[cabfpub] Notes of Meeting, CAB Forum, 22 August 2013

Ben Wilson ben at digicert.com
Fri Sep 6 23:19:47 UTC 2013


Here are the minutes from the penultimate CAB Forum telephone call.

 

Notes of meeting

CAB Forum 

22 August 2013

Version 1

 

1.  Present:   Dean Coclin, Atsushi Inaba, Ben Wilson, Mads Henriksveen,
Sissel Hoel, Kirk Hall, Eddy Nigg, Atilla Biler, Mert Ozarar, Rick Andrews,
Geoff Keating, Gerv Markham, Stephen Davidson, Wayne Thayer 

2.  Agenda review:  Approved as published.  

3.  Minutes:   The minutes of August 8, 2013, were approved as published.  

4.  Ballots:  No ballot voting processes are pending.  However, the
following ballots are being revised and will be re-presented for voting:
Ballot 89 (EV Processing Recommendations), 103 (clarification on OCSP
Stapling), 107 (removal of specific version numbers and URLs), and 108
(definition of SSL certificate scope). 

On Ballot 89, Wayne will be asked to remove the old version of the EV
Processing Guidelines and Rick will update the EV Processing Recommendations
this week.  Kirk and Ben have said that they will endorse the ballot.  

Mads said that after reading the minutes from the last meeting he is unclear
about the ballot process and what his responsibility should be as the
proponent of the ballot.  Ben said he understood this confusion due to the
way we pulled Ballot 107 out of voting.  Kirk said his comments during the
last meeting about inadequate preparation of ballots were directed more at
complicated changes to guidelines and not necessarily simple changes to
cross-references.  Ben said that Ballot 107 faced several minor comments
which we were not able to get resolved to people’s satisfaction before the
time came to start voting and that is why we pulled it rather than follow
some other course of action.  Ben, Mads, Kirk and Iñigo will circulate and
discuss a revised Ballot 107 offline before bringing it back for vote. 

5.  Announcements:   The EV Guideline Revisions Working Group will begin
meeting every other week, starting next Thursday, 29-Aug at 1600UTC, on a
schedule that alternates opposite to this meeting .  It was suggested that
this be announced by email.  The group will take a comprehensive look at the
EV Guidelines since it has been 5 years since they were created.  The group
will perform a high-level review the EVGs and make suggestions about what
ought to be changed.  After an initial body of work has been done by the
working group, they will report back and invite comments from others and
from interested parties who are not members of the CA/Browser Forum.    Ben
also announced that Tim Moses was back from sick-leave and that it looked
like the pace of work WPKOPS in IETF would pick up again.

Atilla asked about which working groups were still active.  Dean said that
we have the Code Signing working group, the Revocation working group, and
the EV Guidelines working group.  It was suggested that we list those
working groups on the website or wiki.  We should also plan that the working
group meetings on Tuesday Sept. 24 (prior to the plenary face-to-face in
Ankara) will take more than just a  half day as it has in the past.  It was
suggested that Code Signing and EV Guideline working groups each take 3
hours.  The Revocation working group will not likely need even one hour on
Tuesday.   Atilla and Mert need to have a count for the number of people who
will be in attendance during Tuesday’s working group sessions (as well as
for the entire F2F meetings on Wednesday and Thursday).

6. Review recent inquiries about joining CABF and levels of engagement with
CABF-recognized liaisons/ interested parties:  Dean mentioned he was
drafting a welcome page for the web site to introduce new members.  Recently
we’ve been contacted by:  Disig (Slovakia), Firma Profesional (Spain),
WoSign (China), První CA (Czech), AS Sertifitseerimiskeskus  (Estonia), OATI
(US), and others.  He will complete the welcome message for the website when
the more recent applicants have been squared away.  

The role and privileges of non-member interested parties was discussed in
relation to our liaison relationship with ICANN.   Kirk explained that the
early drafts of the bylaws mentioned “observer” status.  The bylaws that
were adopted use the term “interested parties”.   The bylaws say that
interested parties may be invited to participate in working groups related
to their areas of expertise.  Kirk asked whether the scope of ICANN’s
interest was limited.  He also noted that allowing a multitude of interested
parties to participate in meeting discussions would create an unmanageable
situation.  Eddy said that that collaboration and communication between
ICANN and the CA/Browser Forum is very important.  Also, the ICANN
relationship is unique, so we shouldn’t define a limited scope to their
involvement because unlike others, ICANN’s interest in what we do is likely
to be broad.  Ben said that the key distinction between members and
interested parties when it comes to participation is that interested parties
do not have voting rights.  Still, he needed some direction from the group
on two key areas -- wiki access and the management mailing list because if
an interested party is involved, then they need to know more details about
meetings.  Dean asked and Ben confirmed that ICANN had signed the IPR
policy.   In conclusion, it was generally agreed that ICANN is a special
case and that for any other potential interested party that we discuss we
need to conduct a careful review of their anticipated scope of participation
and each time it will need to be done on an ad-hoc / case-by-case basis.  

Rick noted that the discussion reminded him that Oracle is getting closer to
making an application for membership as a browser.  Ben noted that the
bylaws define “browser” as a provider of software with browsing capability,
so we might need to revise the definition of “browser” even if we do not
change the term.  He also noted that we have discussed in the past whether
we need to rename our organization to something else.   He also said that we
ought to make the change to our bylaws before Oracle submits its
application, if we can, and that we have previously drafted language that
would resolve this issue. 

7.  Agenda planning for F2F meeting in Ankara: - Atilla and Mert announced
that approximately 13 people have RSVP’d.  Once they have the number of
attendees,  they can finalize hotel, meeting space, dinner, and travel
arrangements.  Then they will send out another announcement during the first
of next week.  Ben said he would send out an email reminding people that
they need to RSVP.   Ben will also put a draft agenda up on the wiki or on a
Google spreadsheet.

8.  Review status of website revisions:  Not discussed.

9.  Any Other Business:  None.

10. Next phone calls:   It was agreed that we should have two more calls
before the face-to-face - Thurs. Sept. 5th and Thurs. Sept. 19th so that we
can communicate any last minute instructions before the face-to-face.

11.  Meeting adjourned.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130906/0231fc4b/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5453 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130906/0231fc4b/attachment.p7s>


More information about the Public mailing list