[cabf_governance] Notes from Today's Call

Ben Wilson ben.wilson at digicert.com
Wed May 4 14:31:41 MST 2016 

Meeting of the Governance Working Group of the CA/Browser Forum

Wed.    4-May-2016

Roll Call

Present:    Ben Wilson (Digicert), Dean Coclin (Symantec), Patrick Tronnier
(OATI), J.C. Jones (Mozilla), Andrew Whalley (Google), Virginia Fournier
(Apple), Aleksei Ivanov (Leader Telecom), Jos Purvis (Cisco), Moudrick
Dadashov (SSC), Jeremy Rowley (Digicert)

Absent:  Kirk Hall (TrendMicro), Peter Bowen (Amazon)

Agenda Review

Dean reviewed the agenda comprised of the following items:  1. Mailing list
guidelines; 2. Nomination and Election of chair(s); 3. Strawman activity
scope:  a. Membership/Leadership, b. Scope, c. Ballots, d. Fees; and 4. F2F
and other meetings this year.   

1. Mailing list guidelines

Dean noted that postings to the email list are public, in accordance with
CA/B Forum bylaws.

2. Nomination and Election of chair(s)

Dean Coclin was nominated by Kirk Hall (via email) and seconded by Moudrick
Dadashov (via email). Dean said he would prefer to do it as a co-chair. Ben
Wilson was nominated by Jeremy Rowley and seconded by Patrick Tronnier. Ben
and Dean were unanimously elected co-chairs.

3. Strawman activity - Scope 

The next item on the agenda was a discussion of the scope.  At the last
face-to-face meeting we discussed organizing the Forum around different
technologies so that we would have sub-groups for technologies such as code
signing, client certificates, email, digital signatures, devices, and of
course, SSL/TLS.

How should the Forum be organized?  What are the topics that we need to
discuss in this working group?  Then, what are the things we should do
first?

A brainstorming session produced the following comments:

1.       Prepare a list of divisions of the Forum that are desired

2.       Describe how we go about adding to the list of divisions, what it
takes to create a new division

3.       IP rules, and how they work at the large scale across the
organization as well as within divisions, and what the minimum rules are for
each division, how they may be different and how we approve them

4.       Transparency on the wide scale for governance of the organization
and how it works at the division levels, what is allowed to be different,
and how we allow that to  be changed in the future

5.       Voting rules  -  roles and responsibilities of the general group,
whether divisions or the Forum bylaws should be what decides the rules for
voting; rules about how divisions make decisions

6.       Whether divisions codify in writing their procedures and how they
might be expected to demonstrate that they are following their written
procedures 

7.        Clarify roles of participants, interested parties, etc.

8.       Whether entities are members of a division or the entire group

9.       Clarification of procedures for member suspension, new member
admittance, member inactivity, what does it mean to be a member, what is
involved, what is required, and what happens when a member doesn't meet
those requirements

10.   Rules on who can be members

11.   Add a procedure that allows minor changes to requirements/guidelines
by consent ballot or by approval of the chair of the Forum

12.   Whether to make the Forum a parent organization 

13.   Methods to address costs of meetings, finances as a general topic of
discussion

14.   Add a group for devices - there  are a lot of  devices  in the  smart
grid industry.  So scope should be expanded to include more
client-side/device issues

15.   Representation of the CA/B Forum in other stakeholder or standards
groups or events (instead of waiting for other groups to come to the CA/B
Forum for advice, the Forum ought to reach out to other standards bodies
because sometimes those groups end up writing standards that don't align
with the Baseline Requirements)

16.   Some organizations require that the Forum be incorporated as a legal
entity

17.   Prepare codified guidelines about times when people may represent the
Forum externally-how and in what context?

18.    Coordination and integration with EU and eIDAS because there are two
kinds of SSL certificate, qualified and non-qualified and there is also OV,
EV and DV.    

19.   Managing meetings and logistical ramifications of enlarging the scope
of the Forum, revisit meeting venues and hosting arrangements, how we
schedule meetings, whether we need to transition to a conference-center type
approach with break-out rooms, whether we need to go to four-day meetings,
etc. 

4. F2F and other meetings this year.   

Next meeting:  Tuesday, May 24 (face-to-face working group in Bilbao)

Subsequent meetings:  Tuesdays, every other week, starting June 7 at 1pm
Eastern Time

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/govreform/attachments/20160504/abd25f49/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4954 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160504/abd25f49/attachment.bin

More information about the Govreform mailing list