[cabfpub] Draft CABF agenda for Oct. 27, 2016 teleconference

Wed Oct 26 11:05:36 MST 2016

Hi Kirk,

It's unclear what the discussion agenda is for Items 11 - CT is.

I especially want to highlight Google's position that the proper venue for
discussing CT use case/concerns (with the protocol) is the IETF, and that
the proper venue for discussing concerns with CT's requirement in Chrome
(with the policy) is the ct-policy@ list. I say this not to stifle
conversation, but to ensure discussion is being channelled to the
appropriate venues. If the Forum wishes to discuss CT and use cases, that's
fantastic, but if the goal is to ensure they're considered before any CT
adoption, that venue should be within IETF.

I bring this up because a substantial issue preventing progress being made
on addressing these use cases is that they're historically not being
brought or discussed in the IETF, and as a consequence, neither being
catalogued nor are the technical means to address the concerns are being
developed.

To highlight the message provided in the F2F, our general view of the
ordering is:
1) Bring the use case to the IETF for discussion
2) Within the IETF, an exploration will begin to see if there are technical
solutions, given the constraints the use case presents
3) If a technical solution cannot be found, or is unacceptable by members,
then a policy discussion should begin. To some extent, I believe it may be
useful to have this on ct-policy at chromium.org, given that the most
immediate impact (and flexibility) is with respect to Chrome, but I'm also
totally supportive of the Forum at large discussing this if other
CT-implementing members feel their implementations are sufficiently mature
to discuss such common policy approaches.

The goal is to ensure that the substantive technical discussions happen
within a technically oriented, open participation group, and only if
technical solutions fail do we explore policy-oriented discussions in a
policy group.

Again, this is not to shutdown discussion in the Forum, but to avoid any
ambiguity with the message delivered at the F2F and recently to the public
list, which is our view of the best venue to accomplish meaningful results
that leaves all members happy. I'm totally appreciative of the use of the
Forum for CAs to discuss their concerns and see if there are commonalities,
prior to bringing to the IETF, but I do want to stress that at least for
Chrome, we'll only be considering concerns that have been brought and
explored in the IETF.

On Wed, Oct 26, 2016 at 10:50 AM, Kirk Hall via Public <public at cabforum.org>
wrote:

> *Here is the proposed agenda for our teleconference this Thursday at 16:00
> UTC (9:00 Pacific, Noon Eastern, 17:00 London)*
>
>
>
> Note: Please announce yourself when dialing in. This helps in documenting
> attendance when recording is played back later.
>
>
>
> *Antitrust Statement*: As you know, this meeting includes companies that
> compete against one another. This meeting is intended to discuss technical
> standards related to the provision of existing and new types of digital
> certificates without restricting competition in developing and marketing
> such certificates. This meeting is not intended to share
> competitively-sensitive information among competitors, and therefore all
> participants agree not to discuss or exchange information related to:
>
>
>
> (a)  Pricing policies, pricing formulas, prices or other terms of sale;
>
> (b)  Costs, cost structures, profit margins,
>
> (c)   Pending or planned service offerings,
>
> (d)  Customers, business, or marketing plans; or
>
> (e)  The allocation of customers, territories, or products in any way.
>
>
>
> *Time*
>
> *Start (UTC)*
>
> *Stop*
>
> *Slot*
>
> *Description*
>
> *Notes / Presenters*
>
> *(Thur) 27 October 2016*
>
> 0:02
>
> 16:00
>
> 16:02
>
> 1
>
> *Roll Call*
>
> Kirk
>
> 0:01
>
> 16:02
>
> 16:03
>
> 2
>
> *Read Antitrust Statement  *
>
> Robin
>
> 0:01
>
> 16:03
>
> 16:04
>
> 3
>
> *Review Agenda*
>
> Kirk
>
> 0:01
>
> 16:04
>
> 16:05
>
> 4
>
> *Approve Minutes of Oct. 13 *
>
> *Complete F2F Minutes (Robin, Doug, Andrew, Gerv, Ben, Kirk, Eric)*
>
> Sent by Dean on Oct. 24
>
> 0:11
>
> 16:05
>
> 16:16
>
> 5
>
> *Ballot Status; Procedure for Next Two Months*
>
> *Ballots 180-182 (Kirk)*
>
> *Ballot 176: BR 3.4.4.2 - CNAME verification (Jeremy)*
>
> *Ballot 179: BR 6.1.7 – Root signing time stamping certs (Dimitris)*
>
> *Other ballots in pipeline?*
>
> Kirk
>
> 0:10
>
> 16:16
>
> 16:26
>
> 6
>
> *Possible ballot on BR 7.1.3 : OCSP responder certs; combination of old
> and new balloting processes*
>
> Wayne, Kirk
>
> 0:05
>
> 16:26
>
> 16:32
>
> 7
>
> *Governance Change working group update. Results of last call*
>
> Ben/Dean
>
> 0:01
>
> 16:32
>
> 16:33
>
> 8
>
> *Validation Working Group* *Status*
>
> Jeremy
>
> 0:04
>
> 16:33
>
> 16:37
>
> 9
>
> *Policy Review Working Group *
>
> Ben
>
> 0:10
>
> 16:37
>
> 16:47
>
> 10
>
> *Continuing the discussion on CAA*
>
> All
>
> 0:10
>
> 16:47
>
> 16:57
>
> 11
>
> *Continuing the discussion on CT*
>
> All
>
> 0:02
>
> 16:57
>
> 16:59
>
> 12
>
> *Any Other Business *
>
> 0:01
>
> 16:59
>
> 17:00
>
> 13
>
> *Next call on Thursday, Nov. 10, 2016*
>
>
>
> 0:00
>
> 17:00
>
> 14
>
> *Adjourn*
>
>
>
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20161026/10007d5d/attachment-0001.html>