[Servercert-wg] Final Minutes of Server Certificate Working Group call - April 16, 2020
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Wed May 6 03:58:01 MST 2020
These are the Final Minutes of the Teleconference described in the
subject of this message.**
Roll call: Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton
(Entrust Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust),
Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin
(Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft),
Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines
(SecureTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Li-Chun
Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon
(OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko
Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE
Foundation), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden
(Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen
Davidson (Quo Vadis), Thanos Vrachnos (SSL.com), Tim Callan (Sectigo),
Tim Hollebeek (Digicert), Timo Schmitt (SwissSign), Tobias Josefowitz
(Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer
(Mozilla), Wendy Brown (US Federal PKI Management Authority), Taconis
Lewis (US Federal PKI Management Authority), Andrea Holland (SecureTrust).
Agenda approved, anti-trust statement was read, roll was taken.
Minute taker: Tim Hollebeek.
Tobi volunteered to take minutes in two weeks.
Previous minutes were approved.
Validation subcommittee discussed two things:
1. Voluntary disclosure of information sources
- a few other CAs said they were going to disclose after DigiCert,
but haven't
- CAs are still encouraged to disclosed, but voluntary doesn't seem
to be working
Ryan has a ballot to mandate disclosure
Discussion about the challenges of not having disclosure block
issuance of certificates
Ryan posted a really good summary of the discussion to the mailing
list, please read it there
2. Discussed the reorganization of requirements for certificate profiles
Draft skeleton certificate profile wasn't up until shortly before
the meeting, so not much
substantive discussion
Discussing continues on the list and in a Google document
Skeleton will again be reviewed on the next Validation call
NetSec subcommittee:
Discussing SC29 version 3 on the list
Minutes are up for review
SC28 (reducing log retention) is nearly complete
Another ballot (no number yet) for account deactivation
Ballot to replace secure zones and high security zones and replace with
clearer structure
Dean: are you intending to start voting on SC29 next week?
Neil: are we allowing ballots due to the covid situation?
Wayne: I'd suggest putting a feeler out and seeing if people are ready
to move forward
Ballot status:
Discussion period: SC29 (see above)
Voting period: None
Review period: SC26 (pandoc-friendly markdown changes) - ends Apr 30
Draft ballots:
Ryan - BR alignment
Ryan - Spring cleanup
Ryan - Data source disclosure (discussed on last week's Validation call)
Chris Kemmerer - updated 6.1.1.3 to clarify requirements around
rejecting weak keys
Server Certificate Working Group adjourns
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200506/de09bf45/attachment-0001.html>
More information about the Servercert-wg
mailing list