<div dir="ltr">Thanks Neil. I agree that Ballot SC29 is ready for voting.<div><br><div>When it comes to vulnerability management and change management there is much that one can discuss. But as you pointed out, neither of these are the primary subject of this Ballot.</div><div>If there is interest in continuing the discussion to add more nuanced rules, we can do that later in a dedicated Ballot.</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Apr 27, 2020 at 7:19 PM Neil Dunbar via Netsec <<a href="mailto:netsec@cabforum.org">netsec@cabforum.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">All,<br>
<br>
I'm thinking that with no apparent resistance to ending the moratorium <br>
on ballots, it's probably time to put Ballot SC29v3 up for voting.<br>
<br>
I'll do this tomorrow (Tuesday 28th April) if there are no objections <br>
from the NetSec team to my doing so. Technically, I put the end of the <br>
current discussion period at 30th April to stretch out the time, but I <br>
looked at the bylaws and it says that the proposer can curtail the <br>
discussion period if no new version of the ballot has been posted in 7 <br>
days - which is the case here.<br>
<br>
I do appreciate the full and frank exchange of views, but I'm siding <br>
with Tobi on this one: if there is indeed a policy benefit to <br>
prohibiting automatic updating, I don't think that the current ballot is <br>
the place to do it. All we wanted to do was push the community towards <br>
continuous monitoring, and accept that as an incremental improvement. I <br>
think the current SC29v3 does that. We can address effective chain of <br>
custody issues in other ballots to come.<br>
<br>
Thoughts, as alway, very welcome.<br>
<br>
Cheers,<br>
<br>
Neil<br>
<br>
_______________________________________________<br>
Netsec mailing list<br>
<a href="mailto:Netsec@cabforum.org" target="_blank">Netsec@cabforum.org</a><br>
<a href="http://cabforum.org/mailman/listinfo/netsec" rel="noreferrer" target="_blank">http://cabforum.org/mailman/listinfo/netsec</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><br style="color:rgb(136,136,136);font-size:12.8px"><div style="font-size:12.8px"><div dir="ltr"><font face="'trebuchet ms', sans-serif"><span style="border-collapse:collapse;font-family:sans-serif;line-height:20px"><span style="border-width:2px 0px 0px;border-style:solid;border-color:rgb(213,15,37);padding-top:2px;margin-top:2px"><font>David Kluge</font><font color="#555555" style="color:rgb(136,136,136)"> |</font></span><span style="color:rgb(85,85,85);border-width:2px 0px 0px;border-style:solid;border-color:rgb(51,105,232);padding-top:2px;margin-top:2px"> Technical Program Manager |</span><span style="color:rgb(85,85,85);border-width:2px 0px 0px;border-style:solid;border-color:rgb(0,153,57);padding-top:2px;margin-top:2px"> <a href="mailto:kluge@google.com" target="_blank">kluge@google.com</a> |</span><span style="color:rgb(85,85,85);border-width:2px 0px 0px;border-style:solid;border-color:rgb(238,178,17);padding-top:2px;margin-top:2px"> +41 44 668 03 54</span></span></font></div></div></div></div>