[cabfpub] [cabfman] Ballot  - Adoption of CA/Browser Forum Bylaws
Yngve N. Pettersen (Developer Opera Software ASA)
yngve at opera.com
Thu Nov 22 21:42:00 UTC 2012
Opera Software ASA votes Yes.
On Fri, 09 Nov 2012 20:42:02 +0100, Ben Wilson <ben at digicert.com> wrote:
> Ballot 94 - Adoption of CA/Browser Forum Bylaws
> Kirk Hall made the following motion and it was endorsed by Wayne Thayer
> Jeremy Rowley.
> --Motion Begins--
> A. Be it resolved that the CA / Browser Forum adopts the following set of
> --Bylaws Begin--
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.doc (on
> Proposed CA-Browser Forum Bylaws_(v4) Trend Micro 8 Nov 2012.pdf (on
> BYLAWS OF THE CA/BROWSER FORUM
> Adopted effective as of [Date]
> 1. CA/BROWSER FORUM - PURPOSE, STATUS, AND ANTITRUST LAWS
> 1.1 Purpose of the Forum:
> The Certification Authority Browser Forum (CA/Browser Forum) is a
> gathering of leading certification authorities (CAs) and vendors of
> browser software and other applications.
> Members of the CA/Browser Forum have worked closely together in defining
> guidelines and means of implementation for best practices as a way of
> providing a heightened security for Internet transactions and creating a
> more intuitive method of displaying secure sites to Internet users.
> 1.2 Status of the Forum and Forum Activities
> The Forum has no corporate or association status, but is simply a group
> CAs and browsers which communicates or meets from time to time to discuss
> matters of common interest relevant to the Forum's purpose. The Forum
> has no
> regulatory or industry powers over its members or others. Other than
> rights and responsibilities found in the Forum's Intellectual Property
> Rights Policy (IPR), Forum "membership" or other participation status
> not convey any legal status or rights, but is intended simply as a guide
> the levels of participation in Forum activities.
> 1.3 Intellectual Property Rights Policy; Antitrust Laws and Regulations;
> Goal; Conduct
> Forum Members and Interested Parties must comply with the then-current
> policy and all applicable antitrust laws and regulations during their
> The historic goal of Forum activities (including development of proposed
> requirements and guidelines and voting on all matters) has been to seek
> substantial consensus among Forum Members before proceeding or adopting
> final work product, and this goal will remain for the future. Members
> not use their participation in the Forum either to promote their own
> products and offerings or to restrict or impede the products and
> of other Members.
> The Chair will read an antitrust compliance statement at the start of all
> Forum Meetings (and on other occasions, as the Chair deems necessary) in
> substantially the following form:
> "As you know, this meeting includes companies that compete against one
> another. This meeting is intended to discuss technical standards related
> the provision of existing and new types of digital certificates without
> restricting competition in developing and marketing such certificates.
> meeting is not intended to share competitively-sensitive information
> competitors, and therefore all participants agree not to discuss or
> information related to:
> (a) Pricing policies, pricing formulas, prices or other terms of sale;
> (b) Costs, cost structures, profit margins,
> (c) Pending or planned service offerings,
> (d) Customers, business, or marketing plans; or
> (e) The allocation of customers, territories, or products in any way."
> 2. FORUM MEMBERSHIP AND VOTING
> 2.1 Qualifying for Forum Membership
> (a) CA/Browser Forum members shall meet at least one of the following
> (1) Issuing CA: The member organization operates a certification
> that has a current and successful WebTrust for CAs audit, or ETSI 102042
> ETSI 101456 audit report prepared by a properly-qualified auditor, and
> actively issues certificates to Web servers that are openly accessible
> the Internet using any one of the mainstream browsers.
> (2) Root CA: The member organization operates a certification authority
> has a current and successful WebTrust for CAs, or ETSI 102042 or ETSI
> audit report prepared by a properly-qualified auditor, and that actively
> issues certificates to subordinate CAs that, in turn, actively issue
> certificates to Web servers that are openly accessible from the Internet
> using any one of the mainstream browsers.
> (3) Browser: The member organization produces a software product intended
> for use by the general public for browsing the Web securely.
> (b) Applicants should supply the following information:
> (1) Confirmation that the applicant satisfies at least one of the
> criteria (and if it satisfies more than one, indication of the single
> category under which the applicant wishes to apply).
> (2) URL of the current qualifying performance audit report.
> (3) The organization name, as you wish it to appear on the Forum Web site
> and in official Forum documents.
> (4) URL of the applicant's main Web site.
> (5) Names and email addresses of employees who will participate in the
> mail list.
> (6) Emergency contact information for security issues related to
> (c) An Applicant shall become a Member once the Forum has determined by
> that the Applicant meets all of the requirements of subsection (a). A
> of Members shall be held as soon as the Applicant indicates that it has
> presented all information required under subsection (b) and has
> responded to
> all follow-up questions from the Forum and the Member has complied with
> requirements of Section 5.5.
> 2.2 Ballots Among Forum Members
> Ballots will be conducted in accordance with the following rules.
> (a) Only votes by Members shall be accepted.
> (b) Only one vote per Member company shall be accepted; representatives
> corporate affiliates shall not vote.
> (c) A representative of any Member can call for a proposed ballot to be
> published for review and comment by the membership. Any proposed ballot
> needs two endorsements by other Members in order to proceed. The review
> period then shall take place for at least seven calendar-days before
> are cast.
> (d) The CA/Browser Forum shall provide seven calendar-days for voting,
> the deadline clearly communicated via the members' electronic mailing
> All voting will take place online via the members' electronic mailing
> (e) Only votes that indicate a clear 'yes' or 'no' response to the ballot
> question shall be considered (i.e. votes to abstain and votes that do not
> indicate a clear 'yes' or 'no' response will not figure in the
> of item 6, below).
> (f) Members fall into two categories: CAs (comprising issuing CAs and
> CAs, as defined in the membership criteria) and product suppliers (as
> defined in the membership criteria). In order for the motion to be
> by the Forum, two-thirds or more of the votes cast by the Members in the
> category must be in favor of the motion, and at least 50% plus one of the
> votes cast by the members in the browser category must be in favor of the
> motion At least one CA Member and one browser Member must vote in favor
> of a
> ballot for the ballot to be adopted.
> (g) A ballot result will be considered valid only when more than half of
> number of currently active members has participated. The number of
> active members is the average number of member organizations that have
> participated in the previous three meetings (both teleconferences and
> face-to-face meetings).
> (h) The CA/Browser Forum will tabulate and announce the results within
> calendar-day of the close of the voting period.
> 3. OTHER FORUM PARTICIPATION
> 3.1 Interested Parties
> Any person or entity that wishes to participate in the Forum as an
> Interested Party may do so by completing an enrollment form and
> Participation Agreement (completed and submitted manually or online)
> including name, affiliation (optional), and contact information, and by
> agreeing to the IPR Agreement attached as Exhibit B (indicating
> agreement by
> manual signing or a click-through agreement).
> Interested Parties may participate in Forum activities in the following
> (a) By becoming involved in Working Groups,
> (b) By posting to the Public Mail List, and
> (c) By participating in those portions of Forum Teleconferences and Forum
> Meetings to which they are invited by the Forum Chair relating to their
> areas of special expertise or the subject of their Working Group
> Interested Parties are required to comply with the provisions of the
> Participation Agreement and these Bylaws. Interested Parties may lose
> status as Interested Parties by vote of the Members, in the Members' sole
> 3.2 Other Parties
> The public may follow the Forum's activities by reading all postings on
> Public Mail List and the Public Web Site. Questions or comments to the
> may be sent to Questions Mail List.
> 4. OFFICERS AND FINANCES
> 4.1 Officers
> The Forum will elect a Chair and Vice Chair, each to serve for a two-year
> term. The Vice Chair has the authority of the Chair in the event of any
> absence or unavailability of the Chair, and in such circumstances, any
> delegated to the Chair herein may be performed by the Vice Chair. For
> example, the Vice Chair will preside at Forum Meetings and Forum
> Teleconferences in the Chair's absence. The offices of Chair and Vice
> may only be filled by Forum Member representatives.
> No person may serve as Chair for more than a two-year period or be
> to Vice Chair upon expiration or termination of the person's service as
> Chair, but a person is eligible to be elected as Chair again after having
> vacated the position as Chair for at least two years.
> Upon expiration or early termination of the current Chair's term, the
> Chair will automatically be nominated to become the next Chair, but
> may nominate themselves or others to be additional candidates as Chair.
> close of nominations a ballot will be held in the regular manner to elect
> the new Chair. If the election of a new Chair means the office of Vice
> becomes vacant, the Members may nominate themselves or other candidates
> the office of Vice Chair, and a ballot will be held in the regular
> manner to
> elect the new Vice Chair.
> The Chair and Vice Chair shall exercise their functions in a fair and
> neutral manner, allowing all Members equal treatment for their comments
> proposals, and shall not favor one side over another in any matter
> that the Chair and Vice Chair may indicate their own position during
> discussion and voting on the matter). The Chair and Vice Chair shall
> have no
> personal liability for any activities of the Forum or its Members or
> Interested Parties.
> The Chair or the Vice Chair may sign correspondence, applications, forms,
> Letters of Intent, and Memoranda of Understanding relating to projects
> standards bodies, industry groups, and other third parties, but shall
> no personal liability therefor.
> 4.2 Finances
> Because the Forum has no corporate status, it will not maintain funds or
> banking accounts. The costs of operating Forum websites or mailing lists
> will be covered by voluntary contribution from Forum Members (who may
> voluntary contributions from other Members to help defray such costs).
> Members may propose other group activities which they propose to sponsor
> (e.g., research projects, etc.) which require funding and may seek
> contributions from other Members for such activities.
> Forum Meetings may be held from time to time upon the voluntary
> of one or more Forum members. The sponsor of a Forum Meeting may suggest
> fixed cost per meeting participant as reimbursement to the sponsor to
> (a) the cost of meeting rooms and refreshments, and (b) the cost of any
> meeting dinner or other group activity. Sponsors will be encouraged to
> announce any suggested per-participant fixed cost reimbursement amount in
> advance of the Forum Meeting for participant planning purposes, and will
> provide a statement or invoice to each participant upon request after the
> Forum Meeting for submission to the participant's accounting department.
> per-participant reimbursements shall be paid directly to the sponsor.
> Interested Parties will not be required to pay anything for their
> participation in Forum activities, but must cover their own expenses for
> participation in any Working Group meetings.
> 5. FORUM ACTIVITIES
> 5.1 Member Mail List and Member Web Site
> The Forum shall maintain a Member Mail List and Member Web Site that are
> accessible by the public. The following matters may be posted to the
> Mail List and Member Web Site:
> (a) Draft minutes of Forum meetings (both virtual and in-person, and
> including any sub-groups or committees) will be posted to the Member Mail
> List to allow Members to make sure they are being correctly reported.
> Minutes will be considered Final when approved at a subsequent Forum
> or Forum Teleconference, or after 2 weeks have elapsed since publication
> the draft if no Forum Meeting or Forum Teleconference is imminent. Final
> minutes will then be posted to the Public Mail List and Public Web Site.
> Chair will, upon request, make redactions of any part of the public copy
> the minutes identified as private or sensitive by either the information
> discloser or a member mentioned or affiliated with the subject of the
> (b) Messages formally announcing ballots or ballot outcomes, including
> and quorum counts, will be posted to the Public Mail List. However,
> and the listing of final votes by each Member will only be posted to the
> Member Mail List and Member Web Site.
> (c) Nominations for officer positions, Forum Meeting and Forum
> Teleconference scheduling issues, and discussion of Forum financial
> (d) Security incidents if, in the opinion of the Members, discussion on
> Public Mail List could reasonably be detrimental to the implementation of
> security measures by Members.
> (e) Proposed responses to questions sent to the Questions Mail List.
> (f) Matters which, in the opinion of the Members, require
> Members have discretion about which mailing list they use, but are
> encouraged to use the Public Mail List for matters other than those
> Members are strongly discouraged from posting the text of Member Mail
> messages to the Public Mail List without the permission of the author or
> 5.2 Public Mail List and Public Web Site
> The Chair shall appoint a List Manager who shall maintain a Public Mail
> List. Forum Members and Interested Parties may post to the Public Mail
> in compliance with these Bylaws. Anyone else is allowed to subscribe to
> receive messages posted to the Public Mail List, which may be crawled and
> indexed by Internet search engines.
> The Chair shall appoint a Webmaster. The Webmaster shall post
> on the Public Web Site for subscribing to the Public Mail List.
> The following materials shall be posted to the Public Mail List or Public
> Web Site:
> (a) Draft and final agendas for Working Group meetings, Forum Meetings
> Forum Teleconferences (including any sub-groups or committees).
> (b) Final minutes of Forum Meetings and Forum Teleconferences (including
> minutes of any sub-groups or committees), and minutes of all Working
> teleconferences and meetings.
> (c) Messages formally proposing a Forum ballot (including ballots to
> establish, modify, or terminate Working Groups) and announcing ballot
> outcomes, including vote and quorum counts but not identifying individual
> votes by name of Member.
> (d) Initial and final drafts of Forum requirements, guidelines, and
> recommendations after the drafter has had an opportunity to receive and
> respond to initial Member comments.
> (e) Initial and final drafts of Working Group requirements, guidelines,
> recommendations after the drafter has had an opportunity to receive and
> respond to initial Working Group member comments.
> 5.3 Working Groups
> Members may propose by ballot the appointment of Working Groups open to
> participation by Members and Interested Parties. The ballot shall outline
> the scope of the Working Group's activities, including deliverables, any
> limitations, and Working Group expiration date. Upon approval of the
> Group, the Chair will call for a show of interest in participation by
> Members, and shall appoint a Working Group Chair from among the
> Upon creation of a Working Group, the Forum will post an invitation to
> Interested Parties to participate, and will solicit others with expertise
> and interest in the Working Group subject matter to become Interested
> Parties and participate in the Working Group. With the approval of the
> Chair, Working Groups may establish separate list-servs, wikis, and web
> pages for their communications, but all such separate list-servs must be
> managed in the same fashion as the Public Mail List. Working Groups may
> by teleconference or face-to-face meetings upon approval by the Chair and
> the Working Group Chair, but the Forum shall not be responsible for the
> expenses of any such teleconferences or meetings.
> Working Groups may draft recommendations to be forwarded to the Forum for
> its consideration, but no recommendations will be considered the product
> the Working Group unless approved by two-thirds of all Working Group
> who vote on the recommendations. All substantial initial and final
> drafts of
> the Working Group product will be posted on the Public Mail List.
> The Forum shall review the final recommendations from a Working Groups
> may approve and implement some or all of the recommendations as
> in the Forum's judgment following the Forum's regular voting rules. The
> Forum shall retain the right to amend a Working Group recommendation
> approval, but in most cases should first return the proposed amended
> recommendation to the Working Group for its review and response before
> The Forum shall not be required to submit any matter to a Working Group,
> may itself draft requirements and guidelines without a Working Group in
> 5.4 Forum Teleconferences and Forum Meetings
>> From time to time the Forum will hold Forum Teleconferences and Forum
> Meetings among the Members, who may participate in person or (where
> feasible) by teleconference. Interested Parties and others may be
> invited by
> the Chair, in the Chair's discretion, to participate in those portions of
> Forum Teleconferences and Forum Meetings that are relevant to their
> expertise or their participation in Working Groups.
> 5.5 IPR policies
> As a requirement for membership, Members must execute and return to the
> Chair the IPR Agreement attached as Exhibit A.
> As a requirement for participation as an Interested Party, Interested
> Parties must execute and return to the Chair (or indicate their
> agreement by
> clicking through an online agreement) the IPR Agreement attached as
> 5.6 Project Lifecycle
> In general, Forum projects will follow the model Project Lifecycle
> as Exhibit C. However, the Members may modify this model as appropriate
> their subsequent actions.
> 6. MISCELLANEOUS
> 6.1 Posting and Amendment of the Bylaws
> The current Bylaws shall be posted to the Public Web Site. These Bylaws
> be amended by subsequent ballot of the Members.
> 6.2 Procedure for Dealing with Questions and Comments
> The Forum procedure for dealing with questions and comments sent to the
> Questions Mail List shall be as follows. The Chair shall appoint a
> List Coordinator. The responsibilities of the Questions List Coordinator
> (a) If practical, within 24 hours send an acknowledgment to the
> indicating that the question or comment has been received and that a
> response will provided as soon as is practical.
> (b) Coordinate discussion using the Member Mail List until consensus has
> been achieved.
> (c) Post the proposed response to the Member Mail List indicating that
> Members have 24 hours to object.
> (d) If no objections are received before the deadline expires, then send
> response to the questioner.
> (e) If consensus cannot be achieved, or one or more objections are
> then the matter should be dealt with in the next Forum Meeting or Forum
> Forum Meetings: Face-to-face meetings of Members as scheduled from time
> Forum Teleconferences: Teleconference meetings of Members as scheduled
> time to time.
> Member: A Member of the Forum or a representative of the Member
> on context).
> Member Mail List: The email list-serv maintained by the Forum for
> communications by and among Forum Members. The Member Mail List is not
> available to Interested Parties or Other Parties.
> Member Web Site: The password-protected web site available only to
> (currently called the CA/Browser Forum Wiki).
> Participation Agreement: An agreement that individuals or entities must
> agree to in order to participate in the Forum as Interested Parties. The
> current form of Participation Agreement is attached as Exhibit D.
> Public Mail List: The public email list-serv currently located at
> public at cabforum.org maintained by the Forum for communications by and
> Members and Interested Parties. The Public Mail List may be read by Other
> Parties, but Other Parties may not post to the Public Mail List.
> Public Web Site: The web site available only to Members, Interested
> and Other Parties (currently located at cabforum.org
> <http://www.cabforum.org/> ). A Forum Member will be appointed as
> and will control all postings to the Public Web Site.
> Questions Mail List: The email list-serv currently located at
> questions at cabforum.org maintained by the Forum for communications from
> public to the Forum.
> Exhibit A [Insert Member IPR Agreement here]
> Exhibit B [Insert Interested Party IPR Agreement here]
> Exhibit C - Project Lifecycle
> Exhibit D - Interested Parties Participation Agreement [Insert Agreement
> --Bylaws End--
> B. Be it further resolved that these Bylaws do not modify the status of,
> requirements applicable to, current observers such as ETSI, WebTrust,
> PayPal, tScheme, or the Federal PKI Management Authority, and they may
> continue to participate in meetings and on lists on the same basis as
> did previously.
> --Motion ends--
> The ballot review period comes into effect immediately upon posting today
> (Friday, 9 Nov 2012) and will close at 2000 UTC on Friday, 16 Nov 2012.
> Unless the ballot is withdrawn or modified during the review period, the
> voting period will start immediately thereafter and will close at 2000
> on Friday, 23 Nov 2012. If the ballot is modified for reasons other than
> correct minor typographical errors, then the ballot will be deemed to
> been withdrawn.
> Votes must be cast by posting an on-list reply to this thread.
> A vote in favor of the ballot must indicate a clear 'yes' in the
> A vote against the ballot must indicate a clear 'no' in the response. A
> to abstain must indicate a clear 'abstain' in the response. Unclear
> responses will not be counted. The latest vote received from any
> representative of a voting member before the close of the voting period
> be counted.
> Voting members are listed here: http://www.cabforum.org/forum.html
> In order for the motion to be adopted, two thirds or more of the votes
> by members in the CA category and one half or more of the votes cast by
> members in the browser category must be in favor. Also, at least six
> must participate in the ballot, either by voting in favor, voting
> against or
Yngve N. Pettersen
Senior Developer Email: yngve at opera.com
Opera Software ASA http://www.opera.com/
Phone: +47 96 90 41 51 Fax: +47 23 69 24 01
More information about the Public