[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - October 31 2019

Jos Purvis (jopurvis) jopurvis at cisco.com
Thu Nov 7 12:11:21 MST 2019


Jos Purvis (jopurvis at cisco.com<mailto:jopurvis at cisco.com>)
.:|:.:|:. cisco systems  | Cryptographic Services
PGP: 0xFD802FEE07D19105  | +1 919.991.9114 (desk)

From: Servercert-wg <servercert-wg-bounces at cabforum.org> on behalf of "Dimitris Zacharopoulos (HARICA) via Servercert-wg" <servercert-wg at cabforum.org>
Reply-To: "Dimitris Zacharopoulos (HARICA)" <dzacharo at harica.gr>, CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Date: Thursday, November 7, 2019 at 11:05 AM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: [Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - October 31 2019

These are the final Minutes of the Teleconference described in the subject of this message.
Attendees (in alphabetical order)

Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Tim Hollebeek (Digicert), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Xiu Lei (GDCA).

1. Roll Call
The Chair took attendance.
2. Read Antitrust Statement
The Antitrust Statement was read.
3. Review Agenda
No changes to the agenda.
4. Approval of minutes from previous teleconference
The minutes from the previous teleconference were approved and will be circulated to the public list.
5. Validation Subcommittee Update
Tim reported that they had a short meeting to discuss about the validation summit items progress. They discussed about topics for the next F2F meeting where Tim asked for agenda items. None were suggested.
6. NetSec Subcommittee Update
Ben was not on the call and there was no update to be reported.
7. Ballot Status

No further discussion.

Ballots in Discussion Period
SC23: Precertificates and OCSP (Wayne)
Wayne mentioned that the current version (v3) which was adopted by the proposer and endorsers is an alternative approach proposed by Dimitris and tweaked by Ryan which addresses the problem by updating section 4.9.10 in the BRs for the OCSP responses. Wayne encouraged members to take a look at the ballot. An effective date is not necessary because it introduces a MAY which doesn't need to have an effective date.

Kirk asked if the MAY could be interpreted by the Root Programs as being effective instantly. Wayne responded for Mozilla that any policy changes to the Mozilla Root Program will take place sometime next year so there is no plan for any immediate changes. Mike mentioned that the Microsoft Trusted CA Program does not plan any changes.

Finally, Wayne mentioned that this ballot has a conflicting section with SC24 (for BRs section 4.9.10) but has provisions that addresses this conflict.

SC24: Fall Cleanup (Wayne)
This ballot is now in the discussion period. Members should look at this ballot and report any possible issues.

Ballots in Voting Period

Ballots in Review Period
SC21: NSR section 3 (Log Integrity Controls)(Review until Nov 3, 2019)
Draft Ballots under Consideration

Improvements for Method 6, website control (Tim H.)
No additional comments

SC20 Ballot (NSR 2): System Configuration Management
No additional comments

LEI Ballot (Tim H.)
No additional comments.

Aligning the BRs with existing Browser Requirements (Ryan)
Ryan mentioned that he doesn't expect any progress on this ballot until the markdown ballot is done. He recommended members to check the draft ballot for effective policy that currently applies to Root Programs. He expects more updates to be added to this ballot as they are identified.

Formatting changes to Guidelines (Jos)
There was some discussion around the markdown fixes for pandoc-friendly rendering. One of the issues that has been discussed before is the formatting of listed items and whether this ballot should attempt to address this issue. The current Guidelines include several different listings (i, ii, iii, a, b, c, A, B, C, etc), some of which are included in long paragraphs and it would be better if they were split into bulleted or numbered lists for easier reading. However, it is possible that these current lists are referenced either from other parts of the same document or other documents, even CP/CPS documents from CAs. Although such changes would improve readability, it was recommended not to make such changes in this ballot and be addressed at a later time.
8. Approve F2F 48 Agenda
The F2F agenda was approved. Ryan added a point of concern related to new topics being introduced in meetings, and F2F slots in particular, and recommended that proposers of new topics send some information to the public list beforehand. That would assist participants to prepare and effectively engage in the discussion. Dimitris mentioned that although this is not a requirement, it is a good practice. Wayne added that he would also send a message to the public list about the "default-allow, default deny" discussion topic.
9. Any Other Business
10. Next call
November 14, 2019 at 11:00 am Eastern Time.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/3a26b9ea/attachment-0001.html>

More information about the Servercert-wg mailing list