Certificate+Discovery+for+Direct+Project+2011-09-19

**Time:** 2:30 PM – 3:30 PM EDT **Dial-in:** 1-408-600-3600 | **Passcode:** 669 844 720 Shay Paintal, Tynisha Carter, Lin Wan, William Ryan, Ernest Grove, Virginia Riehl, Ken Pool, Sam Dechario, Robert Dieterle, Sally Love Connally, Mike Woodcock, John Moehrke, Sri Koka, Aleena Dhar
 * Certificate Discovery for Direct Project Call **
 * Date: **09/19/2011
 * Attendance:**


 * Action Items:**
 * We have addressed all the comments from consensus voting. Karen and Sandra had comments, but were not on the call, so address any additions/comments they may have based on changes.
 * Email the support team any input or thoughts for the implementation guide.


 * Agenda:**
 * Answering some of the comments that came as a result of the consensus vote that we started last week and expect to close today.


 * Comments from Consensus Vote:**
 * Derrick Evans - The "Work to be performed" section seems out of place and sounds like it should be included in the work effort section, I believe if you are going to have this section it should be towards the end so that logically we have a direction described and then the effort it will take to go in that direction . There is no definition for the "Hybrid" approach, what is it?
 * Decision: **Work To Be Performed** is moved to **Work Effort** section.
 * Decision: Create **General Approach** and **Specific Steps** subsections under **Work Effort** section.
 * Decision: The Hybrid Approach is defined in the **Group Recommendation** section; definition will be made clearer with quotes and definition statement.
 * Decision: **Work Effort** section is moved below **Group Recommendation** section so that definition comes prior to reference.
 * Decision: **Rationale** subsection added to **Group Recommendation** section.
 * Terri Skalabrin – RE: Suggest we add "DNS is currently implemented and providing Digital Certificate discovery for a number of Direct pilots at a limited scale." -- Change to remove “Suggest we add” and quotes; Remove: (Volunteers needed with Direct Project Experience to fill out this section) (RCD); The implementation guide is still in draft form. I assume it is excluded from consensus.
 * Decision: Editorial comments will be removed.
 * Decision: Implementation guide is not part of current consensus.
 * Sandra Schafer - I agree with Karen' comments. Largely, my concerns are with the clarity and structure of the document rather than intent. This does not read like a finished statement. I would put the recommendation first after a brief introduction about the reason for the statement. The work effort needed and work to be performed could be combined and included next followed by the reference implementation and risks. The strengths and weaknesses of DNS and LDAP could be moved to the end as a reference and should be put in a 3 column, 3 row table.
 * Would moving recommendations to top and writing new introduction demand new round of consensus?
 * Strengths and weaknesses are not perfectly symmetric and will not work well in a table format. They will be left as bullet points.
 * Overall participants agree that a table is unnecessary and would end up looking too sparse
 * Karen Witting - My major concern is that this page does not act like a page for consensus but more like a work in progress. Comments 2, 4, & 5 reflect this concern. 1) Third bullet of Strengths & Weaknesses, add "of" as in "a significant number (of) DNS servers currently do not support the CERT record. 2) I recommend the second and third sections be deleted from this consensus page. Should contain only strenths/weaknesses, group recommendation and references. Remove all "Work to be performed"... and why is there two sections on this? 3) If you keep the 2nd/3rd sections: "The Direct Project reference implementations have the capability to support" - I don't know if this section is a statement of fact or a statement of consensus. And the next section talks about the hybrid model yet nothing in the prior text explains what it is. 4) "work effort needed" does not belong in a consensus page. Please remove this to an open issues page. This page should focus on the recommended direction. 5) Remove the "color" legend, makes this page seem like a work in progress not a consensus building vehicle. 6) Agree with comments from Terri Skalabrin as well.
 * Comments 1 and 2 already addressed.
 * Decision: **Group Recommendation** section moved to the top of the document in order to clarify the **Direct Project reference implementations have the capability to support** section.
 * Decision: Add note explaining limits of this statement and goals of this consensus process. A complete implementation guide will be released in the future.
 * Comment 4 has been addressed in light of clarified understanding of limits of this statement (see prior decision).
 * Comment 5 has been resolved.
 * Lester H. Keeper - Conditional Yes, with the understanding that security and privacy will be implemented & evaluated in the pilot.
 * Comment has been addressed in light of clarified understanding of limits of this statement (see prior decision).
 * Security of Certificate Authorities will become an issue in final implementation of provider directories; however security of certificate is responsibility of CA issuer, not searcher.
 * Decision: Remove DNSSEC section since there is no additional information regarding topic in statement.
 * Decision: Add notes that 1) There are no identified risks with discovery of public digital certificates as defined in use case. 2) There are risks associated with the issuance of and use of public digital certificates that must be addressed by these processes.
 * Implementation Guide
 * Draft Implementation Guide will be written by support team and submitted to group to edit and finalize.
 * Recommendation from group is to reverse engineer guide based on creating a reference implementation.
 * Action Item: Group will send support team models of implementation guides to work from moving forward.