[cabf_validation] Draft minutes of Validation Subcommittee 2023-07-13

Tim Hollebeek tim.hollebeek at digicert.com
Fri Jul 14 15:28:15 UTC 2023

When we invited experts for the Validation Summit back in 2018, we made them sign the IPR agreement as Interested Parties, and then invited them.  Most of those who wanted to participate already had signed.  There wasn’t actually much outside participation, a lot of people expressed interest but in the end only maybe 2-3 followed through and attended, if I recall correctly.

There actually was a previous effort to get Princeton to sign the IPR agreement back when this all started (so this is the second time we’ve had this conversation…), but at that point it was just an invited talk for researchers to present their research paper, and we typically don’t make invited talks sign the IPR agreement, so we let it slide when it became difficult.  Perhaps we shouldn’t have.


From: Validation <validation-bounces at cabforum.org> On Behalf Of Dimitris Zacharopoulos (HARICA) via Validation
Sent: Friday, July 14, 2023 5:31 AM
To: CABforum3 <validation at cabforum.org>
Subject: Re: [cabf_validation] Draft minutes of Validation Subcommittee 2023-07-13

Small update, see below.


On 13/7/2023 7:58 μ.μ., Aaron Gable via Validation wrote:
Aaron Gable - (Let's Encrypt), Aaron Poulsen - (Amazon), Abhishek Bhat - (eMudhra), Andrea Holland - (VikingCloud), Ben Wilson - (Mozilla), Chris Clements - (Google), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Dimitris Zacharopoulos - (HARICA), Doug Beattie - (GlobalSign), Dustin Hollenback - (Microsoft), Gurleen Grewal - (Google), Inigo Barreira - (Sectigo), Janet Hines - (VikingCloud), Joseph Ramm - (OATI), Li-Chun Chen - (Chunghwa Telecom), Martijn Katerbarg - (Sectigo), Michael Slaughter - (Amazon), Michelle Coon - (OATI), Miguel Sanchez - (Google), Nargis Mannan - (VikingCloud), Nate Smith - (GoDaddy), Paul van Brouwershaven - (Entrust), Pedro Fuentes - (OISTE Foundation), Rebecca Kelley - (Apple), Rollin Yu - (TrustAsia Technologies, Inc.), Roman Fischer - (SwissSign), Ryan Dickson - (Google), Thomas Zermeno - (SSL.com), Tobias Josefowitz - (Opera Software AS), Wayne Thayer - (Fastly), Yashwanth TM - (eMudhra)

- Ready by Corey Bonnell

Approving minutes
- F2F #59: approved
- 2023-06-15: approved

Update from MPDV group (Ryan Dickson)
- Some outstanding comments on GitHub pull request.
- Princeton team still working on signing the IPR agreement. State they have no potential claims, just working through the university's legal systems.
- Can they be invited? Corey Bonnell and Dimitris Zacharopoulos confirm that they need to be an Interested Party first. Wayne Thayer confirms that's the intent, at least.

- Can they be invited? Corey Bonnell and Dimitris Zacharopoulos confirm that they need to be an Interested Party first. Wayne Thayer confirms that's the intent, at least. Dimitris mentioned that we could take a look at the process followed during the Validation Summit back in 2018 when we invited experts to participate at a validation SC meeting.

- Henry Birge-Lee plans to provide some research regarding the value of MPDV for CAA checks specifically.

Update from Domain Validation Delegation Threat Modeling group (Michael Slaughter)
- Group consists of Clint Wilson, Martijn Katerbarg, Corey Bonnell, and Michael Slaughter.
- Met 2023-07-12 to determine framework how the group will proceed: what's in scope, what's out of scope, identifying next steps.
- Next step is to identify threats and mitigations.
- Planned output is one or more ballots updating current validation methods or proposing new ones.

Next meeting
- July 27 meeting cancelled due to expected low attendance.
- Therefore next meeting will be 2023-08-10

Meeting adjourned


Validation mailing list

Validation at cabforum.org<mailto:Validation at cabforum.org>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20230714/33848626/attachment.html>

More information about the Validation mailing list