[cabfpub] [cabfman] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Thu Nov 15 13:49:13 UTC 2012

Kirk,

I understand your points and concerns.  I agree with most of them.  My problem is that the other reforms you describe are not part of this ballot, and without them I find your current change fraught with potential problems.  With the other changes you describe, as part of a comprehensive ballot on voting reform, I would be inclined to go along with this change as a compromise position even though I still think my proposal to make the requirement conditional upon the ballot imposing mandatory requirements on a particular member group is better.  By itself, without the other changes, I'm very much against this change for the reasons I've stated.

Regards,

Rich

From: management-bounces at cabforum.org [mailto:management-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Wednesday, November 14, 2012 7:14 PM
To: richard.smith at comodo.com; ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: Re: [cabfman] [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Rich – I understand your points.  I actually want to change the voting rules more than this, because I think our quorum rules are not good – I think 6 CAs and 0 browsers should not be enough to pass a significant requirement that will be imposed on all CAs (and that could happen on a 4-2 vote, with only 4 CAs in support of the requirement).  However, I also think a pending vote should be extended by perhaps 2 additional one-week periods if it will otherwise fail for lack of a quorum.

Chris Bailey and I are just not comfortable with things being passed by such small numbers of CAs only.  If CAs have a real need (like the customer need you mentioned), they should either privately lobby for more votes and/or publicly lobby.  I think some ballots, like 88, sometimes fail to get a quorum (or get a low turnout) because they are very technical and only a small number of people bothered to follow the issue – so they don’t vote.  The remedy, in my opinion, is not to keep the required number of votes low, but instead to elevate the importance of the vote (this includes a better explanation by the sponsors of what the vote is about, and why it’s important – some sponsors just put a complex text out there and say “call for a vote”.).

So on this one, I know we and Mozilla feel very strongly that the “50% plus one of the browsers” rule should require at least one browser vote in favor of a ballot – that’s what we thought the rule always meant – so I’m not going to change Ballot 94.  However, I do want to provide for extension of a ballot if it’s going to fail because of lack of quorum, which would go a long way toward solving the problem you describe.  I intend to propose that and other quorum changes later if the current Bylaws pass.

Kirk

From: Rich Smith [mailto:richard.smith at comodo.com] 
Sent: Wednesday, November 14, 2012 9:37 AM
To: Kirk Hall (RD-US); ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: RE: [cabfman] [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Kirk,

I am against this insertion becoming the status quo as part of this ballot in which we can't give proper consideration to the possible repercussions.  The ballot you bring up in defense of your position, number 88, actually serves much better IMO to defend my position that your wording is problematic.

If you review the discussion you will see that the issue addressed by this ballot was fully discussed on the thread for 6 weeks prior to passage of this ballot.  In fact two ballots were raised because my first proposed ballot, number 86, was withdrawn by me due to several members reservations about the method of my proposed solution.  I solicited those members opinions and Jeremy, Eddy and I re-wrote the motion which became ballot 88 to address all the stated reservations and to take a slightly different, better approach.  All feedback by forum members was addressed constructively and to my mind it was one of the best examples of collaborative effort and compromise by the members of the Forum in recent memory.  It also was not an issue of any particular significance from the stand point of end user security, nor did it require anything new of the browsers in terms of code or treatment of certificates, so the fact that it didn't garner much interest from them is not particularly surprising.

I will admit that in regards to this particular ballot, I am biased, as it was initiated by me and I had a customer waiting in the wings for a solution, but if it had not passed due the browsers indifference, considering that I was pulled away shortly after the close of this ballot and didn't have a lot of time to devote to Forum issues until very recently, it would probably still be unpassed.  Not because anyone had any objections.  Purely from disinterest.  I do have a problem with that, and I think your proposed revision to the current voting rules may have that consequence on future ballots, so I'm against your proposal to leave that wording in this ballot without significant discussion of the issue.  I think my proposed wording is better in that it safeguards the interests of each member group without allowing either to impede progress simply because they don't particularly care about a particular ballot.  I'm not married to my proposal, and I'm certainly open to other solutions, but I really hope you will reconsider your refusal to remove this sentence.  I'm just asking that you allow voting changes to stand alone after this ballot so that we can give full consideration to the issues involved before changing the status quo.

Best regards,

Rich

From: management-bounces at cabforum.org [mailto:management-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Tuesday, November 13, 2012 3:13 PM
To: richard.smith at comodo.com; ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: Re: [cabfman] [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Rick – I have been one of the loudest objectors to a “rolling” ballot where the language is changed during the review / voting period, so I would only make a change if we restarted the review and voting period.  At this point, I don’t want to do that as everyone is tired of the process and wants to complete the governance change process, one way or another.

Even though the change was left in Ballot 94 inadvertently, I think it’s good policy.  Here is what our current voting rules say about browser participation in voting, https://www.cabforum.org/wiki/Voting%20rules: 

6. Members fall into two categories: CAs (comprising issuing CAs and root CAs, as defined in the membership criteria) and product suppliers (as defined in the membership criteria. In order for the motion to carry, two-thirds or more of the votes cast by the permanent members in the CA category must be in favor of the motion, and at least 50% plus one of the votes cast by the permanent members in the browser category must be in favor of the motion.

A couple of months ago a ballot was declared to have passed on a vote of 6-0, where not one browser had voted (only CAs).  I was surprised, and others were surprised (I think Mozilla, for one) to hear that the current rules were interpreted not to require ANY yes votes – or any votes at all --  from a browser for a ballot to pass – I had thought that the concept of “substantial consensus” for new requirements meant that both CAs and browsers would need to agree for any new requirement to be adopted.  

The interpretation we received back for the voting rule quoted above was “Well, it only says that at least 50% plus one OF THE VOTES CAST by the browsers have to be a yes vote, so if there are zero votes cast by browsers, then that means we don’t need any votes at all from the browser group for a ballot to pass.”  That was a surprise, and unsettling, as a quick read of the rule seems to say you need some browsers voting yes.

So with all that said, I’m not going to amend the ballot at this point, and in the future we will need at least one browser voting on each ballot in order for a ballot to succeed – we can’t pass future ballots with CA votes only.  I think that interpretation is more in line with what most of us thought the rule was already – and really, why wouldn’t we want at least one browser to have to support future ballots for them to succeed?

From: Rich Smith [mailto:richard.smith at comodo.com] 
Sent: Tuesday, November 13, 2012 11:55 AM
To: Kirk Hall (RD-US); ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: RE: [cabfman] [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Kirk,

I'm fine with taking this up on a future ballot, but would prefer then that this sentence be stricken from this ballot and we pass bylaws with no changes to voting procedures at all and just take up the whole discussion on a ballot of it's own.  As I said, I'm not dead set against your wording, but I do think it may present problems down the road that warrant some discussion, and I think we're in agreement that this ballot not be bogged down by that discussion.

Regards,

Rich

From: management-bounces at cabforum.org [mailto:management-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Friday, November 09, 2012 5:44 PM
To: richard.smith at comodo.com; ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: Re: [cabfman] [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Rich, that was something I put in an earlier draft (a new idea, to deal with some recent votes where Guidelines passed with only 6 members voting, none browsers).  I included it with several other new ideas I wanted to include.  Then I stripped out the other new ideas after being reminded that people could object “that wasn’t in the Trend Micro proposal when I voted for it.”  But I forgot to strip that one out.  I apologize.

I’m not sure anyone objected to that concept – that at least one browser must vote for a Ballot for it to pass.

Instead of altering Ballot 94 now that it’s out there, can I suggest (1) I leave the provision in as it is currently worded, and (2) I don’t accept your wording change now (no amendments), but I try to include it in a subsequent ballot proposing changes to membership categories, quorum, ballot, and voting rules?  I plan to propose some changes in these areas very soon if the Bylaws are approved.

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Rich Smith
Sent: Friday, November 09, 2012 12:49 PM
To: ben at digicert.com; public at cabforum.org; 'CABFMAN'
Subject: Re: [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

2.2 (f)

" At least one CA Member and one browser Member must vote in favor of a ballot for the ballot to be adopted."

If I'm not mistaken this is an addition that is not in the current voting guidelines.  I'm not necessarily against it, but there could conceivably be a ballot that either the CA's as a group or the browsers as a group really don't care about and therefore don't vote on, and would then fail purely from disinterest of a member group.  With that in mind, how about this instead:

"Any ballot which contains binding requirements on any member group must have at least one vote in favor cast by a member of that group in order for that ballot to be adopted."

Regards,

Rich

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Friday, November 09, 2012 2:42 PM
To: public at cabforum.org; CABFMAN
Subject: [cabfpub] Ballot [94] - Adoption of CA/Browser Forum Bylaws

Ballot 94 - Adoption of CA/Browser Forum Bylaws 

Kirk Hall made the following motion and it was endorsed by Wayne Thayer and Jeremy Rowley. 

--Motion Begins-- 

A. Be it resolved that the CA / Browser Forum adopts the following set of Bylaws. 

--Bylaws Begin-- 

Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.doc (on wiki)

Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.pdf (on wiki)

BYLAWS OF THE CA/BROWSER FORUM 

Adopted effective as of [Date]

1. CA/BROWSER FORUM - PURPOSE, STATUS, AND ANTITRUST LAWS 

1.1 Purpose of the Forum: 

The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of leading certification authorities (CAs) and vendors of Internet browser software and other applications. 

Members of the CA/Browser Forum have worked closely together in defining the guidelines and means of implementation for best practices as a way of providing a heightened security for Internet transactions and creating a more intuitive method of displaying secure sites to Internet users. 

1.2 Status of the Forum and Forum Activities 

The Forum has no corporate or association status, but is simply a group of CAs and browsers which communicates or meets from time to time to discuss matters of common interest relevant to the Forum's purpose. The Forum has no regulatory or industry powers over its members or others. Other than those rights and responsibilities found in the Forum's Intellectual Property Rights Policy (IPR), Forum "membership" or other participation status does not convey any legal status or rights, but is intended simply as a guide to the levels of participation in Forum activities. 

1.3 Intellectual Property Rights Policy; Antitrust Laws and Regulations; Goal; Conduct 

Forum Members and Interested Parties must comply with the then-current IPR policy and all applicable antitrust laws and regulations during their Forum activities. 

The historic goal of Forum activities (including development of proposed requirements and guidelines and voting on all matters) has been to seek substantial consensus among Forum Members before proceeding or adopting final work product, and this goal will remain for the future. Members shall not use their participation in the Forum either to promote their own products and offerings or to restrict or impede the products and offerings of other Members. 

The Chair will read an antitrust compliance statement at the start of all Forum Meetings (and on other occasions, as the Chair deems necessary) in substantially the following form: 

"As you know, this meeting includes companies that compete against one another. This meeting is intended to discuss technical standards related to the provision of existing and new types of digital certificates without restricting competition in developing and marketing such certificates. This meeting is not intended to share competitively-sensitive information among competitors, and therefore all participants agree not to discuss or exchange information related to: 

(a) Pricing policies, pricing formulas, prices or other terms of sale; 

(b) Costs, cost structures, profit margins, 

(c) Pending or planned service offerings, 

(d) Customers, business, or marketing plans; or 

(e) The allocation of customers, territories, or products in any way." 

2. FORUM MEMBERSHIP AND VOTING 

2.1 Qualifying for Forum Membership 

(a) CA/Browser Forum members shall meet at least one of the following criteria. 

(1) Issuing CA: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers. 

(2) Root CA: The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI 102042 or ETSI 101456 audit report prepared by a properly-qualified auditor, and that actively issues certificates to subordinate CAs that, in turn, actively issue certificates to Web servers that are openly accessible from the Internet using any one of the mainstream browsers. 

(3) Browser: The member organization produces a software product intended for use by the general public for browsing the Web securely. 

(b) Applicants should supply the following information: 

(1) Confirmation that the applicant satisfies at least one of the membership criteria (and if it satisfies more than one, indication of the single category under which the applicant wishes to apply). 

(2) URL of the current qualifying performance audit report. 

(3) The organization name, as you wish it to appear on the Forum Web site and in official Forum documents. 

(4) URL of the applicant's main Web site. 

(5) Names and email addresses of employees who will participate in the Forum mail list. 

(6) Emergency contact information for security issues related to certificate trust. 

(c) An Applicant shall become a Member once the Forum has determined by vote that the Applicant meets all of the requirements of subsection (a). A vote of Members shall be held as soon as the Applicant indicates that it has presented all information required under subsection (b) and has responded to all follow-up questions from the Forum and the Member has complied with the requirements of Section 5.5. 

2.2 Ballots Among Forum Members 

Ballots will be conducted in accordance with the following rules. 

(a) Only votes by Members shall be accepted. 

(b) Only one vote per Member company shall be accepted; representatives of corporate affiliates shall not vote. 

(c) A representative of any Member can call for a proposed ballot to be published for review and comment by the membership. Any proposed ballot needs two endorsements by other Members in order to proceed. The review period then shall take place for at least seven calendar-days before votes are cast. 

(d) The CA/Browser Forum shall provide seven calendar-days for voting, with the deadline clearly communicated via the members' electronic mailing list. All voting will take place online via the members' electronic mailing list. 

(e) Only votes that indicate a clear 'yes' or 'no' response to the ballot question shall be considered (i.e. votes to abstain and votes that do not indicate a clear 'yes' or 'no' response will not figure in the calculation of item 6, below). 

(f) Members fall into two categories: CAs (comprising issuing CAs and root CAs, as defined in the membership criteria) and product suppliers (as defined in the membership criteria). In order for the motion to be adopted by the Forum, two-thirds or more of the votes cast by the Members in the CA category must be in favor of the motion, and at least 50% plus one of the votes cast by the members in the browser category must be in favor of the motion At least one CA Member and one browser Member must vote in favor of a ballot for the ballot to be adopted. 

(g) A ballot result will be considered valid only when more than half of the number of currently active members has participated. The number of currently active members is the average number of member organizations that have participated in the previous three meetings (both teleconferences and face-to-face meetings). 

(h) The CA/Browser Forum will tabulate and announce the results within one calendar-day of the close of the voting period. 

3. OTHER FORUM PARTICIPATION 

3.1 Interested Parties 

Any person or entity that wishes to participate in the Forum as an Interested Party may do so by completing an enrollment form and Participation Agreement (completed and submitted manually or online) including name, affiliation (optional), and contact information, and by agreeing to the IPR Agreement attached as Exhibit B (indicating agreement by manual signing or a click-through agreement). 

Interested Parties may participate in Forum activities in the following ways: 

(a) By becoming involved in Working Groups, 

(b) By posting to the Public Mail List, and 

(c) By participating in those portions of Forum Teleconferences and Forum Meetings to which they are invited by the Forum Chair relating to their areas of special expertise or the subject of their Working Group participation. 

Interested Parties are required to comply with the provisions of the Participation Agreement and these Bylaws. Interested Parties may lose their status as Interested Parties by vote of the Members, in the Members' sole discretion. 

3.2 Other Parties 

The public may follow the Forum's activities by reading all postings on the Public Mail List and the Public Web Site. Questions or comments to the Forum may be sent to Questions Mail List. 

4. OFFICERS AND FINANCES 

4.1 Officers 

The Forum will elect a Chair and Vice Chair, each to serve for a two-year term. The Vice Chair has the authority of the Chair in the event of any absence or unavailability of the Chair, and in such circumstances, any duty delegated to the Chair herein may be performed by the Vice Chair. For example, the Vice Chair will preside at Forum Meetings and Forum Teleconferences in the Chair's absence. The offices of Chair and Vice Chair may only be filled by Forum Member representatives. 

No person may serve as Chair for more than a two-year period or be elected to Vice Chair upon expiration or termination of the person's service as Chair, but a person is eligible to be elected as Chair again after having vacated the position as Chair for at least two years. 

Upon expiration or early termination of the current Chair's term, the Vice Chair will automatically be nominated to become the next Chair, but Members may nominate themselves or others to be additional candidates as Chair. Upon close of nominations a ballot will be held in the regular manner to elect the new Chair. If the election of a new Chair means the office of Vice Chair becomes vacant, the Members may nominate themselves or other candidates to the office of Vice Chair, and a ballot will be held in the regular manner to elect the new Vice Chair. 

The Chair and Vice Chair shall exercise their functions in a fair and neutral manner, allowing all Members equal treatment for their comments and proposals, and shall not favor one side over another in any matter (except that the Chair and Vice Chair may indicate their own position during discussion and voting on the matter). The Chair and Vice Chair shall have no personal liability for any activities of the Forum or its Members or Interested Parties. 

The Chair or the Vice Chair may sign correspondence, applications, forms, Letters of Intent, and Memoranda of Understanding relating to projects with standards bodies, industry groups, and other third parties, but shall have no personal liability therefor.

4.2 Finances 

Because the Forum has no corporate status, it will not maintain funds or banking accounts. The costs of operating Forum websites or mailing lists will be covered by voluntary contribution from Forum Members (who may seek voluntary contributions from other Members to help defray such costs). Forum Members may propose other group activities which they propose to sponsor (e.g., research projects, etc.) which require funding and may seek voluntary contributions from other Members for such activities. 

Forum Meetings may be held from time to time upon the voluntary sponsorship of one or more Forum members. The sponsor of a Forum Meeting may suggest a fixed cost per meeting participant as reimbursement to the sponsor to cover (a) the cost of meeting rooms and refreshments, and (b) the cost of any meeting dinner or other group activity. Sponsors will be encouraged to announce any suggested per-participant fixed cost reimbursement amount in advance of the Forum Meeting for participant planning purposes, and will provide a statement or invoice to each participant upon request after the Forum Meeting for submission to the participant's accounting department. All per-participant reimbursements shall be paid directly to the sponsor. 

Interested Parties will not be required to pay anything for their participation in Forum activities, but must cover their own expenses for participation in any Working Group meetings. 

5. FORUM ACTIVITIES 

5.1 Member Mail List and Member Web Site 

The Forum shall maintain a Member Mail List and Member Web Site that are not accessible by the public. The following matters may be posted to the Member Mail List and Member Web Site: 

(a) Draft minutes of Forum meetings (both virtual and in-person, and including any sub-groups or committees) will be posted to the Member Mail List to allow Members to make sure they are being correctly reported. 

Minutes will be considered Final when approved at a subsequent Forum Meeting or Forum Teleconference, or after 2 weeks have elapsed since publication of the draft if no Forum Meeting or Forum Teleconference is imminent. Final minutes will then be posted to the Public Mail List and Public Web Site. The Chair will, upon request, make redactions of any part of the public copy of the minutes identified as private or sensitive by either the information discloser or a member mentioned or affiliated with the subject of the information. 

(b) Messages formally announcing ballots or ballot outcomes, including vote and quorum counts, will be posted to the Public Mail List. However, ballots and the listing of final votes by each Member will only be posted to the Member Mail List and Member Web Site. 

(c) Nominations for officer positions, Forum Meeting and Forum Teleconference scheduling issues, and discussion of Forum financial issues. 

(d) Security incidents if, in the opinion of the Members, discussion on the Public Mail List could reasonably be detrimental to the implementation of security measures by Members. 

(e) Proposed responses to questions sent to the Questions Mail List. 

(f) Matters which, in the opinion of the Members, require confidentiality. 

Members have discretion about which mailing list they use, but are strongly encouraged to use the Public Mail List for matters other than those listed above. 

Members are strongly discouraged from posting the text of Member Mail List messages to the Public Mail List without the permission of the author or commenter. 

5.2 Public Mail List and Public Web Site 

The Chair shall appoint a List Manager who shall maintain a Public Mail List. Forum Members and Interested Parties may post to the Public Mail List in compliance with these Bylaws. Anyone else is allowed to subscribe to and receive messages posted to the Public Mail List, which may be crawled and indexed by Internet search engines. 

The Chair shall appoint a Webmaster. The Webmaster shall post instructions on the Public Web Site for subscribing to the Public Mail List. 

The following materials shall be posted to the Public Mail List or Public Web Site: 

(a) Draft and final agendas for Working Group meetings, Forum Meetings and Forum Teleconferences (including any sub-groups or committees). 

(b) Final minutes of Forum Meetings and Forum Teleconferences (including minutes of any sub-groups or committees), and minutes of all Working Group teleconferences and meetings. 

(c) Messages formally proposing a Forum ballot (including ballots to establish, modify, or terminate Working Groups) and announcing ballot outcomes, including vote and quorum counts but not identifying individual votes by name of Member. 

(d) Initial and final drafts of Forum requirements, guidelines, and recommendations after the drafter has had an opportunity to receive and respond to initial Member comments. 

(e) Initial and final drafts of Working Group requirements, guidelines, and recommendations after the drafter has had an opportunity to receive and respond to initial Working Group member comments. 

5.3 Working Groups 

Members may propose by ballot the appointment of Working Groups open to participation by Members and Interested Parties. The ballot shall outline the scope of the Working Group's activities, including deliverables, any limitations, and Working Group expiration date. Upon approval of the Working Group, the Chair will call for a show of interest in participation by Members, and shall appoint a Working Group Chair from among the interested Members. 

Upon creation of a Working Group, the Forum will post an invitation to all Interested Parties to participate, and will solicit others with expertise and interest in the Working Group subject matter to become Interested Parties and participate in the Working Group. With the approval of the Chair, Working Groups may establish separate list-servs, wikis, and web pages for their communications, but all such separate list-servs must be managed in the same fashion as the Public Mail List. Working Groups may meet by teleconference or face-to-face meetings upon approval by the Chair and the Working Group Chair, but the Forum shall not be responsible for the expenses of any such teleconferences or meetings. 

Working Groups may draft recommendations to be forwarded to the Forum for its consideration, but no recommendations will be considered the product of the Working Group unless approved by two-thirds of all Working Group members who vote on the recommendations. All substantial initial and final drafts of the Working Group product will be posted on the Public Mail List. 

The Forum shall review the final recommendations from a Working Groups and may approve and implement some or all of the recommendations as appropriate in the Forum's judgment following the Forum's regular voting rules. The Forum shall retain the right to amend a Working Group recommendation before approval, but in most cases should first return the proposed amended recommendation to the Working Group for its review and response before voting. 

The Forum shall not be required to submit any matter to a Working Group, but may itself draft requirements and guidelines without a Working Group in its discretion. 

5.4 Forum Teleconferences and Forum Meetings 

>From time to time the Forum will hold Forum Teleconferences and Forum Meetings among the Members, who may participate in person or (where feasible) by teleconference. Interested Parties and others may be invited by the Chair, in the Chair's discretion, to participate in those portions of Forum Teleconferences and Forum Meetings that are relevant to their expertise or their participation in Working Groups. 

5.5 IPR policies 

As a requirement for membership, Members must execute and return to the Chair the IPR Agreement attached as Exhibit A. 

As a requirement for participation as an Interested Party, Interested Parties must execute and return to the Chair (or indicate their agreement by clicking through an online agreement) the IPR Agreement attached as Exhibit B. 

5.6 Project Lifecycle 

In general, Forum projects will follow the model Project Lifecycle attached as Exhibit C. However, the Members may modify this model as appropriate by their subsequent actions. 

6. MISCELLANEOUS 

6.1 Posting and Amendment of the Bylaws 

The current Bylaws shall be posted to the Public Web Site. These Bylaws may be amended by subsequent ballot of the Members. 

6.2 Procedure for Dealing with Questions and Comments 

The Forum procedure for dealing with questions and comments sent to the Questions Mail List shall be as follows. The Chair shall appoint a Questions List Coordinator. The responsibilities of the Questions List Coordinator are: 

(a) If practical, within 24 hours send an acknowledgment to the questioner indicating that the question or comment has been received and that a response will provided as soon as is practical. 

(b) Coordinate discussion using the Member Mail List until consensus has been achieved. 

(c) Post the proposed response to the Member Mail List indicating that Members have 24 hours to object. 

(d) If no objections are received before the deadline expires, then send the response to the questioner. 

(e) If consensus cannot be achieved, or one or more objections are received, then the matter should be dealt with in the next Forum Meeting or Forum Teleconference. 

DEFINITIONS 

Forum Meetings: Face-to-face meetings of Members as scheduled from time to time. 

Forum Teleconferences: Teleconference meetings of Members as scheduled from time to time. 

Member: A Member of the Forum or a representative of the Member (depending on context). 

Member Mail List: The email list-serv maintained by the Forum for communications by and among Forum Members. The Member Mail List is not available to Interested Parties or Other Parties. 

Member Web Site: The password-protected web site available only to Members (currently called the CA/Browser Forum Wiki). 

Participation Agreement: An agreement that individuals or entities must agree to in order to participate in the Forum as Interested Parties. The current form of Participation Agreement is attached as Exhibit D. 

Public Mail List: The public email list-serv currently located at public at cabforum.org maintained by the Forum for communications by and among Members and Interested Parties. The Public Mail List may be read by Other Parties, but Other Parties may not post to the Public Mail List. 

Public Web Site: The web site available only to Members, Interested Parties, and Other Parties (currently located at cabforum.org <http://www.cabforum.org/> ). A Forum Member will be appointed as Webmaster and will control all postings to the Public Web Site. 

Questions Mail List: The email list-serv currently located at questions at cabforum.org maintained by the Forum for communications from the public to the Forum. 

Exhibit A [Insert Member IPR Agreement here] 

Exhibit B [Insert Interested Party IPR Agreement here] 

Exhibit C - Project Lifecycle 

Exhibit D - Interested Parties Participation Agreement [Insert Agreement here] 

--Bylaws End-- 

B. Be it further resolved that these Bylaws do not modify the status of, or requirements applicable to, current observers such as ETSI, WebTrust, PayPal, tScheme, or the Federal PKI Management Authority, and they may continue to participate in meetings and on lists on the same basis as they did previously. 

--Motion ends-- 

The ballot review period comes into effect immediately upon posting today (Friday, 9 Nov 2012) and will close at 2000 UTC on Friday, 16 Nov 2012. Unless the ballot is withdrawn or modified during the review period, the voting period will start immediately thereafter and will close at 2000 UTC on Friday, 23 Nov 2012. If the ballot is modified for reasons other than to correct minor typographical errors, then the ballot will be deemed to have been withdrawn. 

Votes must be cast by posting an on-list reply to this thread. 

A vote in favor of the ballot must indicate a clear 'yes' in the response. 

A vote against the ballot must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted. 

Voting members are listed here: http://www.cabforum.org/forum.html 

In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and one half or more of the votes cast by members in the browser category must be in favor. Also, at least six members must participate in the ballot, either by voting in favor, voting against or abstaining. 

TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121115/0c20a83e/attachment-0004.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6391 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121115/0c20a83e/attachment-0004.bin>