[cabfpub] Ballot  - Adoption of CA/Browser Forum Bylaws
Moudrick M. Dadashov
md at ssc.lt
Tue Nov 20 09:30:53 UTC 2012
SSC votes: "YES".
On 11/9/2012 9:42 PM, Ben Wilson wrote:
> *Ballot 94 - Adoption of CA/Browser Forum Bylaws*
> Kirk Hall made the following motion and it was endorsed by Wayne
> Thayer and Jeremy Rowley.
> --Motion Begins--
> A. Be it resolved that the CA / Browser Forum adopts the following set
> of Bylaws.
> --Bylaws Begin--
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.doc (on wiki)
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.pdf (on wiki)
> *BYLAWS OF THE CA/BROWSER FORUM* *
> *Adopted effective as of [Date]
> *1. CA/BROWSER FORUM - PURPOSE, STATUS, AND ANTITRUST LAWS *
> *1.1 Purpose of the Forum:*
> The Certification Authority Browser Forum (CA/Browser Forum) is a
> voluntary gathering of leading certification authorities (CAs) and
> vendors of Internet browser software and other applications.
> Members of the CA/Browser Forum have worked closely together in
> defining the guidelines and means of implementation for best practices
> as a way of providing a heightened security for Internet transactions
> and creating a more intuitive method of displaying secure sites to
> Internet users.**
> *1.2 Status of the Forum and Forum Activities *
> The Forum has no corporate or association status, but is simply a
> group of CAs and browsers which communicates or meets from time to
> time to discuss matters of common interest relevant to the Forum's
> purpose. The Forum has no regulatory or industry powers over its
> members or others. Other than those rights and responsibilities found
> in the Forum's Intellectual Property Rights Policy (IPR), Forum
> "membership" or other participation status does not convey any legal
> status or rights, but is intended simply as a guide to the levels of
> participation in Forum activities.
> *1.3 Intellectual Property Rights Policy; Antitrust Laws and
> Regulations; Goal; Conduct *
> Forum Members and Interested Parties must comply with the then-current
> IPR policy and all applicable antitrust laws and regulations during
> their Forum activities.
> The historic goal of Forum activities (including development of
> proposed requirements and guidelines and voting on all matters) has
> been to seek substantial consensus among Forum Members before
> proceeding or adopting final work product, and this goal will remain
> for the future. Members shall not use their participation in the Forum
> either to promote their own products and offerings or to restrict or
> impede the products and offerings of other Members.
> The Chair will read an antitrust compliance statement at the start of
> all Forum Meetings (and on other occasions, as the Chair deems
> necessary) in substantially the following form:
> "As you know, this meeting includes companies that compete against one
> another. This meeting is intended to discuss technical standards
> related to the provision of existing and new types of digital
> certificates without restricting competition in developing and
> marketing such certificates. This meeting is not intended to share
> competitively-sensitive information among competitors, and therefore
> all participants agree not to discuss or exchange information related to:
> (a) Pricing policies, pricing formulas, prices or other terms of sale;
> (b) Costs, cost structures, profit margins,
> (c) Pending or planned service offerings,
> (d) Customers, business, or marketing plans; or
> (e) The allocation of customers, territories, or products in any way."
> *2. FORUM MEMBERSHIP AND VOTING *
> *2.1 Qualifying for Forum Membership*
> (a) CA/Browser Forum members shall meet at least one of the following
> (1) Issuing CA: The member organization operates a certification
> authority that has a current and successful WebTrust for CAs audit, or
> ETSI 102042 or ETSI 101456 audit report prepared by a
> properly-qualified auditor, and that actively issues certificates to
> Web servers that are openly accessible from the Internet using any one
> of the mainstream browsers.
> (2) Root CA: The member organization operates a certification
> authority that has a current and successful WebTrust for CAs, or ETSI
> 102042 or ETSI 101456 audit report prepared by a properly-qualified
> auditor, and that actively issues certificates to subordinate CAs
> that, in turn, actively issue certificates to Web servers that are
> openly accessible from the Internet using any one of the mainstream
> (3) Browser: The member organization produces a software product
> intended for use by the general public for browsing the Web securely.
> (b) Applicants should supply the following information:
> (1) Confirmation that the applicant satisfies at least one of the
> membership criteria (and if it satisfies more than one, indication of
> the single category under which the applicant wishes to apply).
> (2) URL of the current qualifying performance audit report.
> (3) The organization name, as you wish it to appear on the Forum Web
> site and in official Forum documents.
> (4) URL of the applicant's main Web site.
> (5) Names and email addresses of employees who will participate in the
> Forum mail list.
> (6) Emergency contact information for security issues related to
> certificate trust.
> (c) An Applicant shall become a Member once the Forum has determined
> by vote that the Applicant meets all of the requirements of subsection
> (a). A vote of Members shall be held as soon as the Applicant
> indicates that it has presented all information required under
> subsection (b) and has responded to all follow-up questions from the
> Forum and the Member has complied with the requirements of Section 5.5.
> *2.2 Ballots Among Forum Members *
> Ballots will be conducted in accordance with the following rules.
> (a) Only votes by Members shall be accepted.
> (b) Only one vote per Member company shall be accepted;
> representatives of corporate affiliates shall not vote.
> (c) A representative of any Member can call for a proposed ballot to
> be published for review and comment by the membership. Any proposed
> ballot needs two endorsements by other Members in order to proceed.
> The review period then shall take place for at least seven
> calendar-days before votes are cast.
> (d) The CA/Browser Forum shall provide seven calendar-days for voting,
> with the deadline clearly communicated via the members' electronic
> mailing list. All voting will take place online via the members'
> electronic mailing list.
> (e) Only votes that indicate a clear 'yes' or 'no' response to the
> ballot question shall be considered (i.e. votes to abstain and votes
> that do not indicate a clear 'yes' or 'no' response will not figure in
> the calculation of item 6, below).
> (f) Members fall into two categories: CAs (comprising issuing CAs and
> root CAs, as defined in the membership criteria) and product suppliers
> (as defined in the membership criteria). In order for the motion to be
> adopted by the Forum, two-thirds or more of the votes cast by the
> Members in the CA category must be in favor of the motion, and at
> least 50% plus one of the votes cast by the members in the browser
> category must be in favor of the motion At least one CA Member and one
> browser Member must vote in favor of a ballot for the ballot to be
> (g) A ballot result will be considered valid only when more than half
> of the number of currently active members has participated. The number
> of currently active members is the average number of member
> organizations that have participated in the previous three meetings
> (both teleconferences and face-to-face meetings).
> (h) The CA/Browser Forum will tabulate and announce the results within
> one calendar-day of the close of the voting period.
> *3. OTHER FORUM PARTICIPATION*
> *3.1 Interested Parties *
> Any person or entity that wishes to participate in the Forum as an
> Interested Party may do so by completing an enrollment form and
> Participation Agreement (completed and submitted manually or online)
> including name, affiliation (optional), and contact information, and
> by agreeing to the IPR Agreement attached as Exhibit B (indicating
> agreement by manual signing or a click-through agreement).
> Interested Parties may participate in Forum activities in the
> following ways:
> (a) By becoming involved in Working Groups,
> (b) By posting to the Public Mail List, and
> (c) By participating in those portions of Forum Teleconferences and
> Forum Meetings to which they are invited by the Forum Chair relating
> to their areas of special expertise or the subject of their Working
> Group participation.
> Interested Parties are required to comply with the provisions of the
> Participation Agreement and these Bylaws. Interested Parties may lose
> their status as Interested Parties by vote of the Members, in the
> Members' sole discretion.
> *3.2 Other Parties *
> The public may follow the Forum's activities by reading all postings
> on the Public Mail List and the Public Web Site. Questions or comments
> to the Forum may be sent to Questions Mail List.
> *4. OFFICERS AND FINANCES *
> *4.1 Officers *
> The Forum will elect a Chair and Vice Chair, each to serve for a
> two-year term. The Vice Chair has the authority of the Chair in the
> event of any absence or unavailability of the Chair, and in such
> circumstances, any duty delegated to the Chair herein may be performed
> by the Vice Chair. For example, the Vice Chair will preside at Forum
> Meetings and Forum Teleconferences in the Chair's absence. The offices
> of Chair and Vice Chair may only be filled by Forum Member
> No person may serve as Chair for more than a two-year period or be
> elected to Vice Chair upon expiration or termination of the person's
> service as Chair, but a person is eligible to be elected as Chair
> again after having vacated the position as Chair for at least two years.
> Upon expiration or early termination of the current Chair's term, the
> Vice Chair will automatically be nominated to become the next Chair,
> but Members may nominate themselves or others to be additional
> candidates as Chair. Upon close of nominations a ballot will be held
> in the regular manner to elect the new Chair. If the election of a new
> Chair means the office of Vice Chair becomes vacant, the Members may
> nominate themselves or other candidates to the office of Vice Chair,
> and a ballot will be held in the regular manner to elect the new Vice
> The Chair and Vice Chair shall exercise their functions in a fair and
> neutral manner, allowing all Members equal treatment for their
> comments and proposals, and shall not favor one side over another in
> any matter (except that the Chair and Vice Chair may indicate their
> own position during discussion and voting on the matter). The Chair
> and Vice Chair shall have no personal liability for any activities of
> the Forum or its Members or Interested Parties.
> The Chair or the Vice Chair may sign correspondence, applications,
> forms, Letters of Intent, and Memoranda of Understanding relating to
> projects with standards bodies, industry groups, and other third
> parties, but shall have no personal liability therefor.
> *4.2 Finances *
> Because the Forum has no corporate status, it will not maintain funds
> or banking accounts. The costs of operating Forum websites or mailing
> lists will be covered by voluntary contribution from Forum Members
> (who may seek voluntary contributions from other Members to help
> defray such costs). Forum Members may propose other group activities
> which they propose to sponsor (e.g., research projects, etc.) which
> require funding and may seek voluntary contributions from other
> Members for such activities.
> Forum Meetings may be held from time to time upon the voluntary
> sponsorship of one or more Forum members. The sponsor of a Forum
> Meeting may suggest a fixed cost per meeting participant as
> reimbursement to the sponsor to cover (a) the cost of meeting rooms
> and refreshments, and (b) the cost of any meeting dinner or other
> group activity. Sponsors will be encouraged to announce any suggested
> per-participant fixed cost reimbursement amount in advance of the
> Forum Meeting for participant planning purposes, and will provide a
> statement or invoice to each participant upon request after the Forum
> Meeting for submission to the participant's accounting department. All
> per-participant reimbursements shall be paid directly to the sponsor.
> Interested Parties will not be required to pay anything for their
> participation in Forum activities, but must cover their own expenses
> for participation in any Working Group meetings.
> *5. FORUM ACTIVITIES*
> *5.1 Member Mail List and Member Web Site*
> The Forum shall maintain a Member Mail List and Member Web Site that
> are not accessible by the public. The following matters may be posted
> to the Member Mail List and Member Web Site:
> (a) Draft minutes of Forum meetings (both virtual and in-person, and
> including any sub-groups or committees) will be posted to the Member
> Mail List to allow Members to make sure they are being correctly
> Minutes will be considered Final when approved at a subsequent Forum
> Meeting or Forum Teleconference, or after 2 weeks have elapsed since
> publication of the draft if no Forum Meeting or Forum Teleconference
> is imminent. Final minutes will then be posted to the Public Mail List
> and Public Web Site. The Chair will, upon request, make redactions of
> any part of the public copy of the minutes identified as private or
> sensitive by either the information discloser or a member mentioned or
> affiliated with the subject of the information.
> (b) Messages formally announcing ballots or ballot outcomes, including
> vote and quorum counts, will be posted to the Public Mail List.
> However, ballots and the listing of final votes by each Member will
> only be posted to the Member Mail List and Member Web Site.
> (c) Nominations for officer positions, Forum Meeting and Forum
> Teleconference scheduling issues, and discussion of Forum financial
> (d) Security incidents if, in the opinion of the Members, discussion
> on the Public Mail List could reasonably be detrimental to the
> implementation of security measures by Members.
> (e) Proposed responses to questions sent to the Questions Mail List.
> (f) Matters which, in the opinion of the Members, require
> Members have discretion about which mailing list they use, but are
> strongly encouraged to use the Public Mail List for matters other than
> those listed above.
> Members are strongly discouraged from posting the text of Member Mail
> List messages to the Public Mail List without the permission of the
> author or commenter.
> *5.2 Public Mail List and Public Web Site*//
> The Chair shall appoint a List Manager who shall maintain a Public
> Mail List. Forum Members and Interested Parties may post to the Public
> Mail List in compliance with these Bylaws. Anyone else is allowed to
> subscribe to and receive messages posted to the Public Mail List,
> which may be crawled and indexed by Internet search engines.
> The Chair shall appoint a Webmaster. The Webmaster shall post
> instructions on the Public Web Site for subscribing to the Public Mail
> The following materials shall be posted to the Public Mail List or
> Public Web Site:
> (a) Draft and final agendas for Working Group meetings, Forum Meetings
> and Forum Teleconferences (including any sub-groups or committees).
> (b) Final minutes of Forum Meetings and Forum Teleconferences
> (including minutes of any sub-groups or committees), and minutes of
> all Working Group teleconferences and meetings.
> (c) Messages formally proposing a Forum ballot (including ballots to
> establish, modify, or terminate Working Groups) and announcing ballot
> outcomes, including vote and quorum counts but not identifying
> individual votes by name of Member.
> (d) Initial and final drafts of Forum requirements, guidelines, and
> recommendations after the drafter has had an opportunity to receive
> and respond to initial Member comments.
> (e) Initial and final drafts of Working Group requirements,
> guidelines, and recommendations after the drafter has had an
> opportunity to receive and respond to initial Working Group member
> *5.3 Working Groups *
> Members may propose by ballot the appointment of Working Groups open
> to participation by Members and Interested Parties. The ballot shall
> outline the scope of the Working Group's activities, including
> deliverables, any limitations, and Working Group expiration date. Upon
> approval of the Working Group, the Chair will call for a show of
> interest in participation by Members, and shall appoint a Working
> Group Chair from among the interested Members.
> Upon creation of a Working Group, the Forum will post an invitation to
> all Interested Parties to participate, and will solicit others with
> expertise and interest in the Working Group subject matter to become
> Interested Parties and participate in the Working Group. With the
> approval of the Chair, Working Groups may establish separate
> list-servs, wikis, and web pages for their communications, but all
> such separate list-servs must be managed in the same fashion as the
> Public Mail List. Working Groups may meet by teleconference or
> face-to-face meetings upon approval by the Chair and the Working Group
> Chair, but the Forum shall not be responsible for the expenses of any
> such teleconferences or meetings.
> Working Groups may draft recommendations to be forwarded to the Forum
> for its consideration, but no recommendations will be considered the
> product of the Working Group unless approved by two-thirds of all
> Working Group members who vote on the recommendations. All substantial
> initial and final drafts of the Working Group product will be posted
> on the Public Mail List.
> The Forum shall review the final recommendations from a Working Groups
> and may approve and implement some or all of the recommendations as
> appropriate in the Forum's judgment following the Forum's regular
> voting rules. The Forum shall retain the right to amend a Working
> Group recommendation before approval, but in most cases should first
> return the proposed amended recommendation to the Working Group for
> its review and response before voting.
> The Forum shall not be required to submit any matter to a Working
> Group, but may itself draft requirements and guidelines without a
> Working Group in its discretion.
> *5.4 Forum Teleconferences and Forum Meetings *
> From time to time the Forum will hold Forum Teleconferences and Forum
> Meetings among the Members, who may participate in person or (where
> feasible) by teleconference. Interested Parties and others may be
> invited by the Chair, in the Chair's discretion, to participate in
> those portions of Forum Teleconferences and Forum Meetings that are
> relevant to their expertise or their participation in Working Groups.
> *5.5 IPR policies *
> As a requirement for membership, Members must execute and return to
> the Chair the IPR Agreement attached as Exhibit A.
> As a requirement for participation as an Interested Party, Interested
> Parties must execute and return to the Chair (or indicate their
> agreement by clicking through an online agreement) the IPR Agreement
> attached as Exhibit B.
> *5.6 Project Lifecycle*
> In general, Forum projects will follow the model Project Lifecycle
> attached as Exhibit C. However, the Members may modify this model as
> appropriate by their subsequent actions.
> *6. MISCELLANEOUS *
> *6.1 Posting and Amendment of the Bylaws *
> The current Bylaws shall be posted to the Public Web Site. These
> Bylaws may be amended by subsequent ballot of the Members.
> *6.2 Procedure for Dealing with Questions and Comments *
> The Forum procedure for dealing with questions and comments sent to
> the Questions Mail List shall be as follows. The Chair shall appoint a
> Questions List Coordinator. The responsibilities of the Questions List
> Coordinator are:
> (a) If practical, within 24 hours send an acknowledgment to the
> questioner indicating that the question or comment has been received
> and that a response will provided as soon as is practical.
> (b) Coordinate discussion using the Member Mail List until consensus
> has been achieved.
> (c) Post the proposed response to the Member Mail List indicating that
> Members have 24 hours to object.
> (d) If no objections are received before the deadline expires, then
> send the response to the questioner.
> (e) If consensus cannot be achieved, or one or more objections are
> received, then the matter should be dealt with in the next Forum
> Meeting or Forum Teleconference.
> *DEFINITIONS *
> *Forum Meetings: *Face-to-face meetings of Members as scheduled from
> time to time.
> *Forum Teleconferences:* Teleconference meetings of Members as
> scheduled from time to time.
> *Member: *A Member of the Forum or a representative of the Member
> (depending on context).
> *Member Mail List*: The email list-serv maintained by the Forum for
> communications by and among Forum Members. The Member Mail List is not
> available to Interested Parties or Other Parties.
> *Member Web Site:* The password-protected web site available only to
> Members (currently called the CA/Browser Forum Wiki).
> *Participation Agreement: *An agreement that individuals or entities
> must agree to in order to participate in the Forum as Interested
> Parties. The current form of Participation Agreement is attached as
> Exhibit D.
> *Public Mail List: *The public email list-serv currently located at
> public at cabforum.org <mailto:public at cabforum.org> maintained by the
> Forum for communications by and among Members and Interested Parties.
> The Public Mail List may be read by Other Parties, but Other Parties
> may not post to the Public Mail List.
> *Public Web Site:* The web site available only to Members, Interested
> Parties, and Other Parties (currently located at cabforum.org
> <http://www.cabforum.org/>). A Forum Member will be appointed as
> Webmaster and will control all postings to the Public Web Site.
> *Questions Mail List*: The email list-serv currently located at
> questions at cabforum.org <mailto:questions at cabforum.org> maintained by
> the Forum for communications from the public to the Forum.
> *Exhibit A *[Insert Member IPR Agreement here]
> *Exhibit B *[Insert Interested Party IPR Agreement here]
> *Exhibit C - Project Lifecycle *
> *Exhibit D - Interested Parties Participation Agreement *[Insert
> Agreement here]**
> --Bylaws End--
> B. Be it further resolved that these Bylaws do not modify the status
> of, or requirements applicable to, current observers such as ETSI,
> WebTrust, PayPal, tScheme, or the Federal PKI Management Authority,
> and they may continue to participate in meetings and on lists on the
> same basis as they did previously.
> --Motion ends--
> The ballot review period comes into effect immediately upon posting
> today (Friday, 9 Nov 2012) and will close at 2000 UTC on Friday, 16
> Nov 2012. Unless the ballot is withdrawn or modified during the review
> period, the voting period will start immediately thereafter and will
> close at 2000 UTC on Friday, 23 Nov 2012. If the ballot is modified
> for reasons other than to correct minor typographical errors, then the
> ballot will be deemed to have been withdrawn.
> Votes must be cast by posting an on-list reply to this thread.
> A vote in favor of the ballot must indicate a clear 'yes' in the
> A vote against the ballot must indicate a clear 'no' in the response.
> A vote to abstain must indicate a clear 'abstain' in the response.
> Unclear responses will not be counted. The latest vote received from
> any representative of a voting member before the close of the voting
> period will be counted.
> Voting members are listed here: http://www.cabforum.org/forum.html
> In order for the motion to be adopted, two thirds or more of the votes
> cast by members in the CA category and one half or more of the votes
> cast by members in the browser category must be in favor. Also, at
> least six members must participate in the ballot, either by voting in
> favor, voting against or abstaining.
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public