[cabfpub] Final Minutes of CA/B Forum call October 28, 2021

Dean Coclin dean.coclin at digicert.com
Thu Nov 11 16:54:28 UTC 2021

Here are the final minutes of the subject call:


Attendees: Ali Gholami (Telia), Andrea Holland (SecureTrust), Ben Wilson
(Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan
(Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico
Entschew (D-TRUST), Hazhar Ismail (MSC Trustgate), Inaba Atsushi
(GlobalSign), India Donald (US Federal PKI Management Authority), Inigo
Barreira (Sectigo), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy),
Jos Purvis (Cisco Systems), Kati Davids (GoDaddy), Mads Henriksveen (Buypass
AS), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon
(OATI), Natalia Kotliarsky (SecureTrust), Niko Carpenter (SecureTrust), Paul
van Brouwershaven (Entrust), Peter Miskovic (Disig), Rae Ann Gonzales
(GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz
(GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert),
Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com), Tim Hollebeek
(Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Tyler Myers (GoDaddy), Wendy Brown (US Federal PKI Management
Authority), Yoshiro Yoneya (Japan Registry Services)


The anti-trust statement was read.


The agenda was reviewed. No changes.


No minutes to approve.


Forum Infrastructure Report: Jos Purvis gave the update.

There was a very brief discussion on the GitHub digest and Corey has started
poking into implementing the automated digest email digest to GitHub
activity to each of the working groups. He just needs access to send from
the account, which Jos is going to be getting him.


Code Signing Working Group Update: Bruce Morton gave the update.

CSC-12 is in the voting period. Working on a ballot for subscriber key
protection. Next priority is to update the code signing service
requirements. Also want to complete changing CSBRs to the RFC 3647 format.


S/MIME Working Group Update: Stephen Davidson gave the update.

Continuing the discussion on the validity periods. Apple has settled on 825
days. Would be allowable for the 1 legacy policy, which is intended as kind
of a short term bridge to allow more of the ecosystem to be pulled into this
auditable framework. But the intent is that it would disappear over time.
It's really a debate on the balancing of kind of the desire for automation
and policy agility, versus kind of acknowledging the heavy usage of tokens
and so forth. There has been some willingness on the part of a certificate
consumers to consider 2095 day legacy period, as long as there is a hard
date that it would be deprecated. So that's really an ongoing discussion.
We've also had a discussion of the contents of the version 1, primary
deliverable. Certainly for those who would like to see the evolution of that
document, it is publicly available out In the cab form, GitHub repository,
there's, the S/mine section and you would be looking for the SBR. There's a
version called the Pre SBR that is the working draft. The next step in our
list of discussions there, was a specific request from a certificate
consumer asking to have, as a focused discussion, the topic of external
enterprise RAs. So that's what's next on our agenda.


Next Meetings:
Next face to face meeting will be in person hosted by DigiCert in Salt Lake
City. Proposed dates are Feb 22-24. RSA Conference is week of Feb 7th.
Discussed possibly starting meeting on Weds vs. Tuesday. Dean will send out
Doodle poll but preference is to start on Tuesday, Feb 22nd. 


Other meetings:
Dates have been set for June and October meetings. 

June 6-8 Poland (Asseco)

October 24-26 Berlin (D-Trust)


No other business


Meeting adjourned


Dean Coclin

CA/B Forum Chair



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20211111/fb5434bd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4916 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20211111/fb5434bd/attachment.p7s>

More information about the Public mailing list