[cabf_validation] Minutes from the Validation Subcommittee meeting of 27 September 2018
Tim Hollebeek
tim.hollebeek at digicert.com
Tue Oct 2 07:19:33 MST 2018
No, several more recent drafts have been circulated.
Attached is the version from late August.
-Tim
From: Validation <validation-bounces at cabforum.org> On Behalf Of Adriano
Santoni via Validation
Sent: Tuesday, October 2, 2018 12:05 AM
To: validation at cabforum.org
Subject: Re: [cabf_validation] Minutes from the Validation Subcommittee
meeting of 27 September 2018
Will ballot SC7 be based on the proposal "jeremy-ip-Oct2017" ?
Il 01/10/2018 17:09, Bruce Morton via Validation ha scritto:
Here are minutes from the Validation Subcommittee meeting on 27 September
2018.
1. SC4 - Email and CAA Contact
Tim plans to post and update to the ballot today (27 September 2018).
2. SC7 - IP Address validation Methods
Wayne stated this ballot is almost ready to post. There was discussion about
the effective date which would be about 6 months or April/May 2019. On the
effective date all new certificate must be issued using the new IP address
validation methods.
3. SC5 - Method 3 and Phone CAA Contact
Doug is waiting for any issues with SC4 to be resolved before completing
this ballot.
Ryan advised that both SC4 and SC5 could advance if CAA was the only method
to verify the email address or the phone number as there appears to be no
issues with using CAA.
Tim requested concreate issues on using DNS TXT to obtain the email address
or phone number. Ryan responded that these comments have been provided on
the DL and would like to keep this as a separate conversation.
Tim requested if the DNS TXT issues could be discussed at the next
Validation Subcommittee meeting in 2 weeks (11 October 2019). Ryan stated
yes.
It was suggested that SC5 might need to split up into 2 parts: 1) how to get
a phone number and 2) how to use the phone number.
4. Ballot 225 - Improvements to EV Guidelines
Tim stated there is an issue with D&B being a QIIS. Planning to discuss
defining who is a QIIS or QTIS.
5. Validation method OIDs in Certificates
Wayne is waiting for the Bylaws to be updated as they may need IPR review.
It was stated that no the Bylaws do not need IPR review and IPR review is
only required when guidelines are updated. As such, Wayne plans to proceed
with the ballot.
6. Clean Up ballot
Suggested there should be a cleanup ballot this fall and not wait until the
spring.
There are some changes which are required to both the Bylaws and the BRs. It
was noted that as there are different voters for each of these documents,
then there must be 2 clean up ballots, one for the Forum (Bylaws) and one
for the Servercert WG (BRs).
7. Discussion Priorities
a. BGP/DNS robustness
b. Method 9 removal
c. Method 10 update. Ryan stated there are still issues as the RFC is
still in final call. Tim would not like the RFC to be normative. Ryan stated
that it would be best to start with the RFC and then make changes based on
how CAs are using Method 10. As such there could be 2 methods where one is
based on the RFC and the other is modified. It was recommended that the CAs
provide information on how they are using Method 10. Ryan plans to propose
text.
d. Method 6 work on HTTP method
8. Underscore in DNS Names
Wayne would like to clean up the issue with underscore in domain names.
Google and Mozilla that underscore in domain names is not allowed per RFC
5280. However, some CAs consider this to be a grey area based on the
previous ballot. A ballot will determine the outcome and get this issued
closed.
Thanks, Bruce.
_______________________________________________
Validation mailing list
Validation at cabforum.org <mailto:Validation at cabforum.org>
https://cabforum.org/mailman/listinfo/validation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20181002/1e821c1c/attachment-0001.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ballot.txt
URL: <http://cabforum.org/pipermail/validation/attachments/20181002/1e821c1c/attachment-0001.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/validation/attachments/20181002/1e821c1c/attachment-0001.p7s>
More information about the Validation
mailing list