[cabfpub] Final Minutes for CA/Browser Forum Teleconference - January 23 2020

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Fri Feb 7 07:28:59 UTC 2020


These are the Final Minutes of the Teleconference described in the 
subject of this message. *
*


    Attendees (in alphabetical order)

Arno Fiedler (D-TRUST), Clint Wilson (Apple), Corey Bonnell 
(SecureTrust), Chris Kemmerer (SSL.com), David Moeller (Sectigo), Dean 
Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie 
(GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), 
Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management 
Authority), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Kirk Hall 
(Entrust Datacard), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa 
Telecom), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar 
(TrustCor Systems), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE 
Foundation), Peter Miskovic (Disig), Rashmi Jha (Microsoft), Rich Smith 
(Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Thanos Vrachnos 
(SSL.com), Tim Callan (Sectigo), Timo Schmitt (SwissSign), Tobias 
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Vincent 
Lynch (Digicert), Wayne Thayer (Mozilla).


    Minutes


      1. Roll Call


The Chair took attendance.


      2. Read Antitrust Statement

The Antitrust Statement was read.


      3. Review Agenda

Accepted without changes.


      4. Approval of minutes from last teleconference

Approved without objections.


      5. Forum Infrastructure Subcommittee update

The subcommittee call lasted about 5 minutes because there was not 
enough participation.


      6. Code Signing Working Group update

  * The WG invited a representative from the Clean Software Alliance
    (CSA) to the call. They were previously associated with Microsoft
    and now they are an independent organization. They will look at
    potential synergies between CSA and the CA/B Forum working groups.
    There was also interest in the validation subcommittee so Dean will
    send an email to the subcommittee Chair about that. Dean described
    the structure of the Forum and will have a follow-up call with their
    representative. They also invited Forum Members to attend a meeting
    in LA at the end of the month. Some browsers and OS vendors will be
    participating.
  * The February Summit is being postponed for March. A new Doodle poll
    will be circulated.
  * Discussed about improvements in validating and vetting for code
    signing certificates.
  * Tomas talked about key attestation and some customers having
    problems proving possession of keys in cloud instances, using Google
    cloud HSM as an example. This affects section 16.3 of the Code
    Signing BRs. Each Vendor has a proprietary solution and we need to
    modify the BRs for Code Signing with appropriate language to take
    the remote key attestation into account when subscriber keys are
    generated remotely. There was a suggestion to review Adobe's AATL
    Policy for guidance.


      7.  Follow-up on new S/MIME WG Charter

There is some debate on the draft language of the S/MIME charter that 
seem to allow the case where an S/MIME Certificate may not contain an 
email address. This is very close to being completed.


      8.  Action items from F2F 48

Dimitris went over the list of pending actions from the last F2F. Most 
of the topics related to the Bylaws have been incorporated in a draft 
next revision of the Bylaws. Arno is planning to get feedback about the 
ETSI update next week at the scheduled ETSI ESI F2F meeting.


      9.  Topics for F2F 49

No suggestions.


      10.  Draft next revision of the Bylaws

Dimitris went over the main updates proposed in the next revision of the 
Bylaws that were circulated in the public list. There were no objections 
for the suggested changes. Dimitris plans on discussing a couple more 
issues at the next F2F and then prepare a ballot for updating the 
Bylaws. Due to the fact that some Members require legal review for 
Bylaws changes, we try to keep these changes limited to once a year.


      11. Any Other Business

Patrick mentioned that accommodation information for F2F 51 is available 
on the wiki. Globalsign has added hotel information and there are 
special rates for Members. However, some of them require early booking 
until the end of March 2020.


      12. Next call

February 6, 2020 at 11:00 am Eastern Time.


      Adjourned


      *F2F Meeting Schedule: *

  * 2020: Feb18-20 Bratislava (Disig), June 9-11 Minneapolis (OATI),
    October 20-22 Tokyo (GlobalSign)
  * 2021: Feb-March Dubai (DarkMatter), May 25-27 Poland
    (Asseco-Certum), October - San Jose, CA or RTP, NC (Cisco)
  * 2022: Mar-April New Delhi / Bengaluru (e-Mudhra), June - [Open],
    October [Open]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20200207/2edac8d7/attachment.html>


More information about the Public mailing list