/MIME WG Charter
Dean reported that the intent was to have a ballot to establish the WG
before the F2F in Thessaloniki. Dimitris mentioned that more people can
assist if necessary. The S/MIME WG Charter would be using the Code
Signing WG Charter as a template. We have already identified some of the
challenges specific to the S/MIME WG but we could start the discussion
period starting from a first draft charter. Tim agreed and said we would
have something out in the next few weeks.
8. Expectations for Hosting a F2F meeting
Dimitris sent out a message to the management list with a link to a
Google Document that contains recommendations and expectations for
members that volunteer to host a F2F meeting. It was discussed whether
we should ballot this as an "official" procedure for Members that plan
on hosting a F2F meeting. The consensus was to keep this document on the
wiki and use it as guidance for candidate hosts. The document will be
linked to the wiki. Peter Miskovic from Disig, hosting the F2F in March
2020 found it very useful.
Dean recalled some past discussions when Dimitris had thoughts about
setting certain criteria for inviting Guests at F2F meetings. Currently
the Bylaws give full discretion to the Chair for invitations. If this
was to be somehow formulated, it would probably need to enter in the
Bylaws and balloted. Dimitris said that this is a different topic and
plans on discussing it in the future.
9. Any Other Business
Peter Miskovic mentioned that the F2F 49 in Bratislava will take place
10. Bylaws and existing Server Certificate Working Group Charter
Wayne sent a redline of the updated Bylaws and SCWG. Since this ballot
includes several changes, it is very difficult to create the "Ballot
language" and since there is a precedent with ballot 206, Wayne will
send a complete new version of the Bylaws and the SCWG Charter and a
redline for each of those, and Members will need to vote based on that
information. Another option would be to create a PDF and attach that in
Wayne asked the group if there are any objections to having a ballot in
which the language of the motion itself points to GitHub for the changes
that are being voted on. No objections were raised on the call so Wayne
will proceed with that plan and members can still object when the
discussion period starts. He already has one endorser (Dimitris) and is
looking for another member willing to endorse.
11. Next call
May 2, 2019 at 11:00 am Eastern Time.
*F2F Meeting Schedule: *
* 2019: June 11-13, 2019 – Greece (HARICA), October 28-31– Guangzhou
* 2020: Feb18-20 Bratislava (Disig), June – Minneapolis (OATI),
October – Tokyo (GlobalSign)
* 2021: Feb-March Dubai (DarkMatter), June – Poland (Asseco-Certum),
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public