[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - September 19 2019

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Mon Oct 7 10:00:34 MST 2019

These are the Final Minutes of the Teleconference described in the 
subject of this message.

    Attendees (in alphabetical order)

Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer 
(SSL.com), Curt Spann (Apple), Daniela Hood (GoDaddy), Devon O'Brien 
(Google), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), 
Enrico Entschew (D-TRUST), Gordon Bock (Microsoft), Inaba Atsushi 
(GlobalSign), Janet Hines (SecureTrust), Joanna Fox (GoDaddy), Jos 
Purvis (Cisco Systems), Li-Chun Chen (Chunghwa Telecom), Mads 
Henriksveen (Buypass AS), Mike Reilly (Microsoft), Neil Dunbar (TrustCor 
Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich 
Smith (Sectigo), Robin Alden (Sectigo), Tim Hollebeek (Digicert), Tobias 
Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne 
Thayer (Mozilla).


      1. Roll Call

The Chair took attendance.

      2. Read Antitrust Statement

The Antitrust Statement was read.

      3. Review Agenda

No changes to the agenda.

      4. Approval of minutes from previous teleconference

The minutes from the previous teleconference were approved and will be 
circulated to the public list.

      5. Validation Subcommittee Update

Tim provided the update. Stephan from GLEIF was invited to participate 
on the subcommittee call to discuss about the inclusion of LEIs in 
Certificates. The discussion was not concluded within the hour of the 
call but there was a lot of progress made and may have to invite him 
back on a future call. He mentioned that Ryan posted the minutes and 
Kirk suggested some changes but there was a disagreement about some 
points. Tim listened to the recording and reviewed the minutes. His 
personal opinion was that the discussion was mostly captured in the 
minutes posted by Ryan, almost as a transcript which included a lot of 
details. Kirk proposed some important edits to the minutes which, from 
Tim's quick review, appear to be accurate. He would hope people can 
continue that discussion and come to a conclusion about what the minutes 
are without him having to take any additional actions. It was a good 
discussion and a lot of background information was provided about how 
LEIs came to be. Ryan also raised some concerns about their inclusion in 
Certificates. As an additional comment, Tim said that it would be useful 
if Ryan could summarize his concerns about the use of LEI in EV 
Certificates and post them to the list, so that other people can address 
them. If there is serious ecosystem harm with this proposal, we need to 
discuss it so we can find possible solutions to these concerns.

Wayne mentioned that Ryan is not on the call so Tim should probably 
communicate this request to the list so that Ryan can see it. Both Tim 
and Wayne will not be available for the next validation call so Tim will 
have to find someone else to run the call.

      6. NetSec Subcommittee Update

Ben is planning on posting an updated version of ballot SC21.
The subcommittee also worked on restructuring the network security 
requirements and whether the compensating controls should be something 
like a concept that we acknowledge in the network security requirements.

      7. Ballot Status

No further discussion.

        _Ballots in Discussion Period_


_*Ballots in Voting Period*_

_*Ballots in Review Period*_

        _Draft Ballots under Consideration_

/Improvements for Method 6, website control/ (Tim H.)
No additional comments
SC20 Ballot (NSR 2): System Configuration Management/
No additional comments

/SC21 Ballot (NSR 3): Log Integrity Controls/ (Ben)
No additional comments

      8. Any Other Business

No other business.

      9. Next call

October 3, 2019 at 11:00 am Eastern Time.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191007/5dbd1e24/attachment-0001.html>

More information about the Servercert-wg mailing list