2019-05-30 Minutes of the Server Certificate Working Group
Attendees (in alphabetical order)
Ben Wilson (Digicert), Bruce Morton (Entrust Datacard), Chris Kemmerer (SSL.com), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Janet Hines (SecureTrust), Jos Purvis (Cisco Systems), Kenneth Myers (US Federal PKI Management Authority), Kirk Hall (Entrust Datacard), Li-Chun Chen (Chunghwa Telecom), Mariusz Kondratowicz (Opera Software AS), Michelle Coon (OATI), Mike Reilly (Microsoft), Peter Miskovic (Disig), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Tim Callan (Sectigo), Tomasz Nowak (Opera Software AS), Trevoli Ponds-White (Amazon).
Minutes
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Antitrust Statement was read
3. Review Agenda
The Agenda was approved.
4. Approval of minutes from previous teleconference
The minutes from the previous teleconference were approved and will be circulated to the public list.
5. Membership application of MSC Trustgate and iTrusChina
MSC Trustgate and iTrusChina were not trusted by a Certificate Consumer of the SCWG so according to the SCWG charter they were granted Associate Membership. The WG designated a period of time of 12 months. Before this time expires, the SCWG will re-examine the associate membership status of these two CAs.
A question was raised about whether these members needed to have applied for inclusion in any Root program. The discussion resulted that this was not a necessary requirement according to the SCWG charter or the Bylaws. In any case, Dimitris confirmed that both of these CAs had applied at least to the Mozilla Root store according to Bugzilla.
6. Validation Subcommittee Update
Doug gave the report. It was a short meeting that didn’t go into a lot of details. It was mostly a preparation of topics for the F2F meeting.
7. NetSec Subcommittee Update
Ben gave the report. The Subcommittee has prepared two ballots (SC20, SC21) that include some improvements to the network security requirements. The SC also prepares a response to Ryan’s comments.
8. Ballot Status
Ballots in Discussion Period
None
Ballots in Voting Period
None
Ballots in Review Period
None
Draft Ballots under Consideration
Improvements for Method 6, website control (Tim H.) No additional comments _ SC20 Ballot (NSR 2): System Configuration Management_ (Ben) No additional comments
SC21 Ballot (NSR 3): Log Integrity Controls (Ben) No additional comments
9. Approval of F2F 47 Agenda
Dimitris went through the Server Certificate Working Group agenda for the next F2F. There were no objections to the current draft agenda.
10. Any Other Business
None.
11. Next call
June 27, 2019 at 11:00 am Eastern Time.