2021-09-30 Minutes of the Server Certificate Working Group
Attendees
Ali Gholami (Telia), Amanda Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), David Kluge (Google), Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Enrico Entschew (D-TRUST), Fumihiko Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Inigo Barreira (Sectigo), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Mads Henriksveen (Buypass AS), Marcelo Silva (Visa), Mike Reilly (Microsoft), Niko Carpenter (SecureTrust), Paul van Brouwershaven (Entrust), Peter Miskovic (Disig), Rebecca Kelley (Apple), Ryan Sleevi (Google), Sebastian Schulz (GlobalSign), Shelley Brewer (Digicert), Stephen Davidson (Digicert), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Vijayakumar (Vijay) Manjunatha (eMudhra), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
Minutes
1. Read Antitrust Statement
Jos Purvis read the antitrust statement.
2. Roll Call
Dean Coclin read the roll.
3. Review Agenda
No changes were made to the agenda.
4. Approval of minutes from last teleconference
The minutes from the last call were approved without changes.
5. Validation Subcommittee Update
Wayne Thayer said that the subcommittee met briefly last Thursday. The main open item on the certificate profiles work is the Technically Constrained Sub-CA Profiles,which were discussed at the prior meeting. There were no updates on the profiles to report.
6. NetSec Subcommittee Update
Clint Wilson said they talked this week about identifying objectives for the subcommittee. How does the scope map to the charter? How do other WGs use the NCSSRs? Should the NetSec subcommittee be chartered as a working group?
Clint said that the subcommittee continues to look at cloud infrastructure and improving and clarifying the current requirements. They are also working on a risk assessment of public CA specific threats. Finally, some smaller fixes are also in the works. If anyone knows of minor cleanups to the NCSSRs that are needed, please log them in a GitHub issue.
7. Ballot Status
Ballots in Discussion Period
None
Ballots in Voting Period
None
Ballots in Review Period
None
Draft Ballots Under Consideration
- Ballot SCXX: Debian Weak Keys (Chris)
Chris Kemmerer said that he should have something ready next week for discussion at the upcoming F2F.
- Ballot SC34 Account Management (Tobi)
Tobi Josefowitz said that he is still looking for someone to endorse.
8. Any Other Business
Jos said that ballot SC49 has passed and Doug Beattie has been elected as the Vice Chair of the SCWG. His term begins on Nov 1st. Jos congratulated Doug and thanked Wayne for his past service.
Doug said that he is looking forward to moving into the role.
Jos said that the Fall F2F is coming up and he has received a few requests for slots on the agenda. Please review the agenda and sign up on the wiki if you have not already done so.
9. Next call (after F2F): October 28th, 2021 at 11AM Eastern
Adjourn; Immediately convene meeting of CA Browser Forum(same call)