Final Minutes CA/Browser Forum Teleconference of October 26, 2017
Attendees: Atsushi Inaba (GlobalSign), Ben Wilson (DigiCert), Christopher Kemmerer (SSL.com), Curt Spann (Apple), Daymion Reynolds (Godaddy), Dean Coclin (Symantec), Doug Beattie (GlobalSign), Frank Corday (Trustwave), Geoff Keating (Apple), Gervase Markham (Mozilla), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (BuyPass), Mike Reilly (Microsoft), Neil Dunbar (Trustcor), Rich Smith (Comodo), Shelley Brewer (DigiCert), Steve Medin (Symantec), Tim Hollebeek (Trustwave), Tim Shirley (Trustwave), Tyler Myers (GoDaddy), Virginia Fournier (Apple).
- Roll Call
- Read Antitrust Statement
- Review Agenda. Agenda was approved.
- Approval of Minutes from Taipei F2F meeting Oct. 4-5. This item was postponed until we have all of the minutes in. Ben asked those who have not submitted their minutes to please do so.
- Governance Change Working Group update. Dean said that during our recent WG meeting we reviewed the comments from Gerv and the FAQ. There were some items that we wanted Virginia to review. This week we also circulated a draft charter for the Server Certificate Working Group, and we’ve already received several comments, which we’re going through.
- Validation Working Group update. No report.
- Policy Review Working Group update. Ben said the WG didn’t have a call this week, but that Dimitris was going to review the Baseline Requirements again for use of the term “CA” and distinguish when it referred to a legal entity vs. a system.
- Network Security Working Group update. Ben said the WG had worked on passwords and a couple other areas of the Network and Certificate System Security Requirements and was making good progress and that there was a lot of participation in the Working Group, which was a good sign that people want to accomplish more with this effort.
- Ballot Status: We reviewed the list of ballots provided with the Agenda.
- Other Business:
The minutes of the last teleconference held on Thursday, October 12, 2017, were approved.
Dean noted that we have confirmed that we’ll be meeting in Shanghai in October 2018. More details will be made available later.
Rich asked, along the lines of the discussions about new / alternative domain validation methods, whether there was any input from the group on the idea of using RDAP, since some registrars are now running it. This might involve adding a definition of “whois” to the Baseline Requirements. Rich said that he would bring the topic up with the Validation Working Group.
Ben noted that a new version of the EV Guidelines had been posted to the website and that the wiki has been updated to contain all Word versions of the EV Guidelines and Baseline Requirements in case anyone needs to refer to them.
- Next call November 9, 2017.