2022-02-17 Minutes of the Server Certificate Working Group

Attendees

Attendees: Adam Jones (Microsoft), Adrian Mueller (SwissSign), Amanda Mendieta (Apple), Ben Wilson (Mozilla), Bruce Morton (Entrust), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Inaba Atsushi (GlobalSign), Jamie Mackey (US Federal PKI Management Authority), Joanna Fox (TrustCor Systems), Jos Purvis (Cisco Systems), Kati Davids (GoDaddy), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Niko Carpenter (SecureTrust), Paul van Brouwershaven (Entrust), Peter Miskovic (Disig), Rae Ann Gonzales (GoDaddy), Renne Rodriguez (Apple), Ryan Dickson (Google), Trevoli Ponds-White (Amazon), Tyler Myers (GoDaddy), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)

Minutes

1. Read Antitrust Statement

Jos Purvis read the antitrust statement.

2. Roll Call

Dean Coclin read the roll.

3. Review Agenda

No changes were made to the agenda.

4. Approval of Minutes from Last Teleconference

The minutes from the 3-February call were approved without changes.

5. Review of Face-to-Face presentation and feedback

Jos said that he has the following items listed as significant Server Certificate WG accomplishments from last year:

• Completed migration of documents to GitHub and automated publishing process
• Transfer of NetSec subcommittee responsibilities to the new working group

Looking at significant ballots, back in Feb 2021 ballot SC42 changed the validation data reuse period to 398 days.

For the coming year, Jos said that he would like to continue the process of simplifying and clarifying our documents. We will finish transferring the NetSec work to that WG and need to determine how we’ll incorporate the NCSSRs into SCWG requirements. Making GitHub the source of truth for ballots, and integrating GitHub into the documentation publishing process is also a priority.

Bruce Morton said that the EV guidelines are not in RFC 3647 format and it would be nice for that to be aligned.

Jos said that another minor item to address is that the EV guidelines have some formatting differences from the BRs.

Wayne said that he’d like to see the new certificate profiles adopted. Doug Beattie and Corey Bonnell agreed.

Jos said that he would present these items at the face-to-face next week.

7. Ballot Status

Ballots in Discussion Period

• SC51 – Reduce & Clarify Audit Log and Records Archival Retention Requirements

Clint said that he is planning to begin voting tomorrow.

Ballots in Voting Period

• None

Ballots in Review Period

• Ballot SC53: Sunset for SHA-1 OCSP Signing – please review

Draft Ballots Under Consideration

• None

8. Any Other Business

None

9. Next call: After Face-to-face meeting 55

Adjourn; Immediately convene meeting of CA Browser Forum (same call)