2018-11-15 Minutes of the Server Certificate Working Group
Attendees (in alphabetical order)
Anna Weinberg (Apple), Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fotis Loukos (SSL.com), Frank Corday (Trustwave), Geoff Keating (Apple), Gordon Bock (Microsoft), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jeff Ward (CPA Canada/WebTrust), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Leo Grove (SSL.com), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Rich Smith (Sectigo), Robin Alden (Sectigo), Tim Callan (Sectigo), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Minutes
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Chair asked mr. Robin Alden to read the Antitrust Statement and asked if he could use a recording for future calls. Mr. Alden accepted.
3. Review Agenda
Today’s Agenda was approved.
4. Approval of Minutes of SCWG F2F Meeting of Oct. 17-18, 2018
The minutes were approved and will be posted to the Public web site and a link to those minutes will be posted to the Public mailing list.
5. Approval of Minutes of previous teleconference
The minutes of November 1, 2018 teleconference were approved and will be posted to the Public list and the Public web site.
6. Application of DarkMatter for SCWG Membership
The Application was approved under the “Certificate Issuer” type.
7. Validation Subcommittee Update
Wayne gave the update and informed the group that Ballot SC13 is in the Discussion Period which is almost over, and Tim would probably start the voting soon after. He encouraged Members that have not taken a look at that ballot to do so and make sure they don’t see any issues with it.
He also mentioned about Tim’s ballot to remove “any other method” in IP validation and will proceed similarly to the Domain validation by adding existing methods used by CAs regardless of how secure they think they are. There is some debate about one method a CA has proposed and they are not sure if it is well described to include in the BRs. That’s one of the reasons holding this ballot back. However, he expects this ballot to go forward soon.
Finally, he mentioned about a discussion that is taking place on the mailing list about the organizationIdentifier attribute in the subjectDN field in EV Certificates that was previously discussed in London and Shanghai, where ETSI has a technical standard that includes this identifier in the subjectDN of EV Certificates. There is some ambiguity in the EV Guidelines about whether this is permitted or not. The Validation Subcommittee is trying to decide how to go forward with that in a way that both the technical requirements of the CA/B Forum and hopefully allow ETSI to move forward with their use of that field.
Dimitris asked when the next Validation Subcommittee was scheduled to meet and Wayne replied that it would be December the 6th.
8. Network Security Subcommittee Update
Ben reported that the subcommittee is still looking for a date to schedule bi-weekly meetings. Most promising day is wednesday.
9. Ballot Status
Ballots in Discussion Period
Ballot SC13: CAA Contact Property and Associated E-mail Validation Methods (Tim H.) No comments were made.
Ballots in Voting Period
None
Ballots in Review Period
Ballot SC12 – Sunset of Underscores in dNSNames (Wayne)
Draft Ballots under Consideration
_Removing “any other method” for IP address (Tim H.)
Improvements for Method 6, website control (Tim H.) _ No comments were made.
10. Any Other Business
None.
11. Next call
November 29, 2018 at 11:00 am Eastern Time.