[cabfpub] Draft Agenda for F2F meeting Research Triangle Park, NC - March 21-23

Kirk Hall Kirk.Hall at entrustdatacard.com
Sun Feb 26 22:41:02 UTC 2017

Yes, I should have clarified – the prior versions of these topics were left as placeholders, to see if anyone wanted to continue the discussion on the topics.  I guess I could have been more generic to avoid confusion.

Ryan, I’ll try to work in all your suggestions.  I will comment on handling of the “Future Thoughts” topic in a separate email.

I will delete the “Day 2” carry-over topics from the Redmond meeting.  I propose to add the following topics for now.  If anyone wants additional topics on the Agenda for our next F2F, please let me know.

PAG Update
CT Days Results / CT issues
Network and Certificate System Security Requirements: Challenges, Interpretations [Does anyone want this?]
CAA [questions or issues may remain]
Pending Ballots

From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Peter Bowen via Public
Sent: Sunday, February 26, 2017 1:31 PM
To: Ryan Sleevi <sleevi at google.com>
Cc: Peter Bowen <pzb at amzn.com>; CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: Re: [cabfpub] Draft Agenda for F2F meeting Research Triangle Park, NC - March 21-23

On Feb 26, 2017, at 12:48 PM, Ryan Sleevi <sleevi at google.com<mailto:sleevi at google.com>> wrote:

On Sun, Feb 26, 2017 at 12:32 PM, Peter Bowen via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:

It looks like Day 2 is mostly copied from the Redmond F2F agenda.  I don’t have an intention of repeating the topics I lead previously unless there are new things to cover.


Indeed, I was just about to suggest that for several of the other (non-Peter) topics, unless there's something new to cover - and ideally, discussed on the list prior - we shouldn't schedule those items either.

I also note that Day 1 limits the discussion of "Future Thoughts" to 45 minutes, although I would suggest and suspect that this is a line of discussion that might easily occupy an hour and a half, if not more, as members work through understanding the various goals of the suggestions, and then try to map out possible paths towards those goals by articulating concerns and constraints that they may have.

Based on prior meetings I think we should also expand the trust store (browser) portion of the agenda.

If I might, borrowing from an "unconference" like approach, might I suggest that Day 1 gather the "Future Thoughts" as scheduled, and have a (brief) discussion and presentation of those future thoughts (also as scheduled), but we make use of time of Day 2 to actually explore and articulate how to get there. This would allow time for members to socialize and understand the items raised on Day 1, and then come back on Day 2 with a better sense of concerns and directions. I suspect this will allow us a much more productive discussion and figuring out next steps.

Yes, I think that this makes sense.

Maybe the post-SHA2 stuff can move to a possible topic for future thoughts.  I don’t know that we need 45 minutes allocated to just that.

Alternatively, we could consider gathering those discussion items now, prior to the meeting. Day 1 can include a summary of the items and themes and allow time for basic clarification, and then we can dedicate several discussion slots on Day 2 to explore those items identified as either controversial or as shared interest, so that we can more rapidly make progress. This might make it more productive then, say, if I were to request several agenda slots for what Google considers as high importance and future direction.

Another agenda item I might suggest, and I'm happy to be the 'discussion leader' because of it, is the question about the role and relationship of the Forum. Judging by the reactions to Ballot 185, and from various questions that have come in on the questions@ list which have sparked debate, perhaps it's worth revisiting how different members see the role and scope of the Forum, so that we can better understand each other's objectives and needs.

I think this sounds like a good idea, but would expand it to be role of the Forum and role of WebPKI (assuming that the Forum is the venue that defines WebPKI).

There also appears to be one or two agenda items previously discussed, but missing. One was a retrospective discussion about the SHA-1 deprecation, with input from various Browsers, to help capture and crystalize the challenges and to examine some of the lessons learned from the SHA-1 exception process. Another was more targeted towards the technical members of the Forum, which is related to workflow management (GitHub, production of PDFs, etc), with the goal of making it less onerous on Ben to manage that. I realize that the Forum has historically conducted a 'single track' meeting schedule, there may be opportunity during the WG day to run that exploration in parallel, if there's space available. My instinct is that there may be sufficient non-overlap in members as the Governance discussions, but as the agenda for Day 2 shapes out, there may be an opportunity there instead.

I think we can easily multi-track the WG day.  For example maybe run the tools discussion in parallel with some of the policy WG time.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170226/1ea3a5a6/attachment-0003.html>

More information about the Public mailing list