IETF
wpkops@jabber.ietf.org
Thursday, March 14, 2013< ^ >
hillbrad has set the subject to: http://www.ietf.org/proceedings/85/slides/slides-85-wpkops-0.pdf
Room Configuration
Room Occupants

GMT+0
[16:25:18] synp joins the room
[16:25:24] synp leaves the room: Computer went to sleep
[16:32:45] synp joins the room
[16:37:05] synp has set the subject to: 1st ever WPKOPS Meeting - Slides at http://www.ietf.org/proceedings/86/slides/slides-86-wpkops-6.pdf
[16:53:12] benwilson joins the room
[16:57:38] hillbrad joins the room
[17:00:31] metricamerica joins the room
[17:00:49] <synp> Getting started...
[17:01:00] <synp> How many in the Jabber room are remote?
[17:01:11] Karen O'Donoghue joins the room
[17:01:14] <benwilson> I've never done this before, so I'm assuming there is no audio, just chat.  Correct?
[17:01:32] <hillbrad> there is a "read only" audio stream
[17:01:52] <hillbrad> if you want to say something, prefix it with "mic:" and someone will read it aloud for you in the room
[17:02:20] sftcd joins the room
[17:02:22] <synp> Yup.
[17:02:27] <benwilson> OK - how do I join the read-only audio stream?
[17:02:39] hillbrad has set the subject to: http://ietf86streaming.dnsalias.net/ietf/ietf863.m3u
[17:02:49] <hillbrad> http://ietf86streaming.dnsalias.net/ietf/ietf863.m3u
[17:02:51] <synp> Audio stream should be available at http://ietf86streaming.dnsalias.net/ietf/ietf863.m3u
[17:03:13] <synp> Slide: WG Goal
[17:03:33] <synp> slide: Constraints
[17:03:43] PHB joins the room
[17:04:09] <synp> Slide: Outside Scope
[17:04:44] <synp> Slide: Document Milestones
[17:05:24] <synp> So much for the "Charter Discussion" presso
[17:05:47] <synp> Bruce Morton will now present on "Trust models of the web PKI"
[17:06:18] <synp> Joes at the mike
[17:06:48] <synp> Slide: Introduction
[17:06:57] <synp> s/Joes/Joel
[17:07:18] <synp> Slide: Basic Trust Model
[17:09:00] <synp> Slide: Basic trust model
[17:11:30] <synp> Slide: Trust model variants
[17:12:47] <synp> Steve Kent at the mic
[17:13:10] =JeffH joins the room
[17:14:34] <synp> Reminder: if anyone wants to be channeled to the room, prefix your comment with "mic:"
[17:15:00] bkihara.l joins the room
[17:15:04] <synp> Steve Kent at the mic
[17:15:20] <benwilson> Thanks.
[17:16:18] <synp> Paul H at the mic
[17:16:34] <=JeffH> ryan sleevi was prior to paul H @mic
[17:16:56] yngve_n_pettersen joins the room
[17:17:40] <=JeffH> jeremy @digicert @ mic
[17:18:39] <synp> Joel @mic
[17:19:56] <benwilson> Bruce @mic
[17:20:05] <synp> Slide: Trust model variants cont'd
[17:20:24] <=JeffH> Bruce is presenting at front of room :)
[17:21:01] <synp> Do they have a definition of affiliate?
[17:21:12] <benwilson> Not yet
[17:21:44] <synp> So isn't an RA an "affiliate" just because it's an RA?
[17:22:24] <benwilson> "Affiliate" depends on whether you're trying to use it in the legal sense or not.
[17:22:47] <=JeffH> paul hoffman @mic
[17:23:06] <benwilson> "Common Control"  is the legal factor
[17:24:12] <=JeffH> mic line is growing
[17:24:40] <=JeffH> yoav nir @ mic
[17:24:48] <sftcd> but mic line is not yet growling:-)
[17:25:26] <=JeffH> mike jenkins @ mic
[17:25:43] <benwilson> That is because Paul H. might be interpretted as having said that CPS's should be eliminated, which may not have been what he meant.
[17:26:06] <=JeffH> if u wish comments relayed at mic, pls preface them with "mic:"
[17:26:27] <benwilson> No need yet.
[17:29:02] <synp> Jeremy@mic
[17:29:54] <synp> PHB@mic
[17:30:07] <=JeffH> phb @mic
[17:31:33] <synp> Ryan Sleevi @ mic
[17:31:51] vincent.levigneron joins the room
[17:33:39] <synp> Stephen Farrell @ mic
[17:35:49] <synp> On to the next presentation: Revocation - Phillip Hallam-Baker
[17:36:03] <synp> Slide: What are the dimensions
[17:36:37] <synp> Slide: Views
[17:37:00] <synp> (does nobody put slide numbers on presentations any more?)
[17:38:31] <synp> Slide: Revocation Mechanisms
[17:38:38] <synp> Paul H @ mic
[17:39:17] <synp> Slide: End Entity Certificates
[17:40:01] <synp> Slide: OCSP Modes
[17:41:31] <synp> Jeremy (@mic)
[17:42:02] <synp> Steve Kent @ mic
[17:43:02] <synp> Slide: OCSP Signing Certificate
[17:43:59] <synp> Paul H @ mic
[17:45:17] <synp> Steve Ken @ mic
[17:45:29] <synp> Adam Langley @ mic
[17:46:31] satoru.kanno@jabber.org joins the room
[17:47:38] <synp> Jeremy @ mic
[17:47:52] <synp> Paul H: also for OCSP signing?
[17:48:02] <synp> Slide: TLS Stapling
[17:48:30] <synp> Slide: OCSP Processing
[17:48:56] <synp> Slide: What did I miss?
[17:49:38] <synp> Brad Hill @ mic
[17:49:51] <synp> SFCD @ mic
[17:50:12] <synp> s/SFCD/sftcd/
[17:50:39] <synp> Paul Hoffman @ mic
[17:52:29] <synp> --@microsoft at mic
[17:53:12] <benwilson> Question (in advance of next presentation)  - if I share the Google spreadsheet we're working on with 'Allow anyone to edit' rights, are there concerns about people posting garbage on it like those who post spam to Wordpress sites?  If so, is there a different way that you suggest I share it?
[17:53:36] <sftcd> whoever's taking minutes has a lot to write down:-)
[17:54:27] <=JeffH> yoav @mic
[17:55:48] <=JeffH> agl was @mic
[17:58:00] <synp> Jeremy Rowley (Digicert) on Field and extension processing
[17:58:06] <synp> Slide: Overview
[17:59:36] <=JeffH> @benwilson - guess we'll relay that ques @mic when J's taking questions
[18:01:08] <yngve_n_pettersen> (mic; after presentation) The long time to discovery of the incorrectly issued TurkTrust intermediate CA certificates was, in part, made possible by clients failing to treat web site certificates with basic Constraint CA:True, without "use as Web Site cert" extensions, as unsuitable for that purpose. Is this already part of what the of the extension processing document?  If not, should the Web PKI group document requirements for this as part of the extension processing document? Such a section should specify which extensions are allowed for a given type of certificate, and particularly how to handle them when the expected extensions aren't there, but other similar extensions are. The goal should be to limit how agents can handle such extensions, when the extension it is looking for is not there.
[18:01:26] <synp> Slide: Limiting the Scope
[18:01:42] <synp> @Yngve: OK. I'll say that at the end of the presso
[18:02:34] <synp> Paul H @ mic
[18:03:00] <synp> Slide: Current Status
[18:03:18] <synp> Farrell @ mic
[18:04:14] <benwilson> mic - the list of Safari on OSX, etc, was just an example
[18:04:14] <synp> Wes Hardeker @ mic
[18:05:52] <=JeffH> answer to Yngve's first ques: yes
[18:06:08] <=JeffH> from Jeremy
[18:06:23] <synp> Joel @ mic
[18:08:14] <synp> Slide: Tasks
[18:08:51] <synp> Slide: Next Steps
[18:09:40] <yngve_n_pettersen> (mic) Note that I have already recommended to browsers that they implement stricter policies regarding the CA:True extension
[18:11:04] <synp> Stephen Farrell @ mic
[18:11:35] <synp> AGL @ mic
[18:12:02] <benwilson> (mic) - if I share the Google spreadsheet we're working on with 'Allow anyone to edit' rights, are there concerns about people posting garbage on it like those who post spam to Wordpress sites?  If so, is there a different way that you suggest I share it?
[18:14:05] <synp> ryan @ mic
[18:14:31] <synp> I promise not to deface it :-)
[18:14:33] Melinda joins the room
[18:15:25] <synp> Paul H @ mic
[18:16:26] <synp> AGL @ mioc
[18:16:32] <synp> AGL @ mic
[18:18:05] <synp> Last Presentation - AGL & Paul H - TLS Stack
[18:18:13] <synp> Slide: What the charter says
[18:18:56] <synp> Slide: Common PKIX issues for the TLS stack
[18:21:42] <synp> Slide: Less common PKIX issues for the TLS stack
[18:22:57] <synp> Slide: TLS protocol considerations for interoperability
[18:23:36] <yngve_n_pettersen> (mic) I have seen several cases where site certificates were revoked, but the replacement was not installed; one involved an American Express site
[18:24:29] <synp> Slide: How are these issues visible to the user
[18:26:17] <synp> Slide: PKI-related choices made by the browser user
[18:27:40] <synp> Ryan @ mic
[18:28:14] <synp> Wes @ mic
[18:29:57] <synp> Stephen @ mic
[18:30:19] <synp> Wes @ mic
[18:31:14] sftcd leaves the room
[18:31:14] vincent.levigneron leaves the room
[18:31:14] benwilson leaves the room
[18:31:14] metricamerica leaves the room
[18:31:14] yngve_n_pettersen leaves the room
[18:31:14] <synp> Open Mic
[18:32:30] satoru.kanno@jabber.org leaves the room
[18:32:51] <=JeffH> yoav @mic
[18:33:29] <=JeffH> agl @ mic
[18:33:45] <=JeffH> melinda shore@mic
[18:42:00] bkihara.l leaves the room
[18:42:01] synp leaves the room
[18:42:26] PHB leaves the room
[18:43:42] =JeffH leaves the room: Logged out
[18:43:44] hillbrad leaves the room
[18:52:01] Karen O'Donoghue leaves the room
[19:02:45] Melinda leaves the room: Computer went to sleep
[19:16:48] hillbrad joins the room
[19:17:30] Karen O'Donoghue joins the room
[19:48:33] hillbrad leaves the room
[20:23:00] vincent.levigneron joins the room
[20:49:42] Karen O'Donoghue leaves the room
[21:02:04] vincent.levigneron leaves the room
[21:06:40] Karen O'Donoghue joins the room
[21:25:55] vincent.levigneron joins the room
[21:32:28] Karen O'Donoghue leaves the room
[21:37:23] Karen O'Donoghue joins the room
[22:32:55] Karen O'Donoghue leaves the room
[22:34:20] vincent.levigneron leaves the room
[22:38:34] Karen O'Donoghue joins the room
[22:39:48] Karen O'Donoghue leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!