Re: [cabfpub] Validation WG

Please add me in the list. Thanks, Robin Lin From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley via Public Sent: Tuesday, November 08, 2016 12:46 AM To: CA/Browser Forum Public Discussion List Cc: Jeremy Rowley Subject: [cabfpub] Validation WG During the face-to-face w

Re: [cabfpub] Draft CAA motion

Actually, scratch my comment -- that was based on a misunderstanding of DS records. -- Eric On Mon, Nov 7, 2016 at 3:27 PM, Eric Mill wrote: > The line "the domain does not use DNSSEC." is a bit tricky, because it's > not possible to reliably discern whether a domain uses DNSSEC (without a > "D

Re: [cabfpub] Draft CAA motion

The line "the domain does not use DNSSEC." is a bit tricky, because it's not possible to reliably discern whether a domain uses DNSSEC (without a "DNSSEC preload list"). An active attacker could make it appear that the domain does not support DNSSEC. Since the CAA spec recommends but does not requ

Re: [cabfpub] An observation and proposal on resolving IPR concerns

On Sun, Nov 6, 2016 at 1:10 PM, Eric Mill via Public wrote: > Hi all, > > I'm a relative newcomer to the Forum, and the operator of neither a > browser nor a CA, but I'll try to contribute something anyway. If it's not > useful, I'll understand. > > Looking at just what's been shared on the publi

[cabfpub] R: Validation WG

Please add me to the validation WG list.  Inviato dal mio dispositivo Samsung Messaggio originale Da: Jeremy Rowley via Public Data: 07/11/2016 17:46 (GMT+01:00) A: CA/Browser Forum Public Discussion List Cc: Jeremy Rowley Oggetto: [cabfpub] Validation WG Durin

Re: [cabfpub] Validation WG

+ Bruce From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Peter Bowen via Public Sent: Monday, November 7, 2016 1:45 PM To: CA/Browser Forum Public Discussion List Cc: Peter Bowen Subject: Re: [cabfpub] Validation WG +Amazon On Nov 7, 2016, at 10:18 AM, Jody Cloutier via Public

Re: [cabfpub] Validation WG

+Amazon > On Nov 7, 2016, at 10:18 AM, Jody Cloutier via Public > wrote: > > + Microsoft > > From: Public [mailto:public-boun...@cabforum.org > ] On Behalf Of Tim Hollebeek via Public > Sent: Monday, November 7, 2016 9:10 AM > To: CA/Browser Forum Public D

Re: [cabfpub] Validation WG

Please keep me on the list. On 11/7/2016 10:46 AM, Jeremy Rowley via Public wrote: During the face-to-face we discussed restarting the validation working group. Please let me know if you are interested and the agenda items you'd like to discuss. We plan on starting the meetings at the time s

Re: [cabfpub] Validation WG

Please keep me on the list too. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Rich Smith via Public Sent: Monday, November 07, 2016 10:27 AM To: public@cabforum.org Cc: Rich Smith Subject: Re: [cabfpub] Validation WG Please keep me on the list. On 11/7/2016 10:46 AM, Jere

Re: [cabfpub] Validation WG

If the calls are already recorded, do you have recordings from past calls for which minutes were not produced? If yes, can those minutes be produced? As Ryan points out, this may well be relevant to IPR claims. On 11/7/2016 11:45 AM, Jeremy Rowley via Public wrote: The calls are recorded al

Re: [cabfpub] Validation WG

I'd like to remain a member of the Validation WG. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley via Public Sent: Monday, November 7, 2016 11:46 AM To: CA/Browser Forum Public Discussion List Cc: Jeremy Rowley Subject: [cabfpub] Validation WG During the face-to-face

Re: [cabfpub] Validation WG

+ Microsoft From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Tim Hollebeek via Public Sent: Monday, November 7, 2016 9:10 AM To: CA/Browser Forum Public Discussion List Cc: Tim Hollebeek Subject: Re: [cabfpub] Validation WG I'm interested. From: Public [mailto:public-boun...@cab

Re: [cabfpub] Validation WG

I am interested as well. I think Kirk knows this, but I wanted to put this out there. Tarah Wheeler Principal Security Advocate Senior Director of Engineering, Website Security Symantec ta...@symantec.com On Nov 7, 2016, at 9:45 AM, Jeremy Rowley via Public mailto:pu

Re: [cabfpub] Validation WG

The calls are recorded already. I simply failed to circulate minutes about half the time. I’ll make sure they are circulated promptly going forward. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dean Coclin via Public Sent: Monday, November 7, 2016 10:43 AM To: CA/Browser Fo

Re: [cabfpub] Validation WG

Right - we put the working group on pause pending the resolution of ballot 179. The scope, charter, etc. would all be the exact same as before. There's already a requirement to supply minutes for each meeting - I just failed to do so. I'll make sure I provide them within a week of each meeting f

Re: [cabfpub] Validation WG

It’s an easy change to setup these calls to be recorded, however, it’s up to the chair of that group to agree to such change and subsequently making that recording public. I don’t think conducting all WG business on the list is productive or efficient and it would have likely taken longer t

Re: [cabfpub] Validation WG

In my opinion, this working group was properly chartered in Ballot 143 (which I note Mozilla voted YES). The working group was never formally terminated but rather was put in a "dormant" status since the production of ballot 169. I think working group members needed a break after 1.5 years of w

Re: [cabfpub] Validation WG

I'm interested. From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley via Public Sent: Monday, November 07, 2016 11:46 AM To: CA/Browser Forum Public Discussion List Cc: Jeremy Rowley Subject: [cabfpub] Validation WG During the face-to-face we discussed restarting the vali

Re: [cabfpub] Validation WG

Jeremy, Just to check - I don't recall there being a formal ballot to terminate the WG (as per section 5.2 of the bylaws), so a few quick and easy process questions: 1) Do you expect that the continuation of the Validation WG will be conducted in accordance with the scope and deliverables of Ball

Re: [cabfpub] Validation WG

On 07/11/16 16:46, Jeremy Rowley via Public wrote: > During the face-to-face we discussed restarting the validation working > group. Please let me know if you are interested and the agenda items > you’d like to discuss. We plan on starting the meetings at the time slot > previously occupied by the

Re: [cabfpub] Validation WG

Jeremy - Please include Ken and me on the validation WG list. Thanks, wendy From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley via Public Sent: Monday, November 7, 2016 11:46 AM To: CA/Browser Forum Public Discussion List Cc: Jeremy Rowley Subject: [cabfpub] Valid

[cabfpub] Validation WG

During the face-to-face we discussed restarting the validation working group. Please let me know if you are interested and the agenda items you'd like to discuss. We plan on starting the meetings at the time slot previously occupied by the code signing working group (9 Pacific). Thanks, Jerem

[cabfpub] Draft CAA motion

Hi everyone, Here's a draft motion to make CAA mandatory. We may not be able to start the process properly for a while, but I'd like to get the motion text ironed out. Gerv *Ballot XXX - Make CAA Checking Mandatory * The following motion has been proposed by Gervase Markham of Mozilla and endor

Re: [cabfpub] SHA-1 ban via Mozilla policy

Done… One point I made there is that it is all very well telling the IoT developers what they should have done after the fact. But we are not telling people what they should be doing instead today. Probably we should be telling CAs to set up a set of roots specifically for embedded devices whi

[cabfpub] SHA-1 ban via Mozilla policy

Dear CAB Forum members, I just want to draw your attention to a discussion I've just started in mozilla.dev.security.policy about a proposed more comprehensive ban on SHA-1 use in hierarchies which chain up to Mozilla-trusted roots. Your input in that forum is most welcome. Gerv _