[cabf_governance] DigiCert's Proposal for Governance Reform

Ben Wilson ben.wilson at digicert.com
Wed Jul 20 12:08:34 MST 2016

DigiCert's preferred model for governance reform of the CA/Browser Forum is
working-group-centric as it emphasizes the importance of working groups in
the areas of membership, voting, and IPR obligations.  


While the two underlying themes to our discussions about governance reform
lately have been entitlement to vote and the over-inclusive scope of the IPR
policy, we should not oversimplify the reasons for seeking governance
reform. They go beyond the factors that caused the code signing ballot to
fail.  Additional requests of members have included:  one organization where
activities are coordinated, self-regulation in the industry, and a legally
recognized structure (i.e. sufficient enough for the Forum to receive an EV
certificate).  These additional requests should be accommodated if possible.


DigiCert favors a resolution that moves the current membership and voting
criteria to a "Server Certificate Working Group" leaving membership at the
Forum level of the organization responsible for administration and
maintenance of the Forum.  While the purpose of the Forum as a whole would
be to address standards applicable to CAs issuing digital certificates, the
scope of activities at the Forum level would be limited to scheduling
meetings, creating/eliminating working groups, harmonizing the work product
of working groups, maintaining the website, and maintaining the IPR policy.
For these purposes, the Bylaws would create "Standing Committees" formed to
work and  advise Forum membership on areas delegated to Standing Committees
in the Bylaws.  There would be no Executive Committee-each member at the
Forum level would  have one vote, but membership in a working group would
not entitle that company to membership at the Forum level.   Membership at
the Forum level would not require participation in any working group.    


Similar to today's membership criteria, membership at the Forum level would
be limited to CAs and software companies of a certain size that manage root
stores.  (The name of the CA/B Forum doesn't need to change - the meaning of
"CA/B" can be historic.)  Each working group would be responsible for
creating and maintaining its own membership rules and voting rules.  As
stated above, the membership criteria and voting rights in the Server
Certificate Working Group would be the same as they are today for the Forum
as a whole.  Additional working groups would be the Code Signing Working
Group and the Client Certificate Working Group.  DigiCert proposes that
membership in the Code Signing Working Group be limited to those CAs that
issue code signing certificates and those software providers actively
engaged in maintaining trust stores for code signing.  Membership in the
Client Certificate Working Group would be similarly limited to CAs that
issue certificates for S/MIME, digital signature, and client authentication
and to software providers that process those certificates.  However, these
are just suggestions and membership in each working group would be decided
by the working group itself. Voting rules could be established by each of
those working groups once they convene.


This two-layer structure is important for implementation of a working-group
approach to IPR obligations.  Votes by membership at the upper, Forum level
of the organization should not encumber the intellectual property rights of
members.  Segregating administrative-management activities at the Forum
level with Standing Committees from standards-adopting activities in Working
Groups provides a clear guide for members and their legal counsel to follow
when evaluating the IPR consequences of Forum participation.  Conversely,
the proposal to preserve voting on server-certificate issues at the Forum
level does not resolve the IPR concerns that have been previously expressed.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/govreform/attachments/20160720/f9940ff9/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CABForum.pdf
Type: application/pdf
Size: 48483 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160720/f9940ff9/attachment-0001.pdf 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4954 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160720/f9940ff9/attachment-0001.bin 

More information about the Govreform mailing list