2024-03-13 Minutes of the S/MIME Certificate Working Group
Minutes of SMCWG
March 13, 2024
These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.
Attendees
Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Ashish Dhiman - (GlobalSign), Bruce Morton - (Entrust), Clint Wilson - (Apple), Dave Chin - (CPA Canada/WebTrust), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser - (TeleTrust), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stefan Selbitschka - (rundQuadrat), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Tathan Thacker - (IdenTrust), Wendy Brown - (US Federal PKI Management Authority)
1. Roll Call
The Roll Call was taken.
2. Read Antitrust Statement
The statement was read concerning the antitrust policy, code of conduct, and intellectual property rights agreement.
3. Review Agenda
Minutes were prepared by Stephen Davidson.
4. Approval of minutes from last teleconference
The minutes for the teleconference of February 28 were approved.
The membership of DiSig in the SMCWG was confirmed.
5. Discussion
Stephen Davidson
Stephen Davidson provided an overview of the draft text of SMC06 clarifications and corrections ballot, including several new items relating to https://github.com/cabforum/smime/issues/236 and https://github.com/cabforum/smime/issues/237. Following discussion it was agreed that suspension be clarified as specifically as certificateHold. Adriano Santoni noted that it was unclear if suspension was even supported by email clients and perhaps should be considered for removal in future. See https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf
Stephen encouraged members to use the Issues list at https://github.com/cabforum/smime/issues to submit topics for consideration.
Stephen noted that the ballot would soon move ahead with endorsers including Martijn Katerbarg of Sectigo and Roman Fischer of SwissSign.
The group had a discussion of SC ballots for relevance to the SMCWG, noting that if the MPV ballot is successful a review may be required for the S/MIME BR.
Stephen noted that the server certificate working group is working towards automatically distributing audio recordings of meetings to participants, which may be extended to the SMCWG as well. There was no objection.
Stephen noted that the group would soon discuss the possible deprecation of the Legacy profiles and again asked Certificate Issuers to review items that presented obstacles to moving to the Multipurpose or Strict profiles. He noted that there were concerns on the ability of ERAs to parse out giveName and surname as separate Subject attributes, and shorter certificate validity may be an issue for implementations using smartcards.
Stephen asked if using CCADB to poll Certificate Issuers regarding their S/MIME BR profiles would present a by-laws/anticompetitive issue?
6. Any Other Business
None
7. Next call
Next call: Wednesday, March 27, 2024 at 11:00 am Eastern Time