[cabf_governance] Preliminary Work on Governance Models

Jos Purvis (jopurvis) jopurvis at cisco.com
Mon May 16 11:38:45 MST 2016

Some quick off-the-cuff responses to provide fodder for discussion:

If we're broadening the scope of the forum to encompass code signing, hardware certificates, client certs, document signing, and so forth, I think the name "CA/Browser Forum" isn't as useful any longer. Those are certainly the critical parties when it comes to SSL/TLS for the Web, but there are a number of other groups that get involved in each of those subgroups in place of—or alongside—browsers: hardware manufacturers, software companies, and so forth. To that end, I'd propose something more like "Digital Certificate Standards Forum", with subgroups under it for each of the focus areas.

I would further suggest the subgroups be titled "Forum", "Subcommittee", "Standards Group", or the like--"Working Group" suggests an ad-hoc formation like the PAG that might be disbanded, and thus might not be expected to have its own IPR and functional rules. That could be just me being overly language-specific, though. :)

For the umbrella org (the "DCSF", if you will), I do think you would need some kind of leadership council/board of directors. I would avoid making two of them (too much bureaucratic overhead, too many meetings, too much potential for conflict), but instead make one with a set of standing officers and then representation from each of the subgroups. That leads to the question of whether the officers for that would be elected (and how) and under what sorts of terms.


Jos Purvis (jopurvis at cisco.com)  |  _.|._.|._ cisco systems
Cryptographic Compliance, Identity Assurance Services
+1 919.991.9114 (desk) | PGP: 0x89a3b545 / 0x07d19105

On 2016-May-16, 14:24, "govreform-bounces at cabforum.org on behalf of Ben Wilson" <govreform-bounces at cabforum.org on behalf of ben.wilson at digicert.com> wrote:

Prior to our face-to-face meeting next week, I think we have some preliminary matters that we should consider. 


For instance, do members prefer that the  CA/B Forum remain the umbrella organization (if we’re going to have an umbrella organization). 


Or should a new umbrella organization be created?  Consider these two diagrams:




The names are just placeholders.  Do we want to use “Forum”, “Working Group,” “Standing Committee”, “Subcommittee”, “Technical Committee”, etc?


Should governance policies/procedures be documented outside of the Bylaws in a document titled “Rules of Association”, “Operating Procedures”, or similar?


Should the umbrella organization have a Board of Directors/Trustees, Steering Committee, Leadership/Management Council, or similar?  If so, should there be two such upper-level bodies (Board and a Council) with differing responsibilities?


One reason for the approach taken above is that I am assuming we want committee/group structures with the ability of each committee/group to have a different IPR Policy.   Thoughts on this? 





-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/govreform/attachments/20160516/4ea5c6cd/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 32844 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160516/4ea5c6cd/attachment-0002.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 43915 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160516/4ea5c6cd/attachment-0003.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4072 bytes
Desc: not available
Url : https://cabforum.org/pipermail/govreform/attachments/20160516/4ea5c6cd/attachment-0001.bin 

More information about the Govreform mailing list