[cabfpub] Discussion Draft for Revisions to Bylaws
Erwann Abalea
erwann.abalea at keynectis.com
Mon Nov 25 02:42:27 MST 2013
Would such a definition allow RedHat, Debian, or any other Linux
distribution to apply as a Platform provider?
They usually take Mozilla's root store and redistribute it.
Debian/Ubuntu also adds some CA certificates, and modifies libnss to
include them (2 for CACert and 1 for SPI), it has an effect on Mozilla
and Chrome browsers.
--
Erwann ABALEA
Le 25/11/2013 06:44, Ben Wilson a écrit :
>
> What about this definition? I took out the word "global" and inserted
> language about managing a root store.
>
> (3) Browser/Platform Provider: The member organization
> manages a root store as a major provider of a software product used by
> the general public: (a) to browse the Web securely or (b) to
> authenticate digitally signed code.
>
> Redlined, if it comes through to you as HTML, as follows:
>
> (3) _Browser__/Platform Provider_: The member organization _manages a
> root store as a major provider of _produces__a software product
> intended forusedby the general public _(a) to_for brows_e_ingthe Web
> securely _or (b) to authenticate digitally signed code_.
>
> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org]
> On Behalf Of Gervase Markham
> Sent: Wednesday, November 13, 2013 4:43 AM
> To: ben at digicert.com; 'CABFPub'
> Subject: Re: [cabfpub] Discussion Draft for Revisions to Bylaws
>
> On 12/11/13 19:25, Ben Wilson wrote:
>
> > As you stated, an "influx of many small Android browsers" or any other
>
> > kind of numerous small browser developers. As stated in my email of
>
> > October 10 with references to past discussions, the size of the
> browser should be a
>
> > relevant consideration. Several producers of "a software product
> intended
>
> > for use by the general public to browse" or under the expanded group
>
> > of software "[that] authenticates digitally signed computer code"
>
> > dramatically shift the current conditions. I am acting as scribe,
>
> > more or less, to what I perceive is the concern of a majority of
>
> > members--I might be wrong, in which case we'd need to determine the
> sentiment of the group.
>
> I notice Rick's document has moved to the concept of "Root Store
> Operator". Perhaps the right thing would be to try and come up with a
> definition of someone who manages, or ships popular software which
> makes significant policy or content changes to, a root store? That
> would include Mozilla, Google, Apple, Opera and Oracle, without
> including browser manufacturers who simply wrap Webkit and so have no
> effect on how the CA system works.
>
> > That's fine. I started down that road before (and I did again after
>
> > the last meeting). I keep hitting a dead end because I must
>
> > incorporate by reference the IPR Policy, which many have complained is
>
> > not lightweight enough.
>
> Why must you do so?
>
> I thought the entire point of a lightweight IPR agreement was that it
> would not incorporate the existing policy by reference, but would
> instead say:
>
> "Hi. If I have ownership of patents on anything I contribute, you can
> have full rights to them. And the copyright policy is fine, BTW. Ok,
> thanks, bye."
>
> This would probably only be signed by individuals who did not and had
> no intention of holding patents. But a lot of our potential invited
> experts fall into that category.
>
> Gerv
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://cabforum.org/mailman/listinfo/public
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20131125/d5a4362e/attachment.html
More information about the Public
mailing list