[cabfpub] Discussion Draft for Revisions to Bylaws

Erwann Abalea erwann.abalea at keynectis.com
Mon Nov 25 02:42:27 MST 2013


Would such a definition allow RedHat, Debian, or any other Linux 
distribution to apply as a Platform provider?
They usually take Mozilla's root store and redistribute it.
Debian/Ubuntu also adds some CA certificates, and modifies libnss to 
include them (2 for CACert and 1 for SPI), it has an effect on Mozilla 
and Chrome browsers.

-- 
Erwann ABALEA

Le 25/11/2013 06:44, Ben Wilson a écrit :
>
> What about this definition?  I took out the word "global" and inserted 
> language about managing a root store.
>
> (3)          Browser/Platform Provider: The member organization 
> manages a root store as a major provider of a software product used by 
> the general public: (a) to browse the Web securely or (b) to 
> authenticate digitally signed code.
>
> Redlined, if it comes through to you as HTML, as follows:
>
> (3) _Browser__/Platform Provider_: The member organization _manages a 
> root store as a major provider of _produces__a software product 
> intended forusedby the general public _(a) to_for brows_e_ingthe Web 
> securely _or (b) to authenticate digitally signed code_.
>
> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] 
> On Behalf Of Gervase Markham
> Sent: Wednesday, November 13, 2013 4:43 AM
> To: ben at digicert.com; 'CABFPub'
> Subject: Re: [cabfpub] Discussion Draft for Revisions to Bylaws
>
> On 12/11/13 19:25, Ben Wilson wrote:
>
> > As you stated, an "influx of many small Android browsers" or any other
>
> > kind of numerous small browser developers.  As stated in my email of
>
> > October 10 with references to past discussions, the size of the 
> browser should be a
>
> > relevant consideration.   Several producers of "a software product 
> intended
>
> > for use by the general public to browse" or under the expanded group
>
> > of software "[that] authenticates digitally signed computer code"
>
> > dramatically shift the current conditions.  I am acting as scribe,
>
> > more or less, to what I perceive is the concern of a majority of
>
> > members--I might be wrong, in which case we'd need to determine the 
> sentiment of the group.
>
> I notice Rick's document has moved to the concept of "Root Store 
> Operator". Perhaps the right thing would be to try and come up with a 
> definition of someone who manages, or ships popular software which 
> makes significant policy or content changes to, a root store? That 
> would include Mozilla, Google, Apple, Opera and Oracle, without 
> including browser manufacturers who simply wrap Webkit and so have no 
> effect on how the CA system works.
>
> > That's fine.  I started down that road before (and I did again after
>
> > the last meeting).  I keep hitting a dead end because I must
>
> > incorporate by reference the IPR Policy, which many have complained is
>
> > not lightweight enough.
>
> Why must you do so?
>
> I thought the entire point of a lightweight IPR agreement was that it 
> would not incorporate the existing policy by reference, but would 
> instead say:
>
> "Hi. If I have ownership of patents on anything I contribute, you can 
> have full rights to them. And the copyright policy is fine, BTW. Ok, 
> thanks, bye."
>
> This would probably only be signed by individuals who did not and had 
> no intention of holding patents. But a lot of our potential invited 
> experts fall into that category.
>
> Gerv
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://cabforum.org/mailman/listinfo/public
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20131125/d5a4362e/attachment.html 


More information about the Public mailing list