2019-04-18 Minutes of the Server Certificate Working Group
Attendees (in alphabetical order)
Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Frank Corday (SecureTrust), Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Joanna Fox (GoDaddy), Jos Purvis (Cisco Systems), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Michael Guenther (SwissSign), Michelle Coon (OATI), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Peter Miskovic (Disig), Rich Smith (Sectigo), Ryan Sleevi (Google), Scott Rea (Dark Matter), Shelley Brewer (Digicert), Tim Hollebeek (Digicert), Tim Shirley (SecureTrust), Timo Schmitt (SwissSign), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Minutes
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Antitrust Statement was read
3. Review Agenda
The Agenda was approved.
4. Approval of minutes from F2F 46 and previous teleconference
The minutes from the previous teleconference were approved and will be circulated to the public list.
For the F2F 46 minutes, Dimitris sent the majority of the draft minutes for review on April 10th and was posting draft minutes for missing slots as they came in. He sent a final set of draft minutes for review on April 15th, three days before this teleconference. However, some last-minute notes came in minutes before this call.
Dimitris recommended approving the bulk set of minutes and posting those to the public web site with an indication that 2 slots are missing and would be updated once approved.
Google objected to that proposal and explained that the minutes should be approved holistically. Ryan noted that some members already struggle to review the minutes and it would be even harder if they had to review minutes in parts, as they come in. He appreciated the proposal and suggested we discuss this topic in an upcoming F2F and possibly re-examine how we do minutes in F2F meetings.
It was decided that the F2F 46 minutes will be considered for approval at the next scheduled teleconference.
5. Validation Subcommittee Update
Tim H. gave the update. The Validation Subcommittee went through the suggestions made for validation methods that hadn’t been reviewed yet since the Validation Summit. There weren’t any strong suggestions and decided to defer those methods until there is more work that needs to be done on those methods.
The subcommittee will continue discussions on improving two methods; the “http” and the “dns” change method. The EU/EV orgID ballot (SC17) was also discussed and a new version was posted yesterday. Dimitris already indicated some formatting errors that will be corrected in a new version soon to be released. If anyone else has any changes to suggest, please send them.
6. NetSec Subcommittee Update
Ben was not on the call and no other member was able to give a report so we recorded no updates from the NetSec Subcommittee.
7. Ballot Status
Ballots in Discussion Period
Ballot SC17: Alternative registration numbers for EU certificates (Tim H.)
Dimitris mentioned that since ballot SC16 is not in effect, there is no conflict in section 9.2 and probably the next version of SC17 will include a fresh redline against the latest EV Guidelines (1.6.9) that incorporate the changes of SC16.
Ballot SC18: Phone Contact with DNS CAA Phone Contact (Doug)
Doug submitted a new version correcting a typo, and reset the discussion period. He asked members if they have any other minor/major comment to come forward so we can wrap up this ballot.
Ballots in Voting Period
None
Ballots in Review Period
Draft Ballots under Consideration
Improvements for Method 6, website control (Tim H.)
No additional comments were made.
8. Any Other Business
None.
9. Next call
May 2, 2019 at 11:00 am Eastern Time.