[cabf_validation] 2024-05-30 Final validation-sc Meeting Meetings

Mon Jul 15 14:56:38 UTC 2024

These are the Final Minutes of the Teleconference described in the subject
of this message, prepared by Martijn Katerbarg(Sectigo).

==Note Well==

Corey read the Note Well.

==Attendees==

Aaron Poulsen (Amazon), Abhishek Bhat (eMudhra), Adrian Mueller (SwissSign),
Adriano Santoni (Actalis S.p.A.), Andrea Holland (VikingCloud), Andreas
Henschel (D-TRUST), Antti Backman (Telia Company), An Yin (iTrusChina), Arno
Fiedler (ETSI), Arvid Vermote (GlobalSign), Ben Wilson (Mozilla), Bruce
Morton (Entrust), Chorus Li (iTrusChina), Christophe Bonjean (GlobalSign),
Chya-Hung Tsai (TWCA), Clint Wilson (Apple), Corey Bonnell (DigiCert), Dave
Chin (CPA Canada/WebTrust), Dean Coclin (DigiCert), Devon O'Brien (Google),
Dimitris Zacharopoulos (HARICA), Dong Wha Shin (MOIS (Ministry of Interior
and Safety) of the republic of Korea), Doug Beattie (GlobalSign), Eva Van
Steenberge (GlobalSign), Hannah Sokol (Microsoft), Hogeun Yoo (NAVER Cloud
Trust Services), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Janet
Hines (VikingCloud), Jeremy Rowley (DigiCert), Joanna Brawata (Asseco Data
Systems SA (Certum)), John Sarapata (Google Trust Services), Josselin
Allemandou (Certigna), Jozef Nigut (Disig), Kateryna Aleksieieva (Asseco
Data Systems SA (Certum)), Keshava Nagaraju (eMudhra), Kiran Tummala
(Microsoft), Leo Grove (SSL.com), Luis Cervantes (GoDaddy), Mads Henriksveen
(Buypass AS), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust),
Martijn Katerbarg (Sectigo), Mats Rosberg (Keyfactor), Matthias Wiedenhorst
(ACAB Council), Michal Malinowski (Asseco Data Systems SA (Certum)), Miguel
Sanchez (Google Trust Services), Michelle Coon (OATI), Mohit Kumar
(GlobalSign), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud),
Nate Smith (GoDaddy), Naveen Kumar (eMudhra), Nick France (Sectigo), Nicol
So (CommScope), Paul Brown (GlobalSign), Paul van Brouwershaven (Entrust),
Pedro Fuentes (OISTE Foundation), Pekka Lahtiharju (Telia Company), Peter
Miskovic (Disig), Prachi Jain (Fastly), Puja Sehgal (Microsoft), Rebecca
Kelly (SSL.com), Rob Stradling (Sectigo), Romain Delval (Certigna), Roman
Fischer (SwissSign), Ryan Dickson (Google), Scott Rea (eMudhra), Sissel Hoel
(Buypass AS), Stefan Kirch (Telekom Security), Stephen Davidson (DigiCert),
Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno
(SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tim
Hollebeek (DigiCert), Tobias Josefowitz (Opera Software AS), Trevoli
Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer
(Fastly), Wei-Hao Tung (Chunghwa Telecom), Yoshihiko Matsuo (Japan Registry
Services)

==Agenda==

No changes to the agenda are requested.

===Report on progress since F2F #61===

No discussion based on the presentation provided by Corey. Presentation is
attached to this email.

===Discussion on converting validation-sc to the validation-wg===

Corey presented a background and proposal for transforming the validation
subcommittee into a working group. Presentation is attached to this email.

Martijn asks what the idea is around creating a new document, and allowing
working groups to incorporate that, but also override it. 

Corey confirms that yes, that indeed should be possible, although we should
be careful with overriding items. Much like the NSRs are now incorporated
based on a specific version, this potential document could be used in the
same way.

Tim H. raises the option of making this document a library type of document,
so each working group can decide for themselves which methods they would
like to allow. 

Wayne states he's not very keen on having such a setup, where each working
group would need to update the version every time there is a change.

Tim H. brings up the option about doing a single cross-working group ballot,
although this needs to be allowed in the Bylaws.
Paul points this out as a probable problem. Alternatively the Validation WG
could potentially be setup as a cross-working group-group, again with Bylaws
changes.

Clint points out this is likely non-starter for Apple's participation.

Wayne adds that for IPR protection we need to be keeping to a single working
group. It seems we don't directly have an end-goal in mind, while we seem to
be continuing to create more working groups.

Paul provides the option of having SCWG members automatically become members
of the ValidationWG, something much relate to how they currently become
members of the ValidationSC. Would that not clear IPR issues if the ballot
passes in the ValidationWG?

Tim H. adds that there's currently no such thing as a cross-working group,
not even the Forum is that. We need to figure out how this would work.

Clint raises concerns with the cost-vs-benefit of doing this transformation.

There were differing perspectives on the idea, with some expressing
skepticism and concerns about potential conflicts of interest. The next step
proposed was to create a charter for the working group to further inform the
discussion and address concerns.

===Improvement on language for the serialNumber attribute for Government
Entities===

This discussion was moved to the next meeting instead.

=== Meeting adjourned ===

-- 
You received this message because you are subscribed to the Google Groups
"Management (CA/B Forum)" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to  <mailto:management+unsubscribe at groups.cabforum.org>
management+unsubscribe at groups.cabforum.org.
To view this discussion on the web visit
<https://groups.google.com/a/groups.cabforum.org/d/msgid/management/SA1PR17M
B65031B96AA60F3F41C7E2503E3C82%40SA1PR17MB6503.namprd17.prod.outlook.com?utm
_medium=email&utm_source=footer>
https://groups.google.com/a/groups.cabforum.org/d/msgid/management/SA1PR17MB
65031B96AA60F3F41C7E2503E3C82%40SA1PR17MB6503.namprd17.prod.outlook.com.

From: 'Martijn Katerbarg' via Management (CA/B Forum)
<management at groups.cabforum.org <mailto:management at groups.cabforum.org> >
Date: Tuesday, 25 June 2024 at 13:28
To: management at groups.cabforum.org <mailto:management at groups.cabforum.org>
<management at groups.cabforum.org <mailto:management at groups.cabforum.org> >
Subject: [management] Draft Minutes of the Validation Subcommittee F2F-62
May 30, 2024

These are the Draft Minutes of the Teleconference described in the subject
of this message, prepared by Martijn Katerbarg (Sectigo).

Please review the minutes and propose edits if necessary. These minutes will
be considered for approval at the next meeting.

==Note Well==

Corey read the Note Well.

==Attendees==

Aaron Poulsen (Amazon), Abhishek Bhat (eMudhra), Adrian Mueller (SwissSign),
Adriano Santoni (Actalis S.p.A.), Andrea Holland (VikingCloud), Andreas
Henschel (D-TRUST), Antti Backman (Telia Company), An Yin (iTrusChina), Arno
Fiedler (ETSI), Arvid Vermote (GlobalSign), Ben Wilson (Mozilla), Bruce
Morton (Entrust), Chorus Li (iTrusChina), Christophe Bonjean (GlobalSign),
Chya-Hung Tsai (TWCA), Clint Wilson (Apple), Corey Bonnell (DigiCert), Dave
Chin (CPA Canada/WebTrust), Dean Coclin (DigiCert), Devon O'Brien (Google),
Dimitris Zacharopoulos (HARICA), Dong Wha Shin (MOIS (Ministry of Interior
and Safety) of the republic of Korea), Doug Beattie (GlobalSign), Eva Van
Steenberge (GlobalSign), Hannah Sokol (Microsoft), Hogeun Yoo (NAVER Cloud
Trust Services), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Janet
Hines (VikingCloud), Jeremy Rowley (DigiCert), Joanna Brawata (Asseco Data
Systems SA (Certum)), John Sarapata (Google Trust Services), Josselin
Allemandou (Certigna), Jozef Nigut (Disig), Kateryna Aleksieieva (Asseco
Data Systems SA (Certum)), Keshava Nagaraju (eMudhra), Kiran Tummala
(Microsoft), Leo Grove (SSL.com), Luis Cervantes (GoDaddy), Mads Henriksveen
(Buypass AS), Mahua Chaudhuri (Microsoft), Marco Schambach (IdenTrust),
Martijn Katerbarg (Sectigo), Mats Rosberg (Keyfactor), Matthias Wiedenhorst
(ACAB Council), Michal Malinowski (Asseco Data Systems SA (Certum)), Miguel
Sanchez (Google Trust Services), Michelle Coon (OATI), Mohit Kumar
(GlobalSign), Mrugesh Chandarana (IdenTrust), Nargis Mannan (VikingCloud),
Nate Smith (GoDaddy), Naveen Kumar (eMudhra), Nick France (Sectigo), Nicol
So (CommScope), Paul Brown (GlobalSign), Paul van Brouwershaven (Entrust),
Pedro Fuentes (OISTE Foundation), Pekka Lahtiharju (Telia Company), Peter
Miskovic (Disig), Prachi Jain (Fastly), Puja Sehgal (Microsoft), Rebecca
Kelly (SSL.com), Rob Stradling (Sectigo), Romain Delval (Certigna), Roman
Fischer (SwissSign), Ryan Dickson (Google), Sissel Hoel (Buypass AS), Stefan
Kirch (Telekom Security), Stephen Davidson (DigiCert), Sven Rajala
(Keyfactor), Tadahiko Ito (SECOM Trust Systems), Thomas Zermeno (SSL.com),
Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tim Hollebeek
(DigiCert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White
(Amazon), Tsung-Min Kuo (Chunghwa Telecom), Wayne Thayer (Fastly), Wei-Hao
Tung (Chunghwa Telecom), Yoshihiko Matsuo (Japan Registry Services)

==Agenda==

No changes to the agenda are requested.

===Report on progress since F2F #61===

No discussion based on the presentation provided by Corey. Presentation is
attached to this email.

===Discussion on converting validation-sc to the validation-wg===