[Servercert-wg] 2022-08-18 Minutes of the Server Certificate Working Group
jos at melete.org
Fri Sep 16 19:37:52 UTC 2022
These have also been published to the public website at cabforum.org <https://cabforum.org/2022/08/18/2022-08-18-minutes-of-the-server-certificate-working-group/>.
----- Original message -----
*Server Certificate Working Group – 18 August 2022*
Attendees: Aaron Poulsen (Amazon), Adam Jones (Microsoft), Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), David Kluge (Google), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Fastly), Karina Sirota (Microsoft), Kiran Tummala (Microsoft), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Martijn Katerbarg (Sectigo), Michael Guenther (SwissSign), Michelle Coon (OATI), Rebecca Kelley (Apple), Roman Fischer (SwissSign), Ryan Dickson (Google), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
1. Read Antitrust Statement
Jos Purvis read the antitrust statement.
2. Review Agenda
No changes were made to the agenda.
3. Approval of Minutes from Last Teleconference
The minutes from the 4-August call were approved without changes.
4. Validation Subcommittee Update
Corey Bonnell said that the subcommittee met last Thursday. They spent most of the time reviewing the “on deck” section of the subcommittee’s _backlog_ <https://github.com/orgs/cabforum/projects/1>. A number of items were reprioritized. The discussion then moved to a _proposed_ <https://github.com/cabforum/servercert/pull/376> relaxation of the key usage requirements for end-entity certificates in the new profiles ballot, and how to represent something that is likely to be forbidden in the future. Finally, the group discussed two EV cleanup items proposed by Bruce Morton and agreed to move forward with them. Next week the subcommittee is planning to continue work on profiles and move on to some of the new work at the next meeting.
5. Ballot Status
Ballots in Discussion Period
Ballots in Voting Period
Ballots in Review Period
Draft Ballots Under Consideration
* Revival of Debian Weak Keys
Chris Kemmerer said that consensus has been reached on the language and he is seeking endorsers to move the ballot forward.
* SLO/Response for CRL & OCSP Responses
David Kluge said that not as much progress has been made as hoped. There was some discussion in the past week that now needs to be incorporated into the ballot. Would also like to extend the ballot beyond SLOs for revocation into other areas of the BRs.
6. Any Other Business
* Interested Party Review
Jos said that NINA - the 911 association - has requested participation as an Interested Party. They are a standards organization for 911 (the North American emergency services telephone number). Jos said that he had confirmed the requestor’s authority to sign the IPR agreement.
Tobias Josefowitz asked if we can get confirmation from someone other than the requestor themself?
Jos said that it is reasonable to ask the requestor to forward a confirmation email from an officer to provide proof of their binding authority.
* CRL Reason Codes
Ben Wilson said that he had _sent an email to the list about revocation reason codes_ <https://lists.cabforum.org/pipermail/servercert-wg/2022-July/003273.html>. Ben requested feedback on the proposal. It is not in the form of a ballot yet, but Ben is seeking endorsers.
7. Roll Call
Clint Wilson read the roll.
8. Next call: 1-September 2022 at 11AM Eastern
Adjourn; Immediately convene meeting of CA Browser Forum (same call)
Management mailing list
Management at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Servercert-wg