2022-07-07 Minutes of the Server Certificate Working Group
Attendees
Aaron Poulsen (Amazon), Adam Jones (Microsoft), Amanda Mendieta (Apple), Andrea Holland (SecureTrust), Ben Wilson (Mozilla), Chris Clements (Google), Chris Kemmerer (SSL.com), Clint Wilson (Apple), Corey Bonnell (Digicert), Corey Rasmussen (OATI), Daryn Wright (GoDaddy), Dean Coclin (Digicert), Devon O’Brien (Google), Dimitris Zacharopoulos (HARICA), Doug Beattie (GlobalSign), Dustin Hollenback (Microsoft), Fumi Yoneda (Japan Registry Services), Hazhar Ismail (MSC Trustgate Sdn Bhd), Hubert Chao (Google), Inaba Atsushi (GlobalSign), Inigo Barreira (Sectigo), Jamie Mackey (US Federal PKI Management Authority), Janet Hines (SecureTrust), Joanna Fox (TrustCor Systems), Johnny Reading (GoDaddy), Jos Purvis (Cisco Systems), Karina Sirota (Microsoft), Li-Chun Chen (Chunghwa Telecom), Marcelo Silva (Visa), Martijn Katerbarg (Sectigo), Michelle Coon (OATI), Nargis Mannan (SecureTrust), Paul van Brouwershaven (Entrust), Pedro Fuentes (OISTE Foundation), Peter Miskovic (Disig), Rebecca Kelley (Apple), Sooyoung Eo (NAVER Cloud), Steven Deitte (GoDaddy), Tadahiko Ito (SECOM Trust Systems), Tobias Josefowitz (Opera Software AS), Tyler Myers (GoDaddy), Vijay Kumar (eMudhra), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Yoshiro Yoneya (Japan Registry Services)
Minutes
1. Read Antitrust Statement
Jos Purvis read the antitrust statement.
2. Review Agenda
No changes were made to the agenda.
3. Approval of Minutes from Last Teleconference
The minutes from the 23-June call were approved with the inclusion of the clarification related to delegated third parties that was requested by Dimitris Zacharopoulos on the mailing list.
Warsaw face-to-face minutes have been published to the wiki. Attendance still needs to be added. Please review the content so that we can approve at the next meeting.
4. Roll Call
Dean Coclin read the roll.
5. Validation Subcommittee Update
Corey Bonnell said that the subcommittee met last Thursday and discussed a path forward for the certificate profiles draft ballot. It was decided to move the ballot draft into the cabforum/servercert repo on GitHub. Then they discussed the improved Pandoc tooling for tables that Ryan Sleevi created in support of the profiles ballot. It will be merged into main. Finally, the subcommittee is gathering up work items discussed at the face-to-face and will be looking for volunteers to shepherd those once the profiles ballot has been moved to the cabforum repo.
6. Ballot Status
Ballots in Discussion Period
- None
Ballots in Voting Period
- None
Ballots in Review Period
- None
Draft Ballots Under Consideration
- Revival of Debian Weak Keys
Chris Kemmerer said that he sent a detailed review of the question regarding linking to external resources to the mailing list. There are links to external resources in the current doc, but we need to determine how we will vet links that we want to add. Chris asked for further input from members.
- SLO/Response for CRL & OCSP Responses
David Kluge was not on the call and there were no updates from others.
7. Any Other Business
- Membership application – Fastly
Jos said that Fastly submitted all the paperwork. Jos will not comment as he is now a Fastly employee. Dean said that we have all their information and they previously submitted their IPR agreement. Dean said that Fastly originally submitted a website run by them, but then resubmitted a URL for a different website. Dean noted that the application stated that Fastly certificates are recognized by Firefox Nightly. Clint Wilson noted that Apple has also approved Fastly’s root inclusion request. There were no objections and Fastly’s application was approved.
8. Next call: 21 July 2022 at 11AM Eastern
Adjourn; Immediately convene meeting of CA Browser Forum (same call)