2021-12-09 Minutes of the Server Certificate Working Group
Attendees
Adrian Mueller (SwissSign), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Brittany Randall (GoDaddy), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Chris McMillan (Visa), Clint Wilson (Apple), Corey Bonnell (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumihiko Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Jose Guzman (GoDaddy), Karina Sirota (Microsoft), Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Rebecca Kelley (Apple), Ryan Dickson (Google), Sebastian Schulz (GlobalSign), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Wayne Thayer (Mozilla), Wendy Brown (US Federal PKI Management Authority), Yosiaki Iida (SECOM Trust Systems), Adam Jones (Microsoft), Pekka Lahtiharju (Telia)
Minutes
1. Read Antitrust Statement
Jos Purvis read the antitrust statement.
2. Roll Call
Reading of the roll was deferred to the Forum call.
3. Review Agenda
No changes were made to the agenda.
4. Approval of Minutes from Last Teleconference
The minutes from the last call were approved without changes.
5. Validation Subcommittee Update
Wayne Thayer said that the following topics were discussed on last week’s call:
- Tim Hollebeek mentioned that SC52 version 2 was published. There was discussion about the addition of time interval calculations to the ‘conventions’ section of the BRs. Some feel that it is best to comprehensively clarify the definition of time intervals throughout the doc with this change, while others feel that the broad scope of the current ballot places too much of a burden on each CA to verify compliance.
- Tim said that he hasn’t worked on the profiles recently.
- Dimitris Zacharopoulos asked about removing Onion V2 address validation from the EV Guidelines. Tim said that V2 addresses are still in use. Dimitris will work with others to prepare a ballot
- Wayne asked about method 3.2.2.4.7 CNAME delegation to the CA and Tim said that he would send a proposal to the list.
6. NetSec Subcommittee Update
Ben Wilson said that the subcommittee discussed that the risk assessment is currently in Google sheets, but we really need a database for the task. Unfortunately we’re not aware of any inexpensive solution. Then they discussed conversion of the NetSec subcommittee to a working group. Ben has a ballot for this change ready to go into the discussion period. Ben asked if he should begin the discussion period today or wait until after the holidays. When no one responded, he said that he would start the discussion period today and try to complete voting by the 24th.
7. Ballot Status
Ballots in Discussion Period
None
Ballots in Voting Period
None
Ballots in Review Period
- Ballot SC50: Remove the Requirements of Section 4.1.1
Draft Ballots Under Consideration
- Ballot SC52 version 2: Specify CRL Validity Intervals in Seconds (Tim)
Wayne said that Tim published a new version of the ballot that incorporates clarifications drafted by Aaron Gable last week. Other than the disagreement mentioned earlier in the call about the scope of the change, there are no open comments, so Wayne said that he expects Tim to begin voting soon.
8. Any Other Business
None
9. Next call (after US Christmas holiday): January 6th, 2022 at 11AM Eastern
Adjourn; Immediately convene meeting of CA Browser Forum(same call)