Draft agenda for the F2F#66 SCWG meeting

[Dimitris Zacharopoulos (HARICA)]

Dear SCWG Members,


Here is the proposed agenda:

Server Certificate Working Group

1. Take attendance, read anti-trust statement, minute taker(s)

2. Review Agenda

3. Minutes and membership
   1. Approval of Minutes 
      • Sep 25, 2025 Teleconference (Draft minutes have not been distributed yet)
   2. Pending Membership applications
      • Derek R. Greene (as individual)

4. Summary (5-10 minutes)

   • Summary of this quarter (Dimitris)
     
5. Topics
   
   1. Edits to §§4.9.1.1 and 7.2.2 on revocation reason codes (30 minutes) (Ben)
      • #4 superseded → administrative/lifecycle or compliance replacement (subscriber- or CA-initiated), explicitly not used for compromise, identity/validation errors, cessation, or misconduct.
      • #3 affiliationChanged → CA validation/identity error (including withdrawing any asserted binding of identity, domain, or IP)
      • #1 keyCompromise → clarified to include weak/incorrect keys/parameters, flawed generation/lack of randomness, systemic exposures (e.g., Heartbleed), or any case undermining cryptographic assurances.
      • Goal: converge on clearer, enforceable semantics for reason codes so CAs, subscribers, and relying party applications can interpret them consistently—and so ingestion pipelines (e.g., CRLite-like systems) can act on them predictably.
      • Proposal:
   2. Technically Constrained Subordinate CAs (30 minutes) (Ryan)
      • https://github.com/cabforum/servercert/issues/492
      • Discuss why we still need this distinction and see if profiles can be consolidated
   3. Modifying the revocation requirements with an exception for CP/CPS discrepancies (30 minutes) (Dimitris)
      • Minutes from previous F2F
      • Draft proposal
   4. Discussion about upcoming ballots (30-40 minutes) (Ballot proposers)
      
      • SC086: Sunset the Inclusion of Address and Routing Parameter Area Names (Corey)
      • SC087: Registration Number Improvement for EV Certificates (Corey)
      • SC090: Gradually sunset all remaining email-based, phone-based, and 'crossover' validation methods from Sections 3.2.2.4 and 3.2.2.5 (Ryan)
      • SC-XX: Cleanup for ADN CNAME use (Rich)
      • SC-XX: Improve Certificate Problem Reports and Clarify the Meaning of Revocation (Martijn)
   5. GitHub open issues triage  (20-30 minutes) (Dimitris - Wayne)
      
6. AOB (5-10 minutes)

Please suggest additional topics for discussion or changes to this proposed agenda.

Best regards,

Dimitris.

--
Dimitris Zacharopoulos
CA/B Forum SCWG Chair