2020-05-14 Minutes of the CA/Browser Forum Teleconference
Attendees (in alphabetical order)
Adam Clark (Visa), Arno Fiedler (D-TRUST), Ben Wilson (Mozilla), Bruce Morton (Entrust Datacard), Clint Wilson (Apple), Corey Bonnell (SecureTrust), Chris Kemmerer (SSL.com), Daniela Hood (GoDaddy), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Jos Purvis (Cisco Systems), Li-Chun Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Michael Guenther (SwissSign), Mike Reilly (Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter (SecureTrust), Patrick Nohe (GlobalSign), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer (Digicert), Stephen Davidson (Quo Vadis), Taconis Lewis (US Federal PKI Management Authority), Thanos Vrachnos (SSL.com), Tim Hollebeek (Digicert), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority).
Minutes
1. Roll Call
The Chair took attendance.
2. Read Antitrust Statement
The Antitrust Statement was read.
3. Review Agenda
Accepted without changes. Enrico volunteered to take minutes on the next call.
4. Approval of minutes from previous teleconference
Accepted without objections.
5. Forum Infrastructure Subcommittee update
Jos gave the reports.
- On the issue of migrating the mailers and web site, the subcommittee will make progress with the web site first.
- On the issue of pandoc formatted BRs, Jos will proceed with making changes to the “Travis” configuration to autobuild with the new pandoc.
- WebEx demoing various options. Evaluated default and existing meeting options with Dimitris and tested various scenarios. We did not have a chance to evaluate other types of webex meetings because they were not available in our subscription.
- Migration of webex. The URL is changing and cabf.cabforum.org is the new URL. Chairs and Vice Chairs of subcommittees should ask for an account and schedule new meetings. Don’t forget to update the associated wiki page with the new meeting information.
Tim asked about the calendar invites on the old system. Jos replied that the old WebEx account will disappear in June.
The draft minutes of that particular Subcommittee meeting are available at the following URL:
6. Code Signing Working Group update
Dean: The merged document is ready to proceed. They also created a prioritized list of parking lot items, and will work with the top 5 things. The SC added a code signing wiki page with this information. Draft document with mark-ups and parking lot items are added to that wiki.
Next plan is to put this document up for a ballot. Dimitris asked if this would be considered a new Guideline, thus requiring 60 days of IPR review or an update to an existing guideline, thus requiring 30 days of IPR review. Dean said they will add it to the agenda for next meeting. Tim proposed to update of one of the two. Dean will explore these options. Sunsetting one document makes sense and Ryan thinks 30 days is ok with calling this “merge” a maintenance guideline.
7. New S/MIME WG Charter
This was now supposed to be in the discussion period but due to a technical issue with the ballot redline link, it is not a correct ballot. Tim will have to restart the discussion period by posting the proper “immutable” redline link, if this is supposed to be the normative ballot text. Tim mentioned that there is one last thing being discussed about root certificates that are not publicly trusted and which should be out of scope. There are concerns raised by Ryan that he is trying to understand.
Ryan said that the way this is written, what seems to be documented as out of scope can easily be presented differently to be in scope. He asked what is it that we’re trying to prevent. This language also prevents things we want to address. FPKI schemes and policy seems that they cannot be discussed. There was also a change in the introduction of the ballot.
Tim thinks that the current language does not prohibit that. The WG should not delete these things. Discuss for publicly-trusted.
Corey, asked to clarify the net result. This group would not produce standards that would be used exclusively on a private PKI.
Dimitris reminded the members about the codesigning WG charter where the Trusted third-party model was in scope and the non third-party model was out of scope.
Arno said that it’s good to take existing standards into account like ETSI NCP, etc.
Tim will check Forum-11 for an immutable red-line link.
8. Discussion about F2F agenda
No new topics for the agenda. It will be finalized at the next meeting.
If anybody has an idea of a good topic to discuss on our virtual meeting send it to the public list or to Dimitris.
9. Any Other Business
Doug mentioned that he assumes same virtual mode will be for a couple more F2F meetings. It is becoming very likely that F2F 51 will also need to be done virtually. The group agreed to wait another month to 6 weeks. Likely it will be cancelled due to International restrictions.
Trev: Some companies do not allow employees to travel Doug: There is also an significant financial impact Corey: Currently, US and Japan self-quaranteen for 2 weeks.
In relation to Forum-12: Update CA/B Forum Bylaws. There has been no feedback and Dimitris intends to start the voting period as soon as the discussion period is over.
10. Next call
May 28, 2020 at 11:30 am Eastern Time.