<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="" style="color: rgb(0, 0, 0); font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; font-family: Helvetica; line-height: normal;"><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">Hi Ben,</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class=""><br class=""></div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">Thanks for elaborating on this. The model is getting closer to something we could support.</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class=""><br class=""></div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">One issue that we’ll need to discuss is how we would track “participation” and “formally joining a working group.” This is the kind of overhead I was inquiring about - who would manage this?</div></div><div class="" style="color: rgb(0, 0, 0); font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; font-family: Helvetica; line-height: normal;"><span class="" style="orphans: 2; widows: 2;"><span style="font-family: Arial; orphans: auto; widows: auto;" class=""><br class=""></span></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; font-family: Helvetica; line-height: normal;"><span class="" style="orphans: 2; widows: 2;"><br class=""></span></div><div class="" style="color: rgb(0, 0, 0); font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; font-family: Helvetica; line-height: normal;"><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">Best regards,</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; min-height: 17px;" class=""><br class=""></div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">Virginia Fournier</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">Senior Standards Counsel</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class=""><span style="line-height: normal; font-family: 'Myriad Set Pro'; color: rgb(94, 94, 94); -webkit-text-stroke-color: rgb(94, 94, 94);" class=""></span> Apple Inc.</div><div style="margin: 0px; font-size: 14px; line-height: normal; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial;" class="">☏ 669-227-9595</div><div style="margin: 0px; font-size: 14px; line-height: normal; color: rgb(71, 135, 255); -webkit-text-stroke-color: rgb(71, 135, 255); -webkit-text-stroke-width: initial;" class=""><span style="color: rgb(0, 0, 0); -webkit-text-stroke-color: rgb(0, 0, 0);" class="">✉︎ <a href="mailto:vmf@apple.com" class=""><span style="-webkit-text-stroke-color: rgb(71, 135, 255);" class="">vmf@apple.com</span></a></span></div></div><div class="" style="color: rgb(0, 0, 0); font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; font-family: Helvetica; line-height: normal;"><div class="" style="orphans: 2; widows: 2;"><div class=""><br class=""></div><div class=""><br class=""></div></div></div></div><br class="Apple-interchange-newline"><br class="Apple-interchange-newline">
</div>
<br class=""><div><div class="">On Jul 22, 2016, at 3:38 PM, Ben Wilson <<a href="mailto:ben.wilson@digicert.com" class="">ben.wilson@digicert.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="WordSection1" style="page: WordSection1; font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class="">Why would the CAB Forum make these changes? What’s the impetus? What would the benefits be to the Forum and the members?<o:p class=""></o:p></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">As Certification Authorities, we issue X.509v.3 certificates for server authentication, code signing, secure email, client authentication, document signing, IOT device authentication, and a number of other, similar, public PKI purposes. From time to time we encounter questions about what are the best industry practices when issuing and managing these types of certificates. One venue, which has proven useful when discussing server authentication certificate issues, is the CAB Forum. <span class="Apple-converted-space"> </span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">The CAB Forum already has an established infrastructure. It has a wiki, an email server, a website, a GitHub repository, a telephone bridge, a set of Bylaws, an IPR Policy, member representatives, and finally and most importantly, a reputation with CAs and application software providers. These are all valuable resources that can be leveraged and used to discuss other certificate types used in public PKI.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">An explicit broadening of the allowed scope (DigiCert believes that the scope has always included other types of certificates) will allow CAs and others to move forward more efficiently in these other areas of public PKI.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class="">How do you envision the IPR policy working in the model you’ve described? Would there be one CAB Forum IPR policy, or an IP policy for each working group (there were objections to having multiple IP policies)<o:p class=""></o:p></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">There would be one IPR Policy based on a participation model or as Peter Bowen noted, it would be more appropriate to call it a “working-group-membership-based IPR policy”-- if you stay silent on calls or take no action during working group meetings you are still deemed to be participating. For example, a Member would be deemed to “participate” if it or its representative: (1) formally joins a working group as a listed participant; or (2) makes a Contribution to a Working Group; or (3) attends more than one (1) meeting of a Working Group (in person or by telephone) within a one-year period. [Source: <span class="Apple-converted-space"> </span><a href="https://www.sdcard.org/join/pdf/ippolicy32909.pdf" style="color: purple; text-decoration: underline;" class="">https://www.sdcard.org/join/pdf/ippolicy32909.pdf</a>] The terms and conditions of the IPR Policy would be limited in scope to and binding relative to each Working Group in which a member participates. [Source: <span class="Apple-converted-space"> </span><a href="http://www.gs1.org/docs/ip/GS1_Intellectual_Property_Policy.pdf" style="color: purple; text-decoration: underline;" class="">http://www.gs1.org/docs/ip/GS1_Intellectual_Property_Policy.pdf</a>]<span class="Apple-converted-space"> </span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class=""><span style="" class="">How would the “Forum” activities be funded and staffed?<o:p class=""></o:p></span></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="" class="">No funding or staffing needed. The proposal consists of minor definitional, organizational, structural, and procedural changes. There are no new activities that aren’t already accounted for in existing CAB Forum documents and procedures. <span class="Apple-converted-space"> </span><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class=""><span style="" class="">Why should CAB Forum accommodate the requests of specific companies/members?<o:p class=""></o:p></span></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="" class="">The proposal does not seek to accommodate any specific company, member, or group of members (except CAs as a whole). A participation-based model is a necessary outcome of the desired changes outlined in our answer to the first question above. It isn’t an accommodation to any particular member—Google and Mozilla were simply the members who raised the issue first—i.e. that a participation model for the IPR would enable a broadening of scope, which is what CAs in the Forum desire.<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class=""><span style="" class="">Where do you see browsers fitting into the equation?</span></b><b class=""><o:p class=""></o:p></b></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">Browsers would be entitled to vote at both the Forum level and the Working Group level. At the Forum level browsers would be a subset of “application software supplier” now used in the Baseline Requirements and defined in the BRs as “A supplier of Internet browser software or other relying-party application software that displays or uses Certificates and incorporates Root Certificates.” At the Working Group level, nothing would change – browsers would still have the same voting rights on matters involving the EV Guidelines and the Baseline Requirements.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><a name="_MailEndCompose" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""><o:p class=""> </o:p></span></a></div><span class=""></span><div class=""><div style="border-style: solid none none; border-top-color: rgb(225, 225, 225); border-top-width: 1pt; padding: 3pt 0in 0in;" class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">From:</span></b><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""><span class="Apple-converted-space"> </span><a href="mailto:vfournier@apple.com" class="">vfournier@apple.com</a> [<a href="mailto:vfournier@apple.com" class="">mailto:vfournier@apple.com</a>]<span class="Apple-converted-space"> </span><br class=""><b class="">Sent:</b><span class="Apple-converted-space"> </span>Wednesday, July 20, 2016 5:09 PM<br class=""><b class="">To:</b><span class="Apple-converted-space"> </span>Ben Wilson <<a href="mailto:ben.wilson@digicert.com" class="">ben.wilson@digicert.com</a>><br class=""><b class="">Cc:</b><span class="Apple-converted-space"> </span><a href="mailto:Govreform@cabforum.org" class="">Govreform@cabforum.org</a><br class=""><b class="">Subject:</b><span class="Apple-converted-space"> </span>Re: [cabf_governance] DigiCert's Proposal for Governance Reform<o:p class=""></o:p></span></div></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div class=""><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Hi Ben,<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""><o:p class=""> </o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Thanks for sending this. I haven’t digested your suggested model in detail yet, but I have some questions.<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><ul type="disc" style="margin-bottom: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;">Why would the CAB Forum make these changes? What’s the impetus? What would the benefits be to the Forum and the members?<o:p class=""></o:p></li><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;">How do you envision the IPR policy working in the model you’ve described? Would there be one CAB Forum IPR policy, or an IP policy for each working group (there were objections to having multiple IP policies)?<o:p class=""></o:p></li><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; word-spacing: 0px;"><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">How would the “Forum” activities be funded and staffed?<o:p class=""></o:p></span></li><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; word-spacing: 0px;"><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Why should CAB Forum accommodate the requests of specific companies/members?<o:p class=""></o:p></span></li><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; -webkit-text-stroke-color: rgb(0, 0, 0); -webkit-text-stroke-width: initial; word-spacing: 0px;"><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Where do you see browsers fitting into the equation?<o:p class=""></o:p></span></li></ul></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 9pt; font-family: Helvetica, sans-serif;" class=""><o:p class=""> </o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 9pt; font-family: Helvetica, sans-serif;" class=""><br class=""><br class=""><o:p class=""></o:p></span></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Best regards,<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""><o:p class=""> </o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Virginia Fournier<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">Senior Standards Counsel<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: 'Myriad Set Pro', serif; color: rgb(94, 94, 94);" class=""></span><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""> Apple Inc.<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: 'Segoe UI Symbol', sans-serif;" class="">☏</span><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""><span class="Apple-converted-space"> </span>669-227-9595<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10.5pt; font-family: 'Segoe UI Symbol', sans-serif;" class="">✉︎</span><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""> <a href="mailto:vmf@apple.com" style="color: purple; text-decoration: underline;" class="">vmf@apple.com</a></span><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif; color: rgb(71, 135, 255);" class=""><o:p class=""></o:p></span></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 9pt; font-family: Helvetica, sans-serif;" class=""><o:p class=""> </o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 9pt; font-family: Helvetica, sans-serif;" class=""><o:p class=""> </o:p></span></div></div></div></div></div><p class="MsoNormal" style="margin: 0in 0in 12pt; font-size: 12pt; font-family: 'Times New Roman', serif;"><o:p class=""> </o:p></p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">On Jul 20, 2016, at 12:08 PM, Ben Wilson <<a href="mailto:ben.wilson@digicert.com" style="color: purple; text-decoration: underline;" class="">ben.wilson@digicert.com</a>> wrote:<o:p class=""></o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">DigiCert’s preferred model for governance reform of the CA/Browser Forum is working-group-centric as it emphasizes the importance of working groups in the areas of membership, voting, and IPR obligations. <span class="apple-converted-space"> </span><o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">While the two underlying themes to our discussions about governance reform lately have been entitlement to vote and the over-inclusive scope of the IPR policy, we should not oversimplify the reasons for seeking governance reform. They go beyond the factors that caused the code signing ballot to fail. Additional requests of members have included: one organization where activities are coordinated, self-regulation in the industry, and a legally recognized structure (i.e. sufficient enough for the Forum to receive an EV certificate). These additional requests should be accommodated if possible.<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">DigiCert favors a resolution that moves the current membership and voting criteria to a “Server Certificate Working Group” leaving membership at the Forum level of the organization responsible for administration and maintenance of the Forum. While the purpose of the Forum as a whole would be to address standards applicable to CAs issuing digital certificates, the scope of activities at the Forum level would be limited to scheduling meetings, creating/eliminating working groups, harmonizing the work product of working groups, maintaining the website, and maintaining the IPR policy. For these purposes, the Bylaws would create “Standing Committees” formed to work and advise Forum membership on areas delegated to Standing Committees in the Bylaws. There would be no Executive Committee—each member at the Forum level would have one vote, but membership in a working group would not entitle that company to membership at the Forum level. Membership at the Forum level would not require participation in any working group. <span class="apple-converted-space"> </span><o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">Similar to today’s membership criteria, membership at the Forum level would be limited to CAs and software companies of a certain size that manage root stores. (The name of the CA/B Forum doesn’t need to change – the meaning of “CA/B” can be historic.) Each working group would be responsible for creating and maintaining its own membership rules and voting rules. As stated above, the membership criteria and voting rights in the Server Certificate Working Group would be the same as they are today for the Forum as a whole. Additional working groups would be the Code Signing Working Group and the Client Certificate Working Group. DigiCert proposes that membership in the Code Signing Working Group be limited to those CAs that issue code signing certificates and those software providers actively engaged in maintaining trust stores for code signing. Membership in the Client Certificate Working Group would be similarly limited to CAs that issue certificates for S/MIME, digital signature, and client authentication and to software providers that process those certificates. However, these are just suggestions and membership in each working group would be decided by the working group itself. Voting rules could be established by each of those working groups once they convene.<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class="">This two-layer structure is important for implementation of a working-group approach to IPR obligations. Votes by membership at the upper, Forum level of the organization should not encumber the intellectual property rights of members. Segregating administrative-management activities at the Forum level with Standing Committees from standards-adopting activities in Working Groups provides a clear guide for members and their legal counsel to follow when evaluating the IPR consequences of Forum participation. Conversely, the proposal to preserve voting on server-certificate issues at the Forum level does not resolve the IPR concerns that have been previously expressed.<span class="apple-converted-space"> </span><o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <o:p class=""></o:p></span></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><CABForum.pdf><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class="">_______________________________________________<br class="">Govreform mailing list<br class=""></span><a href="mailto:Govreform@cabforum.org" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif; color: rgb(149, 79, 114);" class="">Govreform@cabforum.org</span></a><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif;" class=""><br class=""></span><a href="https://cabforum.org/mailman/listinfo/govreform" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 10.5pt; font-family: Helvetica, sans-serif; color: rgb(149, 79, 114);" class="">https://cabforum.org/mailman/listinfo/govreform</span></a></div></div></div></div></div></div><br class=""></body></html>