[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - August 22 2019

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Thu Sep 5 09:01:12 MST 2019


These are the Final Minutes of the Teleconference described in the 
subject of this message.


    Attendees (in alphabetical order)

Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Daniela Hood (GoDaddy), 
Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie 
(GlobalSign), Dustin Hollenback (Microsoft), Gordon Bock (Microsoft), 
Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox 
(GoDaddy), Kenneth Myers (US Federal PKI Management Authority), Li-Chun 
Chen (Chunghwa Telecom), Michelle Coon (OATI), Mike Reilly (Microsoft), 
Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Rich Smith 
(Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer 
(Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley 
(SecureTrust), Timo Schmitt (SwissSign), Tobias Josefowitz (Opera 
Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla).


    Minutes


      1. Roll Call

The Chair took attendance.


      2. Read Antitrust Statement

The Antitrust Statement was read.


      3. Review Agenda

No changes to the agenda.


      4. Approval of minutes from previous teleconference


The minutes from the previous teleconference were approved and will be 
circulated to the public list.


      5. Validation Subcommittee Update

Method 6 (http) has a draft ballot that Doug posted, it is the last 
ballot coming from the Validation Summit, and there was some discussion 
about the redirects. Doug will most probably propose limiting to 10 
redirects.

They also discussed about the "clean-up ballot". There is a link 
pointing to the proposed changes in the minutes of the validation 
subcommittee, so Members can check that link for any controversial changes.

Reducing the certificate lifetime ballot was also discussed.

Finally, the subcommittee discussed about the LEI ballot which has 
language for the Fully-Verified (Fully Corroborated) information. More 
discussion already takes place on the list.


      6. NetSec Subcommittee Update

No update.


      7. Ballot Status

No further discussion on ballots under consideration


        _Ballots in Discussion Period_

/Ballot SC22: Reduce Certificate Lifetimes /(Ryan)
Mike asked about the three-week discussion period and whether that was 
something decided at the Validation Subcommittee. Ryan mentioned that it 
was discussed at the subcommittee level for about a month and then moved 
to ballot in order to get any further feedback.

There was a short discussion about whether the proposer must send an 
e-mail to explicitly start the voting period, regardless whether the 
ballot e-mail states a "voting begin" date. The interpretation of the 
Bylaws was that an explicit email by the proposer needs to start the 
voting period, which must be exactly 7 days.

_*Ballots in Voting Period*_
//None//

_*Ballots in Review Period*_
//None//


        _Draft Ballots under Consideration_


/Improvements for Method 6, website control/ (Tim H.)
No additional comments
/
SC20 Ballot (NSR 2): System Configuration Management/(Ben)
No additional comments

/SC21 Ballot (NSR 3): Log Integrity Controls/ (Ben)
Ben asked whether the ballots should be considered withdrawn since they 
have not been updated for a while. Dimitris responded that since these 
are still in the "Draft ballots" and have not started an official 
"Discussion Period", they are not considered withdrawn, unless the 
proposer wants to withdraw them.

Tobi mentioned that the Network Security Subcommittee will have a better 
idea about these two ballots in two weeks.


      8. Any Other Business

No other business.


      9. Next call

September 5, 2019 at 11:00 am Eastern Time.


      Adjourned


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190905/79a8c465/attachment-0001.html>


More information about the Servercert-wg mailing list