
Chaired by Gregory Liebovitz with co-chair Paul Knight attending via audio and Jabber.

Notes taken by Paul Hoffman

See the slides

Agenda was bashed

The chairs asked for external review on the profile document
	Folks from MSEC, RPSEC, and other WGs

There has been thin review on the management profile doc, but we are ready for last call

Review of ikecert-profile
	Presentation by Brian Korver
	Talked about differences since our last meeting, -06 to -09
	-07 changes
		Modified the code for KU and EKU
		Hammered out an escape clause for disabling certificate checking
			Ariel Scolnicov pointed out that the wording is too general
				and that some checks are are useful
	-08 changes
		Added more text on SHA-256
		Added text about that we were talking about main mode
	-09
		Made SHA-256 text in the body of document
	Russ Housley taked about the document 
		Currently in AD evaluation
		Russ did his review on the plane to Dallas
		He is concerned about DN comparison
			Why don't we do the same as in RFC 3280?
			We need to tell CAs to encode correctly so the bitwise
				compare will work
		In section 3.1.2, it says that a caseless comparision MUST
			be performed. When IDNs are used, the Punycode encoding
			appears here.
		Should we even be allowing MD5?
			Paul Hoffman questioned if this is relevant to PKIX certs
			David Black said MD5 SHOULD NOT be used
			Russ said maybe we should say SHOULD NOT issue new MD5
				certs but should still be able to verify
			Ariel said we still need to be able to verify
			Gregory said who the consumers of the document are
				and how we should be supporting them
			Paul said we shouldn't put a SHOULD NOT in unless
				we can justify it, and we can't
			Charlie Kaufman said that most vendors would migrate away
				from MD5 because of the bad press even if there was no
				technical justification for doing so, and they would
				do that regardless of what we said in the spec.
			David said that administators will mess up CA config,
				possibly not doing unpredictable serial numbers
			Paul said that he wasn't assuming unpredicatble IVs
			Tero Kivenen said that if we can do MD5 so fast we can
				possibly get structured collision
			Paul said that no research has been done that he knows of
			Tim Polk asks should we make RSA-SHA256 a MUST?
			Russ said that SAAG has not discussed what to do
				about MD5. Now is OK with saying CAs are encouraged
				not to issue new certs with MD5
			Gregory took the hum on this text and all agreed
			Paul Knight asked if SHA-1 was also being discouraged
				General answer: no
			Francis Dupont asked about section 3.1.4, said
				that the reference is stale and needs to be updated to
				RFC 3779

Review of Certificate Management Profile document
	Gregory asked anyone would read the document before the end of
		the week; no one said they will
	Gregory asked if there were any issues that would come up; almost
		no one did
	Stefan Santesson asked if anyone has said that they are going to
		use it
	Gregory gave the history of Project Dploy
		Said that the purpose of the document is to set up a
			viable alternative for the future
	Nobody wanted to speak on this

Review of charter and milestones