<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><font face="Calibri">And why not IM, for that matter.</font></p>
<br>
<div class="moz-cite-prefix">Il 25/10/2017 11:35, Gervase Markham
via Public ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:6068708f-d7fc-6c66-2282-bddb3d5b0086@mozilla.org">
<pre wrap="">Hi Ben,
On 24/10/17 19:06, Ben Wilson via Public wrote:
</pre>
<blockquote type="cite">
<pre wrap="">For everyone’s review, here is a draft charter from the Governance
Reform Committee.
</pre>
</blockquote>
<pre wrap="">
This looks generally good. I have one small concern, and then a larger
question regarding the framing around "membership":
</pre>
<blockquote type="cite">
<pre wrap="">The Server Certificate Working Group will not address certificates
intended to be used solely for code signing, S/MIME, time-stamping,
VoIP, IM, or Web services.
</pre>
</blockquote>
<pre wrap="">
What is a "Web service" in this context? Why would such a thing not use
a server certificate?
</pre>
<blockquote type="cite">
<pre wrap="">*Members eligible to participate*:
</pre>
</blockquote>
<pre wrap="">
This reads as if there's a pool of "members" and that some of them are
eligible to participate. However, I believe we have decided that the
membership model is that people are members of the Forum only insofar as
they are members of a Working Group. Therefore, I suggest we need to
tweak the way we talk about this and say something like:
*Participant Eligibility*
The Working Group shall consist of two classes of voting members, the CA
Class and the Browser Class.
CAs meeting one of the following two criteria may be admitted to the CA
Class:
(1) Issuing CA: The organization operates a certification authority that
has a current and successful WebTrust for CAs audit, or ETSI TS 102042,
ETSI 101456, or ETSI EN 319 411-1 audit report prepared by a
properly-qualified auditor, and that actively issues certificates to Web
servers that are openly accessible from the Internet, such certificates
being treated as valid when using a browser created by at least one
current member of the Browser Class. Organizations that are not actively
issuing certificates but otherwise meet membership criteria may be
granted Associate Member status under Bylaw Sec. 3.1 for a period of
time to be designated by the Forum.
... <similar rephrasing for (2)>
Non-CAs meeting the following criterion may be admitted to the Browser
Class:
The Browser Class is open to organizations that produce a software
product intended for use by the general public for browsing the Web
securely.
How will associate membership work? I assume one becomes an associate
member of a particular WG, just as one is a member of a particular WG?
Gerv
_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
</body>
</html>