[cabfpub] Final Minutes for CA/Browser Forum Teleconference - September 3, 2020
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Fri Sep 18 08:55:57 UTC 2020
These are the Final Minutes of the Teleconference described in the
subject of this message as prepared by Wayne Thayer (Mozilla).*
Attendees (in alphabetical order)
Amanda Mendieta (Apple), Ben Wilson (Mozilla), Bruce Morton (Entrust
Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris
Kemmerer (SSL.com), Curt Spann (Apple), Daniela Hood (GoDaddy), Dean
Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback
(Microsoft), Enrico Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate),
Huo Haitao (Halton) (360 Browser), Inaba Atsushi (GlobalSign), Janet
Hines (SecureTrust), Joanna Fox (GoDaddy), Johny Reading (GoDaddy), Jos
Purvis (Cisco Systems), Karina Sirota (Microsoft), Kirk Hall (Entrust
Datacard), Leo Grove (SSL.com), Li-Chun Chen (Chunghwa Telecom), Mads
Henriksveen (Buypass AS), Mayur Manchanda (Visa), Michelle Coon (OATI),
Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter
(SecureTrust), Peter Miskovic (Disig), Rae Ann Gonzales (Godaddy),
Rebecca Kelley (Apple), Robin Alden (Sectigo), Ryan Sleevi (Google),
Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tim Hollebeek
(Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management
1. Roll Call
The Chair took attendance.
2. Read Antitrust Statement
The Antitrust Statement was read.
3. Review Agenda
No changes to the agenda were noted. It was noted that Wayne Thayer
volunteered to take minutes for this teleconference and Dimitris will
take minutes on the next one.
4. Approval of minutes from previous teleconference
Accepted without objections.
5. Forum Infrastructure Subcommittee update
Jos said that the subcommittee is still working on updates to the
password archives. Discussed updates to the structure of the GitHub
repository. We are fleshing out a plan to create separate repos for each
working group. An issue was raised about where to host the NCSSRs. A
proposal has been made to replicate them into each WG repo. This means
that each WG can manage their own documents and pull requests can be
handled by the WG chairs. GoDaddy has created a document that is a
distillation of the BRs into a timing matrix of when things need to
happen. GoDaddy asked if this document could be contributed to a CAB
Forum repo. Discussed how to do that without creating the appearance
that these are official CAB Forum docs. The solution we landed on was to
host the document elsewhere and create a section for links to shared
docs on the wiki and/or website that clearly indicates the status of the
document and who owns it. This could also be useful references for
things like CABLint and ZLint.
6. Code Signing Working Group update
Dean said that he was not on the last call, but the document is finished
and out for IPR review. Now the WG is going through parking lot items
that were not addressed in the current version of the document. Looks
like one big work item is to address EV requirements that should also
apply to non-EV code signing certificates. Bruce is compiling a list of
items to discuss at the next call. Also planning a discussion of high
risk requests on Sept 24th.
Mike: that was an accurate summary of the discussion.
7. S/MIME Working Group update
Stephen said that the WG met yesterday. No additional members have
joined. Mads Henriksveen from Buypass was confirmed as the Vice-Chair.
The WG is trying to create a work product as soon as possible, and is
focusing on a default certificate profile. This is requiring a lot of
discussion because client software tends to be very forgiving. Also
discussing the various use cases and deployment scenarios for S/MIME
which are broader than for TLS. Some of this information has been posted
to the public list, and we’re continuing to seek additional sources of
8. Elections update
Dimitris said that we have one candidate for each chair position. This
means we don’t need an elections committee. Dimitris will prepare
confirmation ballots for the Forum and SCWG and sending them on Monday
according to our schedule, and Bruce or Dean will do the same for the
code signing WG.
Dean: Remind us when the Vice Chair nominations open?
Dimitris said that nominations for Vice Chair begin on Oct 7 according
to the original schedule. We can probably start earlier because we don’t
have an elections committee.
9. Any Other Business
Dimitris said that the next F2F is scheduled for Oct 20. Should we start
Dean: Yes, we should start.
Mike: Have we considered the time zone?
Dimitris: The prior meeting’s time zone was though to be most convenient
for all. Plan would be for the same.
Dean: We tried to accommodate the global audience by doing it early
morning West Coast time. We could better accommodate Asia by hosting the
meetings later, but that is bad for Europe.
Mike: The times we used before were probably best for all.
10. Next call
The next call will take place on September 17, 2020 at 11:30am Eastern Time.
F2F Meeting Schedule:
* 2020: October 20-22 (Virtual)
* 2021: Feb-March San Jose, CA (Cisco), June – Poland (Asseco-Certum),
October - Minneapolis (OATI)
* 2022: Mar-April New Delhi / Bengaluru (e-Mudhra), June - [Open],
October - [Open]
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public