[Smcwg-public] Final Minutes of SMCWG July 22, 2020

Stephen Davidson Stephen.Davidson at digicert.com
Fri Aug 7 12:46:34 MST 2020


Minutes of SMCWG


July 22, 2020

 

These are the Approved Minutes of the Teleconference described in the
subject of this message. 


Attendees (in alphabetical order)


Qiu Dawei (CFCA), Zhang Danmeng (CFCA), Li-Chun Chen (Chunghwa Telecom ),
Tim Hollebeek (DigiCert), Dean Coclin (DigiCert), Stephen Davidson
(DigiCert), Andreas Henschel (D-TRUST), Enrico Entschew (D-TRUST), Vijay
Kumar (eMudhra), Bruce Morton (Entrust DataCard), Wang Chunlan (GDCA), Xiu
Lei (GDCA), Doug Beattie (GlobalSign), Hugh Mercer (GlobalSign), Atsushi
Inaba (GlobalSign), Dimitris Zacharopoulos (HARICA), Toria Chen (SHECA),
Chris Kemmerer (SSL.com), Mike Guenther (SwissSign), Neil Dunbar (TrustCor),
Corey Bonnell (Trustwave), Janet Hines (Trustwave), David Chen (TWCA), Pedro
Fuentes (OISTE), Hongquan Yin (Microsoft), Mike Reilly (Microsoft), Ben
Wilson (Mozilla), Matthias Wiedenhorst (ACAB'c), India Donald (Federal PKI),
Wendy Brown (Federal PKI), Thomas Connelly (Federal PKI), Hazhar Ismail (MSC
Trustgate.com Sdn Bhd), Markus Wichmann (TeleTrust), Morad Abou Nasser
(TeleTrust), Rufus Buschart (TeleTrust), Arno Fiedler, Christian Heutger
(PSW), Russ Housley (Vigil Security, LLC), Patrycja Tulinska (PSW), Jeff
Ward (WebTrust), Don Sheehy (WebTrust), Kai Engert (Thunderbird)


1. Roll Call


The Roll Call was taken.


2. Read Antitrust Statement


The Antitrust/Compliance Statement was read.


3. Review Agenda


No changes to the agenda were noted.


4. Approval of minutes from last teleconference


NA


4. Formation of SMCWG


An overview of the voting procedures was provided as outlined in the SMCWG
Charter and CABF By-Laws for both the formation of the SMCWG and membership
as well as onward ballots.  Acting Chair Stephen Davidson proposed a list of
initial qualifying members as follows.

 

Certificate Issuers:  Actalis, Asseco Data Systems (Certum), BuyPass, CFCA,
Comsign, DigiCert, D-TRUST, eMudhra, Entrust DataCard, GDCA, GlobalSign,
HARICA, SHECA, SSL.com, SwissSign, TrustCor, Trustwave, TWCA, OISTE
Foundation.  Certificate Consumers:  Microsoft, Mozilla/Thunderbird.
Associate Members:  ACAB'c, TeleTrusT, Federal PKI, MSC Trustgate.com Sdn
Bhd, WebTrust.  Interested Parties:  Arno Fiedler (ETSI), PSW, Vigil
Security.

 

A discussion was held.  It was noted that Mozilla was working with its
affiliate Thunderbird, but that changes in organizational structure may lead
to membership category changes at a later date.  It was questioned whether
Associate Member or Interested party was more appropriate for TeleTrust and
the Acting Chair decided to remove TeleTrusT from the current vote.  

 

A roll call of the proposed members was held and more than two-thirds of the
proposed initial membership voted in favor in accordance with the Charter.
There were no votes against the proposed members (with only abstentions or
not present).  

 

The initial members of the SMCWG are as follows. Certificate Issuers:
Actalis, Asseco Data Systems (Certum), BuyPass, CFCA, Comsign, DigiCert,
D-TRUST, eMudhra, Entrust DataCard, GDCA, GlobalSign, HARICA, SHECA,
SSL.com, SwissSign, TrustCor, Trustwave, TWCA, OISTE Foundation.
Certificate Consumers:  Microsoft, Mozilla/Thunderbird.  Associate Members:
ACAB'c, Federal PKI, MSC Trustgate.com Sdn Bhd, WebTrust.  Interested
Parties:  Arno Fiedler (ETSI), PSW, Vigil Security.


5. Election of Officers


Stephen Davidson was proposed by Dean Coclin to act as Chair of the SMCWG.
A voice vote was held and Stephen Davidson was elected to serve as Chair.
It was agreed to elect a Vice Chair of the SMCWG at a later meeting.  It was
agreed that Stephen Davidson and Jos Purvis of the Infrastructure
Subcommittee would serve as webmaster as required.


6. Goals and Next Steps


A discussion was held on the goals of the SMCWG as described in the Charter.
It was agreed that initial work would focus on verification of control over
email addresses and certificate profiles for end entity S/MIME certificates
and Issuing CA certificates.  Later steps would focus on key management and
certificate lifecycle; CA operational practices, physical/logical security;
and identity validation.

 

Members were asked to provide examples of known standards for S/MIME
certificates for the group's consideration.

 


7. Any Other Business


No other business was discussed.

Moderation has been removed from members of the SMCWG on the public and
management list.  Ordinarily discussion should occur on the public list at
smcwg-public at cabforum.org <mailto:smcwg-public at cabforum.org>  which has a
public access archive.  The management list at
<mailto:smcwg-management at cabforum.org> smcwg-management at cabforum.org is used
for tasks such as scheduling and approval of minutes.


8. Next call


The next call will take place on August 5, 2020 at 11:00am Eastern Time.  A
separate invitation has been sent to members of the SMCWG; meetings will
occur every other week in weeks of the main CABF call.


Adjourned


 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20200807/165536f3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4979 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20200807/165536f3/attachment.p7s>


More information about the Smcwg-public mailing list