<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Wayne,<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Yes, it’s been there for a long time. I wasn’t responsible for putting it in, but I believe the goal was to allow as broad as possible participation from affected stakeholders within the ecosystem. The lack of broad participation is one of the most common complaints I hear about the current Forum.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>However, we don’t feel particularly strongly about it. If the endorsers agree, I could go either way on either keeping it or removing it.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>-Tim<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Public <public-bounces@cabforum.org> <b>On Behalf Of </b>Wayne Thayer via Public<br><b>Sent:</b> Thursday, February 6, 2020 1:32 PM<br><b>To:</b> Dimitris Zacharopoulos (HARICA) <dzacharo@harica.gr>; CABforum1 <public@cabforum.org><br><b>Subject:</b> Re: [cabfpub] Ballot Forum-11: Creation of S/MIME Certificates Working Group<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal>Thanks Dimitris.<o:p></o:p></p></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal>On Wed, Feb 5, 2020 at 11:09 PM Dimitris Zacharopoulos (HARICA) via Public <<a href="mailto:public@cabforum.org">public@cabforum.org</a>> wrote:<o:p></o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><p class=MsoNormal>Tim, Wayne, Adriano,<br><br>Apple made a contribution and although HARICA disagrees with most of the recommended changes I believe there should be some discussion around that. <o:p></o:p></p></div></blockquote><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Agree. It's not in anyone's interests, nor do I believe that the intent was to ignore input unrelated to the identity issue. We should discuss it now to allow members to decide for themselves if the suggestions are important enough to warrant voting against this ballot, or if the ballot is good enough to ratify as-is.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><p class=MsoNormal style='margin-bottom:12.0pt'>Unfortunately, although I had started working on a response, I didn't have time to complete it on time. I was hoping to see some comments/responses from the proposer and endorsers before the voting period began.<br><br>For what it's worth, here is a list of my comments (attached). My biggest concern is the Certificate Consumer members that qualify based on "mail transfer agent". I would certainly like some more information about that before HARICA votes. Other than that, the charter looks good to me.<o:p></o:p></p></div></blockquote><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>The section in question is:<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Arial",sans-serif;color:#24292E'>(2) A Certificate Consumer eligible for voting membership in the SMCWG must produce a develop and maintain a mail user agent (web-based or application based), mail transfer agent, or email service provider that processes S/MIME certificates issued by third-party Certificate Issuers who meet criteria set by such Certificate Consumer.</span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Arial",sans-serif;color:#24292E'>The inclusion of "mail transfer agents" as eligible participants doesn't appear harmful to me, but I also agree with Clint's comment that "The role of a mail transfer agent in consuming S/MIME certificates is unclear."</span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Arial",sans-serif;color:#24292E'>Tim or Ben: this was part of the draft Ben proposed over a year ago. Do you have any information on why this was included?</span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><p class=MsoNormal style='margin-bottom:12.0pt'><br>Best regards,<br>Dimitris.<br><br><br><o:p></o:p></p><div><p class=MsoNormal>On 2020-02-06 12:45 π.μ., Wayne Thayer via Public wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><div><p class=MsoNormal>Based on my recollection of the Guangzhou discussion, and supported by the minutes, the "path forward agreed to in Guangzhou" was that we would take this charter to a ballot without further attempts to resolve the issue of including identity in the charter's scope. There does not appear to be a path to consensus on this issue, despite the considerable amount of time spent discussing it. I'm unhappy with this approach, but as one of the endorsers, I don't see an alternative other than "take it to a vote" that gets this much-needed WG formed any time soon.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>- Wayne<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal>On Wed, Feb 5, 2020 at 3:22 PM Ryan Sleevi via Public <<a href="mailto:public@cabforum.org" target="_blank">public@cabforum.org</a>> wrote:<o:p></o:p></p></div><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><div><div><div><p class=MsoNormal>Hi Tim,<o:p></o:p></p></div></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Could you point to where that's reflected in the minutes? Our understanding here at Google is that Apple's proposed changes, which we support and would be unable to participate without incorporating, is that it accurately and correctly reflects the discussions in London [1], reiterated in Cupertino [2], and agreed upon in Thessaloniki [3]. It appears that, following that, the proposers of that ballot ignored that consensus and conclusion, and yet the discussion of Guangzhou [4] does not indicate there was consensus to do so.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>I'm hoping we've just overlooked something in the minutes, but Apple's proposed changes seem imminently reasonable, and a worthwhile path to drafting requirements that consuming software, such as mail clients (both native and Web), can use and consume as part of their root programs, as an alternative to their root-program-specific requirements.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>[1] <a href="https://cabforum.org/2018/06/06/minutes-for-ca-browser-forum-f2f-meeting-44-london-6-7-june-2018/#New-SMIME-Working-Group-Charter" target="_blank">https://cabforum.org/2018/06/06/minutes-for-ca-browser-forum-f2f-meeting-44-london-6-7-june-2018/#New-SMIME-Working-Group-Charter</a><o:p></o:p></p></div><div><p class=MsoNormal>[2] <a href="https://cabforum.org/2019/05/03/minutes-for-ca-browser-forum-f2f-meeting-46-cupertino-12-14-march-2019/#Creation-of-additional-Working-Groups---Secure-Mail" target="_blank">https://cabforum.org/2019/05/03/minutes-for-ca-browser-forum-f2f-meeting-46-cupertino-12-14-march-2019/#Creation-of-additional-Working-Groups---Secure-Mail</a><o:p></o:p></p></div><div><p class=MsoNormal>"Dean – We have a blank slate here and it seems the reluctance was to make it a narrow scope and then focus on either one aspect of SMIME. First task might be how to validate an email, and then focus on identity validation. Some comments were to make the chart narrow to focus on one task while others say to include all proposed tasks to not have to recharter which has caused issues in the past."<o:p></o:p></p></div><div><p class=MsoNormal>[3] <a href="https://cabforum.org/2019/08/16/minutes-for-ca-browser-forum-f2f-meeting-47-thessaloniki-12-13-june-2019/#Creation-of-Additional-Groups---Secure-Mail" target="_blank">https://cabforum.org/2019/08/16/minutes-for-ca-browser-forum-f2f-meeting-47-thessaloniki-12-13-june-2019/#Creation-of-Additional-Groups---Secure-Mail</a><o:p></o:p></p></div><div><p class=MsoNormal>"Eventually, all parties in the conversation came to the conclusion that it would behoove the Forum to scope the working group charter to domain validation, first, before adding other functionality once that portion was locked-down."<o:p></o:p></p></div><div><p class=MsoNormal>[4] <a href="https://cabforum.org/2019/12/12/minutes-for-ca-browser-forum-f2f-meeting-48-guangzhou-5-7-november-2019/#Creation-of-Additional-Groups---Secure-Mail" target="_blank">https://cabforum.org/2019/12/12/minutes-for-ca-browser-forum-f2f-meeting-48-guangzhou-5-7-november-2019/#Creation-of-Additional-Groups---Secure-Mail</a><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div><p class=MsoNormal>_______________________________________________<br>Public mailing list<br><a href="mailto:Public@cabforum.org" target="_blank">Public@cabforum.org</a><br><a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></p></blockquote></div><p class=MsoNormal><o:p> </o:p></p><pre>_______________________________________________<o:p></o:p></pre><pre>Public mailing list<o:p></o:p></pre><pre><a href="mailto:Public@cabforum.org" target="_blank">Public@cabforum.org</a><o:p></o:p></pre><pre><a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></pre></blockquote><p class=MsoNormal><o:p> </o:p></p></div></blockquote><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in'><p class=MsoNormal>_______________________________________________<br>Public mailing list<br><a href="mailto:Public@cabforum.org" target="_blank">Public@cabforum.org</a><br><a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></p></blockquote></div></div></div></div></body></html>