[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - November 1, 2018

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Thu Nov 15 13:06:40 MST 2018 

These are the Approved Minutes of the Teleconference described in the 
subject of this message.


    Attendees (in alphabetical order)

Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer 
(SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Dimitris 
Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew 
(D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff 
Keating (Apple), Inaba Atsushi (GlobalSign), India Donald (US Federal 
PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox 
(GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), 
Li-Chun Chen (Chunghwa Telecom Co. Ltd.), Michelle Coon (OATI), Mike 
Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Ryan Sleevi 
(Google), Shelley Brewer (Digicert), Tim Callan (Comodo CA --> Sectigo), 
Tim Shirley (Trustwave), Trevoli Ponds-White (Amazon), Wayne Thayer 
(Mozilla), Wendy Brown (US Federal PKI Management Authority).


    Minutes


      1. Roll Call

The Chair took attendance


      2. Read Antitrust Statement

The Chair read the Antitrust Statement


      3. Review Agenda

Today's Agenda was approved.


      4. Approval of Minutes of previous teleconference

The minutes of CABF F2F Meeting 45 of Oct 17-18, 2018 were not approved 
because of missing minutes. We kindly ask the remaining minute takers to 
publish their minutes to the wiki or contact the Chair if there is a 
problem.


      5. Follow-up items from SCWG F2F meeting

None.


      6. Validation Subcommittee Update

The Subcommittee continued the discussion about the limitation of 
validation methods via CAA, considered the result of the discussion at 
the F2F meeting that there is not a lot of interest and decided to drop 
this work item.

Another discussion item was BGP hijacking. Tim H. would raise the issue 
in IETF because the CA/B Forum can't make any meaningful progress on 
that subject.

The Subcommittee is also preparing some ballots:

- The voting for the underscore ballot (SC12) will be initiated tomorrow 
night.

- Ballot for removing "any other method" for IP address is under way

- SC4 ballot going forward, which allows adding an email address for 
Domain Validation in DNS TXT or CAA records. Tim's decision is to 
propose that both CAA and TXT is supported.

Finally, the Subcommittee discussed about possible improvements for 
Method 6, website control, and that's the next item the Subcommittee 
will focus on.


      7. NetSec Subcommittee Update

A doodle poll was sent out to decide when the best meeting date/time is. 
Ben will check the results of that poll.


      8. Ballot Status


        _Ballots in Discussion Period_

/- Ballot SC4 version 5: CAA Contact Property and Associated E-mail 
Validation Method (Tim)
/Tim was not on the call to discuss this ballot.
/
- Ballot SC12 -  Underscores, DNSNames, and SRVNames (Wayne)/
This ballot was discussed during the Validation Subcommittee update.


        _Ballots in Voting Period_

None.


        _Ballots in IP Review Period_

None.


        _Draft Ballots under Consideration_


None.


      9. Any Other Business

/Pending question in the questions list/

Kirk reminded the participants that we have a pending question to 
respond to in the questions list. Dean said that he needs some more help 
with a reply. He will draft a response and send it to Ryan for comments 
before proceeding.


/Comodo CA changing to SECTIGO/

Dimitris mentioned that Comodo CA has changed its name to Sectigo and 
asked for comments from Comodo representatives. Tim Callan from Sectigo 
responded and informed the group about the new name and that the primary 
motivation was to avoid market confusion. He mentioned that it also 
helps the market to know that this is a different company, different 
ownership, different philosophy.

Dimitris proposed that if the Bylaws don't specify how to handle a 
Member changing its name, we should ask Sectigo to sign the IPR 
agreement under their new name. Kirk agreed that we probably need a new 
IPR agreement. Tim Callan gave us his email address so we can contact 
him for details about the IPR agreement.


      10. Next call

November 15, 2018 at 11:00 am Eastern Time.


      11. Adjourned

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20181115/0bb687ac/attachment-0001.html>

More information about the Servercert-wg mailing list