[cabfpub] Ballot 89 Rewrite

Ben Wilson ben at digicert.com
Tue Aug 13 15:57:59 MST 2013


It was my idea to combine the vote.  We can split the language to express
two yes/no decisions.

-----Original Message-----
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Ryan Sleevi
Sent: Tuesday, August 13, 2013 4:44 PM
To: Rick Andrews
Cc: public at cabforum.org
Subject: Re: [cabfpub] Ballot 89 Rewrite

Rick,

It appears you're actually proposing two ballots here. While I appreciate
the desire for efficiency, it does seem against the spirit of the forum
where a vote for "No" is in fact a vote "Yes", simply for a different
motion. Abstaining is possible, but equally seems counter to the purpose of
abstentions.

It does appear that, like so many other work products of the CA/B Forum, our
bylaws are ambiguous with respect to the expected form of motions. The
closest interpretation would be Section 2.2 (e) of the bylaws, which
suggestions all Ballot Questions shall be Yes/No - indicating a ballot
question is needed here.

Rather than positioning your latest proposal as "all or nothing", perhaps it
would be more prudent to first discuss whether or not the membership agrees
to withdraw the present guidelines. It would seem that if such a vote
passed, it would give a clear signal whether there was sufficient and strong
enough interest for updating it.

Regards,
Ryan

On Tue, Aug 13, 2013 at 3:22 PM, Rick Andrews <Rick_Andrews at symantec.com>
wrote:
> I am withdrawing the current Ballot 89 language and replacing it as 
> outlined below.  A while back, I volunteered to update the Guidance to 
> Application Developers (version 1, dated 2009, at 
>
https://www.cabforum.org/Guidelines_for_the_processing_of_EV_certificates%20
v1_0.pdf).
> Based on comments received, edits were made to both the guideline 
> document and the ballot.  However, more recently I began to understand 
> that none of the browser vendors were supportive of my changes.  Of 
> particular note, I received objections to some provisions in version 
> 2, but then I saw that the same language currently exists in the 2009 
> version on the CABF website (i.e., that a browser should drop EV 
> treatment for certificates that don't meet crypto requirements 
> (Section 10) and that browsers should adjust their Root Embedding 
> Programs accordingly (Section 7)).  So my conclusion is that browser 
> vendors might not be supportive of version 1 either.  However, as a final
effort, I have edited the document again and renamed it to:
> "Recommendations for the Processing of EV SSL Certificates."  You can 
> view changes from version 1 in the attached documents.
>
> Therefore, I am proposing that Ballot 89 go forward as follows, if I 
> can get two endorsers:
>
> Ballot 93 - Reasons for Revocation (BR issues 6, 8, 10, 21)
>
> Rick Andrews (Symantec) made the following motion, endorsed by ? and ?:
>
> --- Motion begins ---
>
> A "YES" vote on Ballot 89 means that the member votes to remove the 
> 2009 Version 1.0 of "GUIDELINES for the PROCESSING of EXTENDED 
> VALIDATION CERTIFICATES" from the public CA Browser Forum website and 
> replace it with the attached "RECOMMENDATIONS for the PROCESSING of 
> EXTENDED VALIDATION CERTIFICATES".
>
> A "NO" vote on the ballot means that the member votes to remove the 
> 2009 Version 1.0 of "GUIDELINES for the PROCESSING of EXTENDED 
> VALIDATION CERTIFICATES" on the public CA Browser Forum website and not
replace it.
>
> ... Motion ends ...
>
> -Rick
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public



More information about the Public mailing list