CAB Forum Certificate Issuers, Certificate Consumers, and Interested Parties Working to Secure the Web
CA/Browser Forum NetSec Meeting
Attendance:
- Aaron Poulsen – Amazon
- Antti Backman – Telia
- Ben Wilson – Mozilla
- Bruce Morton – entrust
- Christopher Bonjean – GlobalSign
- Clint Wilson – Apple
- Corey Bonnell – DigiCert
- Corey Rasmussen – OATI
- Daryn Wright – GoDaddy
- Dustin Hollenback – Microsoft
- Iñigo Barreira – Sectigo
- Janet Hines – SecureTrust
- Jillian Karner – Let’s Encrypt
- Jozef Nigut – Disig
- Marcelo Silva – Visa
- Paul van Brouwershaven – Entrust
- Prachi Jain – Fastly
- Rebecca Kelley – Apple
- Roman Fischer – SwissSign
- Ruben Annemans – GlobalSign
- Tim Hollebeek – DigiCert
- Trevoli Ponds – Amazon Trust Services
Minutes:
1. Read Antitrust Statement
a. Clint Wilson read the antitrust statement
2. Roll Call
a. Clint Wilson took attendance
3. Minutes approved for last NetSec Meeting
4. Agenda
a. Further discussion on Risk Assessment from the Cloud Services Sub-Group
1. Briefed guest speaker meeting and what advice was given
i. Discussed threat models and what defines a threat. Be more precise.
ii. Possibly look at breaking down the larger parts of the assessment
iii. Look at OCSP responders
2. Next Task: Write a narrative to describe the system, and the system design to give the reader a complete understanding.
b. Ben Wilson Updates
a. Holding separate call to continue work on the documents that focus around zones, offline CAs, and terminology used in the NetSec Requirements. Will schedule later.
b. Continued work on terms for remaining time of NetSec Meeting
c. F2F agenda for NetSec
a. Write Risk Assessment narrative