[Servercert-wg] Final Minutes for Server Certificate Working Group Teleconference - August 22 2019
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Thu Sep 5 09:01:12 MST 2019
These are the Final Minutes of the Teleconference described in the
subject of this message.
Attendees (in alphabetical order)
Arno Fiedler (D-TRUST), Ben Wilson (Digicert), Daniela Hood (GoDaddy),
Dean Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie
(GlobalSign), Dustin Hollenback (Microsoft), Gordon Bock (Microsoft),
Inaba Atsushi (GlobalSign), Janet Hines (SecureTrust), Joanna Fox
(GoDaddy), Kenneth Myers (US Federal PKI Management Authority), Li-Chun
Chen (Chunghwa Telecom), Michelle Coon (OATI), Mike Reilly (Microsoft),
Neil Dunbar (TrustCor Systems), Peter Miskovic (Disig), Rich Smith
(Sectigo), Robin Alden (Sectigo), Ryan Sleevi (Google), Shelley Brewer
(Digicert), Tim Callan (Sectigo), Tim Hollebeek (Digicert), Tim Shirley
(SecureTrust), Timo Schmitt (SwissSign), Tobias Josefowitz (Opera
Software AS), Trevoli Ponds-White (Amazon), Wayne Thayer (Mozilla).
1. Roll Call
The Chair took attendance.
2. Read Antitrust Statement
The Antitrust Statement was read.
3. Review Agenda
No changes to the agenda.
4. Approval of minutes from previous teleconference
The minutes from the previous teleconference were approved and will be
circulated to the public list.
5. Validation Subcommittee Update
Method 6 (http) has a draft ballot that Doug posted, it is the last
ballot coming from the Validation Summit, and there was some discussion
about the redirects. Doug will most probably propose limiting to 10
They also discussed about the "clean-up ballot". There is a link
pointing to the proposed changes in the minutes of the validation
subcommittee, so Members can check that link for any controversial changes.
Reducing the certificate lifetime ballot was also discussed.
Finally, the subcommittee discussed about the LEI ballot which has
language for the Fully-Verified (Fully Corroborated) information. More
discussion already takes place on the list.
6. NetSec Subcommittee Update
7. Ballot Status
No further discussion on ballots under consideration
_Ballots in Discussion Period_
/Ballot SC22: Reduce Certificate Lifetimes /(Ryan)
Mike asked about the three-week discussion period and whether that was
something decided at the Validation Subcommittee. Ryan mentioned that it
was discussed at the subcommittee level for about a month and then moved
to ballot in order to get any further feedback.
There was a short discussion about whether the proposer must send an
e-mail to explicitly start the voting period, regardless whether the
ballot e-mail states a "voting begin" date. The interpretation of the
Bylaws was that an explicit email by the proposer needs to start the
voting period, which must be exactly 7 days.
_*Ballots in Voting Period*_
_*Ballots in Review Period*_
_Draft Ballots under Consideration_
/Improvements for Method 6, website control/ (Tim H.)
No additional comments
SC20 Ballot (NSR 2): System Configuration Management/(Ben)
No additional comments
/SC21 Ballot (NSR 3): Log Integrity Controls/ (Ben)
Ben asked whether the ballots should be considered withdrawn since they
have not been updated for a while. Dimitris responded that since these
are still in the "Draft ballots" and have not started an official
"Discussion Period", they are not considered withdrawn, unless the
proposer wants to withdraw them.
Tobi mentioned that the Network Security Subcommittee will have a better
idea about these two ballots in two weeks.
8. Any Other Business
No other business.
9. Next call
September 5, 2019 at 11:00 am Eastern Time.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Servercert-wg