[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - October 31 2019

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Thu Nov 7 09:04:43 MST 2019 

These are the final Minutes of the Teleconference described in the 
subject of this message.


    Attendees (in alphabetical order)

Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daniela Hood 
(GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug 
Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew 
(D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna 
Fox (GoDaddy), Kenneth Myers (US Federal PKI Management Authority), Kirk 
Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mike Reilly 
(Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter 
(SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden 
(Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Tim Hollebeek 
(Digicert), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy 
Brown (US Federal PKI Management Authority), Xiu Lei (GDCA).


    Minutes


      1. Roll Call

The Chair took attendance.


      2. Read Antitrust Statement

The Antitrust Statement was read.


      3. Review Agenda

No changes to the agenda.


      4. Approval of minutes from previous teleconference


The minutes from the previous teleconference were approved and will be 
circulated to the public list.


      5. Validation Subcommittee Update

Tim reported that they had a short meeting to discuss about the 
validation summit items progress. They discussed about topics for the 
next F2F meeting where Tim asked for agenda items. None were suggested.


      6. NetSec Subcommittee Update

Ben was not on the call and there was no update to be reported.


      7. Ballot Status

No further discussion.


        _Ballots in Discussion Period_

///SC23: Precertificates and OCSP/ (Wayne)
//Wayne mentioned that the current version (v3) which was adopted by the 
proposer and endorsers is an alternative approach proposed by Dimitris 
and tweaked by Ryan which addresses the problem by updating section 
4.9.10 in the BRs for the OCSP responses. Wayne encouraged members to 
take a look at the ballot. An effective date is not necessary because it 
introduces a MAY which doesn't need to have an effective date.

Kirk asked if the MAY could be interpreted by the Root Programs as being 
effective instantly. Wayne responded for Mozilla that any policy changes 
to the Mozilla Root Program will take place sometime next year so there 
is no plan for any immediate changes. Mike mentioned that the Microsoft 
Trusted CA Program does not plan any changes.

Finally, Wayne mentioned that this ballot has a conflicting section with 
SC24 (for BRs section 4.9.10) but has provisions that addresses this 
conflict.
//
/////SC24: Fall Cleanup /////(Wayne)//
This ballot is now in the discussion period. Members should look at this 
ballot and report any possible issues.

_*Ballots in Voting Period*_
////None

_*Ballots in Review Period*_
/SC21: NSR section 3 (Log Integrity Controls)(Review until Nov 3, 2019)
/


        _Draft Ballots under Consideration_


/Improvements for Method 6, website control/ (Tim H.)
No additional comments
/
SC20 Ballot (NSR 2): System Configuration Management/
No additional comments

/LEI Ballot/ (Tim H.)
No additional comments.

/Aligning the BRs with existing Browser Requirements /(Ryan)
Ryan mentioned that he doesn't expect any progress on this ballot until 
the markdown ballot is done.He recommended members to check the draft 
ballot for effective policy that currently applies to Root Programs. He 
expects more updates to be added to this ballot as they are identified.

/Formatting changes to Guidelines /(Jos)
There was some discussion around the markdown fixes for pandoc-friendly 
rendering. One of the issues that has been discussed before is the 
formatting of listed items and whether this ballot should attempt to 
address this issue. The current Guidelines include several different 
listings (i, ii, iii, a, b, c, A, B, C, etc), some of which are included 
in long paragraphs and it would be better if they were split into 
bulleted or numbered lists for easier reading. However, it is possible 
that these current lists are referenced either from other parts of the 
same document or other documents, even CP/CPS documents from CAs. 
Although such changes would improve readability, it was recommended not 
to make such changes in this ballot and be addressed at a later time.


      8. Approve F2F 48 Agenda

The F2F agenda was approved. Ryan added a point of concern related to 
new topics being introduced in meetings, and F2F slots in particular, 
and recommended that proposers of new topics send some information to 
the public list beforehand. That would assist participants to prepare 
and effectively engage in the discussion. Dimitris mentioned that 
although this is not a requirement, it is a good practice. Wayne added 
that he would also send a message to the public list about the 
"default-allow, default deny" discussion topic.


      9. Any Other Business

None.


      10. Next call

November 14, 2019 at 11:00 am Eastern Time.


      Adjourned


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0c82793a/attachment-0001.html>

More information about the Servercert-wg mailing list