[cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Moudrick M. Dadashov md at ssc.lt
Tue Nov 20 02:30:53 MST 2012


Hi,

SSC votes: "YES".

Thanks,
M.D.

On 11/9/2012 9:42 PM, Ben Wilson wrote:
>
> *Ballot 94 - Adoption of CA/Browser Forum Bylaws*
>
> Kirk Hall made the following motion and it was endorsed by Wayne 
> Thayer and Jeremy Rowley.
>
> --Motion Begins--
>
> A. Be it resolved that the CA / Browser Forum adopts the following set 
> of Bylaws.
>
> --Bylaws Begin--
>
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.doc (on wiki)
>
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.pdf (on wiki)
>
> *BYLAWS OF THE CA/BROWSER FORUM* *
>
> *Adopted effective as of [Date]
>
> *1. CA/BROWSER FORUM - PURPOSE, STATUS, AND ANTITRUST LAWS *
>
> *1.1 Purpose of the Forum:*
>
> The Certification Authority Browser Forum (CA/Browser Forum) is a 
> voluntary gathering of leading certification authorities (CAs) and 
> vendors of Internet browser software and other applications.
>
> Members of the CA/Browser Forum have worked closely together in 
> defining the guidelines and means of implementation for best practices 
> as a way of providing a heightened security for Internet transactions 
> and creating a more intuitive method of displaying secure sites to 
> Internet users.**
>
> *1.2 Status of the Forum and Forum Activities *
>
> The Forum has no corporate or association status, but is simply a 
> group of CAs and browsers which communicates or meets from time to 
> time to discuss matters of common interest relevant to the Forum's 
> purpose. The Forum has no regulatory or industry powers over its 
> members or others. Other than those rights and responsibilities found 
> in the Forum's Intellectual Property Rights Policy (IPR), Forum 
> "membership" or other participation status does not convey any legal 
> status or rights, but is intended simply as a guide to the levels of 
> participation in Forum activities.
>
> *1.3 Intellectual Property Rights Policy; Antitrust Laws and 
> Regulations; Goal; Conduct *
>
> Forum Members and Interested Parties must comply with the then-current 
> IPR policy and all applicable antitrust laws and regulations during 
> their Forum activities.
>
> The historic goal of Forum activities (including development of 
> proposed requirements and guidelines and voting on all matters) has 
> been to seek substantial consensus among Forum Members before 
> proceeding or adopting final work product, and this goal will remain 
> for the future. Members shall not use their participation in the Forum 
> either to promote their own products and offerings or to restrict or 
> impede the products and offerings of other Members.
>
> The Chair will read an antitrust compliance statement at the start of 
> all Forum Meetings (and on other occasions, as the Chair deems 
> necessary) in substantially the following form:
>
> "As you know, this meeting includes companies that compete against one 
> another. This meeting is intended to discuss technical standards 
> related to the provision of existing and new types of digital 
> certificates without restricting competition in developing and 
> marketing such certificates. This meeting is not intended to share 
> competitively-sensitive information among competitors, and therefore 
> all participants agree not to discuss or exchange information related to:
>
> (a) Pricing policies, pricing formulas, prices or other terms of sale;
>
> (b) Costs, cost structures, profit margins,
>
> (c) Pending or planned service offerings,
>
> (d) Customers, business, or marketing plans; or
>
> (e) The allocation of customers, territories, or products in any way."
>
> *2. FORUM MEMBERSHIP AND VOTING *
>
> *2.1 Qualifying for Forum Membership*
>
> (a) CA/Browser Forum members shall meet at least one of the following 
> criteria.
>
> (1) Issuing CA: The member organization operates a certification 
> authority that has a current and successful WebTrust for CAs audit, or 
> ETSI 102042 or ETSI 101456 audit report prepared by a 
> properly-qualified auditor, and that actively issues certificates to 
> Web servers that are openly accessible from the Internet using any one 
> of the mainstream browsers.
>
> (2) Root CA: The member organization operates a certification 
> authority that has a current and successful WebTrust for CAs, or ETSI 
> 102042 or ETSI 101456 audit report prepared by a properly-qualified 
> auditor, and that actively issues certificates to subordinate CAs 
> that, in turn, actively issue certificates to Web servers that are 
> openly accessible from the Internet using any one of the mainstream 
> browsers.
>
> (3) Browser: The member organization produces a software product 
> intended for use by the general public for browsing the Web securely.
>
> (b) Applicants should supply the following information:
>
> (1) Confirmation that the applicant satisfies at least one of the 
> membership criteria (and if it satisfies more than one, indication of 
> the single category under which the applicant wishes to apply).
>
> (2) URL of the current qualifying performance audit report.
>
> (3) The organization name, as you wish it to appear on the Forum Web 
> site and in official Forum documents.
>
> (4) URL of the applicant's main Web site.
>
> (5) Names and email addresses of employees who will participate in the 
> Forum mail list.
>
> (6) Emergency contact information for security issues related to 
> certificate trust.
>
> (c) An Applicant shall become a Member once the Forum has determined 
> by vote that the Applicant meets all of the requirements of subsection 
> (a). A vote of Members shall be held as soon as the Applicant 
> indicates that it has presented all information required under 
> subsection (b) and has responded to all follow-up questions from the 
> Forum and the Member has complied with the requirements of Section 5.5.
>
> *2.2 Ballots Among Forum Members *
>
> Ballots will be conducted in accordance with the following rules.
>
> (a) Only votes by Members shall be accepted.
>
> (b) Only one vote per Member company shall be accepted; 
> representatives of corporate affiliates shall not vote.
>
> (c) A representative of any Member can call for a proposed ballot to 
> be published for review and comment by the membership. Any proposed 
> ballot needs two endorsements by other Members in order to proceed. 
> The review period then shall take place for at least seven 
> calendar-days before votes are cast.
>
> (d) The CA/Browser Forum shall provide seven calendar-days for voting, 
> with the deadline clearly communicated via the members' electronic 
> mailing list. All voting will take place online via the members' 
> electronic mailing list.
>
> (e) Only votes that indicate a clear 'yes' or 'no' response to the 
> ballot question shall be considered (i.e. votes to abstain and votes 
> that do not indicate a clear 'yes' or 'no' response will not figure in 
> the calculation of item 6, below).
>
> (f) Members fall into two categories: CAs (comprising issuing CAs and 
> root CAs, as defined in the membership criteria) and product suppliers 
> (as defined in the membership criteria). In order for the motion to be 
> adopted by the Forum, two-thirds or more of the votes cast by the 
> Members in the CA category must be in favor of the motion, and at 
> least 50% plus one of the votes cast by the members in the browser 
> category must be in favor of the motion At least one CA Member and one 
> browser Member must vote in favor of a ballot for the ballot to be 
> adopted.
>
> (g) A ballot result will be considered valid only when more than half 
> of the number of currently active members has participated. The number 
> of currently active members is the average number of member 
> organizations that have participated in the previous three meetings 
> (both teleconferences and face-to-face meetings).
>
> (h) The CA/Browser Forum will tabulate and announce the results within 
> one calendar-day of the close of the voting period.
>
> *3. OTHER FORUM PARTICIPATION*
>
> *3.1 Interested Parties *
>
> Any person or entity that wishes to participate in the Forum as an 
> Interested Party may do so by completing an enrollment form and 
> Participation Agreement (completed and submitted manually or online) 
> including name, affiliation (optional), and contact information, and 
> by agreeing to the IPR Agreement attached as Exhibit B (indicating 
> agreement by manual signing or a click-through agreement).
>
> Interested Parties may participate in Forum activities in the 
> following ways:
>
> (a) By becoming involved in Working Groups,
>
> (b) By posting to the Public Mail List, and
>
> (c) By participating in those portions of Forum Teleconferences and 
> Forum Meetings to which they are invited by the Forum Chair relating 
> to their areas of special expertise or the subject of their Working 
> Group participation.
>
> Interested Parties are required to comply with the provisions of the 
> Participation Agreement and these Bylaws. Interested Parties may lose 
> their status as Interested Parties by vote of the Members, in the 
> Members' sole discretion.
>
> *3.2 Other Parties *
>
> The public may follow the Forum's activities by reading all postings 
> on the Public Mail List and the Public Web Site. Questions or comments 
> to the Forum may be sent to Questions Mail List.
>
> *4. OFFICERS AND FINANCES *
>
> *4.1 Officers *
>
> The Forum will elect a Chair and Vice Chair, each to serve for a 
> two-year term. The Vice Chair has the authority of the Chair in the 
> event of any absence or unavailability of the Chair, and in such 
> circumstances, any duty delegated to the Chair herein may be performed 
> by the Vice Chair. For example, the Vice Chair will preside at Forum 
> Meetings and Forum Teleconferences in the Chair's absence. The offices 
> of Chair and Vice Chair may only be filled by Forum Member 
> representatives.
>
> No person may serve as Chair for more than a two-year period or be 
> elected to Vice Chair upon expiration or termination of the person's 
> service as Chair, but a person is eligible to be elected as Chair 
> again after having vacated the position as Chair for at least two years.
>
> Upon expiration or early termination of the current Chair's term, the 
> Vice Chair will automatically be nominated to become the next Chair, 
> but Members may nominate themselves or others to be additional 
> candidates as Chair. Upon close of nominations a ballot will be held 
> in the regular manner to elect the new Chair. If the election of a new 
> Chair means the office of Vice Chair becomes vacant, the Members may 
> nominate themselves or other candidates to the office of Vice Chair, 
> and a ballot will be held in the regular manner to elect the new Vice 
> Chair.**
>
> The Chair and Vice Chair shall exercise their functions in a fair and 
> neutral manner, allowing all Members equal treatment for their 
> comments and proposals, and shall not favor one side over another in 
> any matter (except that the Chair and Vice Chair may indicate their 
> own position during discussion and voting on the matter). The Chair 
> and Vice Chair shall have no personal liability for any activities of 
> the Forum or its Members or Interested Parties.
>
> The Chair or the Vice Chair may sign correspondence, applications, 
> forms, Letters of Intent, and Memoranda of Understanding relating to 
> projects with standards bodies, industry groups, and other third 
> parties, but shall have no personal liability therefor.
>
> *4.2 Finances *
>
> Because the Forum has no corporate status, it will not maintain funds 
> or banking accounts. The costs of operating Forum websites or mailing 
> lists will be covered by voluntary contribution from Forum Members 
> (who may seek voluntary contributions from other Members to help 
> defray such costs). Forum Members may propose other group activities 
> which they propose to sponsor (e.g., research projects, etc.) which 
> require funding and may seek voluntary contributions from other 
> Members for such activities.
>
> Forum Meetings may be held from time to time upon the voluntary 
> sponsorship of one or more Forum members. The sponsor of a Forum 
> Meeting may suggest a fixed cost per meeting participant as 
> reimbursement to the sponsor to cover (a) the cost of meeting rooms 
> and refreshments, and (b) the cost of any meeting dinner or other 
> group activity. Sponsors will be encouraged to announce any suggested 
> per-participant fixed cost reimbursement amount in advance of the 
> Forum Meeting for participant planning purposes, and will provide a 
> statement or invoice to each participant upon request after the Forum 
> Meeting for submission to the participant's accounting department. All 
> per-participant reimbursements shall be paid directly to the sponsor.
>
> Interested Parties will not be required to pay anything for their 
> participation in Forum activities, but must cover their own expenses 
> for participation in any Working Group meetings.
>
> *5. FORUM ACTIVITIES*
>
> *5.1 Member Mail List and Member Web Site*
>
> The Forum shall maintain a Member Mail List and Member Web Site that 
> are not accessible by the public. The following matters may be posted 
> to the Member Mail List and Member Web Site:
>
> (a) Draft minutes of Forum meetings (both virtual and in-person, and 
> including any sub-groups or committees) will be posted to the Member 
> Mail List to allow Members to make sure they are being correctly 
> reported.
>
> Minutes will be considered Final when approved at a subsequent Forum 
> Meeting or Forum Teleconference, or after 2 weeks have elapsed since 
> publication of the draft if no Forum Meeting or Forum Teleconference 
> is imminent. Final minutes will then be posted to the Public Mail List 
> and Public Web Site. The Chair will, upon request, make redactions of 
> any part of the public copy of the minutes identified as private or 
> sensitive by either the information discloser or a member mentioned or 
> affiliated with the subject of the information.
>
> (b) Messages formally announcing ballots or ballot outcomes, including 
> vote and quorum counts, will be posted to the Public Mail List. 
> However, ballots and the listing of final votes by each Member will 
> only be posted to the Member Mail List and Member Web Site.
>
> (c) Nominations for officer positions, Forum Meeting and Forum 
> Teleconference scheduling issues, and discussion of Forum financial 
> issues.
>
> (d) Security incidents if, in the opinion of the Members, discussion 
> on the Public Mail List could reasonably be detrimental to the 
> implementation of security measures by Members.
>
> (e) Proposed responses to questions sent to the Questions Mail List.
>
> (f) Matters which, in the opinion of the Members, require 
> confidentiality.
>
> Members have discretion about which mailing list they use, but are 
> strongly encouraged to use the Public Mail List for matters other than 
> those listed above.
>
> Members are strongly discouraged from posting the text of Member Mail 
> List messages to the Public Mail List without the permission of the 
> author or commenter.
>
> *5.2 Public Mail List and Public Web Site*//
>
> The Chair shall appoint a List Manager who shall maintain a Public 
> Mail List. Forum Members and Interested Parties may post to the Public 
> Mail List in compliance with these Bylaws. Anyone else is allowed to 
> subscribe to and receive messages posted to the Public Mail List, 
> which may be crawled and indexed by Internet search engines.
>
> The Chair shall appoint a Webmaster. The Webmaster shall post 
> instructions on the Public Web Site for subscribing to the Public Mail 
> List.
>
> The following materials shall be posted to the Public Mail List or 
> Public Web Site:
>
> (a) Draft and final agendas for Working Group meetings, Forum Meetings 
> and Forum Teleconferences (including any sub-groups or committees).
>
> (b) Final minutes of Forum Meetings and Forum Teleconferences 
> (including minutes of any sub-groups or committees), and minutes of 
> all Working Group teleconferences and meetings.
>
> (c) Messages formally proposing a Forum ballot (including ballots to 
> establish, modify, or terminate Working Groups) and announcing ballot 
> outcomes, including vote and quorum counts but not identifying 
> individual votes by name of Member.
>
> (d) Initial and final drafts of Forum requirements, guidelines, and 
> recommendations after the drafter has had an opportunity to receive 
> and respond to initial Member comments.
>
> (e) Initial and final drafts of Working Group requirements, 
> guidelines, and recommendations after the drafter has had an 
> opportunity to receive and respond to initial Working Group member 
> comments.
>
> *5.3 Working Groups *
>
> Members may propose by ballot the appointment of Working Groups open 
> to participation by Members and Interested Parties. The ballot shall 
> outline the scope of the Working Group's activities, including 
> deliverables, any limitations, and Working Group expiration date. Upon 
> approval of the Working Group, the Chair will call for a show of 
> interest in participation by Members, and shall appoint a Working 
> Group Chair from among the interested Members.
>
> Upon creation of a Working Group, the Forum will post an invitation to 
> all Interested Parties to participate, and will solicit others with 
> expertise and interest in the Working Group subject matter to become 
> Interested Parties and participate in the Working Group. With the 
> approval of the Chair, Working Groups may establish separate 
> list-servs, wikis, and web pages for their communications, but all 
> such separate list-servs must be managed in the same fashion as the 
> Public Mail List. Working Groups may meet by teleconference or 
> face-to-face meetings upon approval by the Chair and the Working Group 
> Chair, but the Forum shall not be responsible for the expenses of any 
> such teleconferences or meetings.
>
> Working Groups may draft recommendations to be forwarded to the Forum 
> for its consideration, but no recommendations will be considered the 
> product of the Working Group unless approved by two-thirds of all 
> Working Group members who vote on the recommendations. All substantial 
> initial and final drafts of the Working Group product will be posted 
> on the Public Mail List.
>
> The Forum shall review the final recommendations from a Working Groups 
> and may approve and implement some or all of the recommendations as 
> appropriate in the Forum's judgment following the Forum's regular 
> voting rules. The Forum shall retain the right to amend a Working 
> Group recommendation before approval, but in most cases should first 
> return the proposed amended recommendation to the Working Group for 
> its review and response before voting.
>
> The Forum shall not be required to submit any matter to a Working 
> Group, but may itself draft requirements and guidelines without a 
> Working Group in its discretion.
>
> *5.4 Forum Teleconferences and Forum Meetings *
>
> From time to time the Forum will hold Forum Teleconferences and Forum 
> Meetings among the Members, who may participate in person or (where 
> feasible) by teleconference. Interested Parties and others may be 
> invited by the Chair, in the Chair's discretion, to participate in 
> those portions of Forum Teleconferences and Forum Meetings that are 
> relevant to their expertise or their participation in Working Groups.
>
> *5.5 IPR policies *
>
> As a requirement for membership, Members must execute and return to 
> the Chair the IPR Agreement attached as Exhibit A.
>
> As a requirement for participation as an Interested Party, Interested 
> Parties must execute and return to the Chair (or indicate their 
> agreement by clicking through an online agreement) the IPR Agreement 
> attached as Exhibit B.
>
> *5.6 Project Lifecycle*
>
> In general, Forum projects will follow the model Project Lifecycle 
> attached as Exhibit C. However, the Members may modify this model as 
> appropriate by their subsequent actions.
>
> *6. MISCELLANEOUS *
>
> *6.1 Posting and Amendment of the Bylaws *
>
> The current Bylaws shall be posted to the Public Web Site. These 
> Bylaws may be amended by subsequent ballot of the Members.
>
> *6.2 Procedure for Dealing with Questions and Comments *
>
> The Forum procedure for dealing with questions and comments sent to 
> the Questions Mail List shall be as follows. The Chair shall appoint a 
> Questions List Coordinator. The responsibilities of the Questions List 
> Coordinator are:
>
> (a) If practical, within 24 hours send an acknowledgment to the 
> questioner indicating that the question or comment has been received 
> and that a response will provided as soon as is practical.
>
> (b) Coordinate discussion using the Member Mail List until consensus 
> has been achieved.
>
> (c) Post the proposed response to the Member Mail List indicating that 
> Members have 24 hours to object.
>
> (d) If no objections are received before the deadline expires, then 
> send the response to the questioner.
>
> (e) If consensus cannot be achieved, or one or more objections are 
> received, then the matter should be dealt with in the next Forum 
> Meeting or Forum Teleconference.
>
> *DEFINITIONS *
>
> *Forum Meetings: *Face-to-face meetings of Members as scheduled from 
> time to time.
>
> *Forum Teleconferences:* Teleconference meetings of Members as 
> scheduled from time to time.
>
> *Member: *A Member of the Forum or a representative of the Member 
> (depending on context).
>
> *Member Mail List*: The email list-serv maintained by the Forum for 
> communications by and among Forum Members. The Member Mail List is not 
> available to Interested Parties or Other Parties.
>
> *Member Web Site:* The password-protected web site available only to 
> Members (currently called the CA/Browser Forum Wiki).
>
> *Participation Agreement: *An agreement that individuals or entities 
> must agree to in order to participate in the Forum as Interested 
> Parties. The current form of Participation Agreement is attached as 
> Exhibit D.
>
> *Public Mail List: *The public email list-serv currently located at 
> public at cabforum.org <mailto:public at cabforum.org> maintained by the 
> Forum for communications by and among Members and Interested Parties. 
> The Public Mail List may be read by Other Parties, but Other Parties 
> may not post to the Public Mail List.
>
> *Public Web Site:* The web site available only to Members, Interested 
> Parties, and Other Parties (currently located at cabforum.org 
> <http://www.cabforum.org/>). A Forum Member will be appointed as 
> Webmaster and will control all postings to the Public Web Site.
>
> *Questions Mail List*: The email list-serv currently located at 
> questions at cabforum.org <mailto:questions at cabforum.org> maintained by 
> the Forum for communications from the public to the Forum.
>
> *Exhibit A *[Insert Member IPR Agreement here]
>
> *Exhibit B *[Insert Interested Party IPR Agreement here]
>
> *Exhibit C - Project Lifecycle *
>
> *Exhibit D - Interested Parties Participation Agreement *[Insert 
> Agreement here]**
>
> --Bylaws End--
>
> B. Be it further resolved that these Bylaws do not modify the status 
> of, or requirements applicable to, current observers such as ETSI, 
> WebTrust, PayPal, tScheme, or the Federal PKI Management Authority, 
> and they may continue to participate in meetings and on lists on the 
> same basis as they did previously.
>
> --Motion ends--
>
> The ballot review period comes into effect immediately upon posting 
> today (Friday, 9 Nov 2012) and will close at 2000 UTC on Friday, 16 
> Nov 2012. Unless the ballot is withdrawn or modified during the review 
> period, the voting period will start immediately thereafter and will 
> close at 2000 UTC on Friday, 23 Nov 2012. If the ballot is modified 
> for reasons other than to correct minor typographical errors, then the 
> ballot will be deemed to have been withdrawn.
>
> Votes must be cast by posting an on-list reply to this thread.
>
> A vote in favor of the ballot must indicate a clear 'yes' in the 
> response.
>
> A vote against the ballot must indicate a clear 'no' in the response. 
> A vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted.
>
> Voting members are listed here: http://www.cabforum.org/forum.html
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and one half or more of the votes 
> cast by members in the browser category must be in favor. Also, at 
> least six members must participate in the ballot, either by voting in 
> favor, voting against or abstaining.
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cabforum.org/pipermail/public/attachments/20121120/3c90b2ed/attachment-0001.html 


More information about the Public mailing list