[cabfpub] CAB Forum Draft Code of Conduct

Virginia Fournier vfournier at apple.com
Wed Apr 26 20:13:31 UTC 2017

Hi Ryan,

Thanks very much - this is helpful.  I’ll take a stab at incorporating these comments, as well as the others I’ve received, and provide an updated draft for review. 

Best regards,

Virginia Fournier
Senior Standards Counsel
 Apple Inc.
☏ 669-227-9595
✉︎ vmf at apple.com <mailto:vmf at apple.com>

On Apr 26, 2017, at 1:03 PM, Ryan Sleevi <sleevi at google.com> wrote:

On Wed, Apr 26, 2017 at 3:41 PM, Virginia Fournier <vfournier at apple.com <mailto:vfournier at apple.com>> wrote:
Hi Ryan,

I’m glad to see that you’re supportive of a code of conduct.  Thanks for reviewing the differences between CAs and browsers.  I just don’t see anything in those differences that would prevent the adoption of the proposed Code of Conduct.  I don’t think there’s anything inherent in the asymmetrical relationship between CAs and browsers that would prevent either category of members from being polite, professional, and respectful to the other.   

It would be extremely helpful if you would please point out the specific language in the proposed Code of Conduct that you believe would prevent browsers from enforcing their expectations with CAs?  Does that require unreasonable conduct?  

I think the recent discussions around "sent", "submitted", "distributed", "via", and "posted" highlight the reasonable concern that 'plain language' is easily miscontrued, whether intentionally or not.

For example, "treat eachother with ... fairness" could be, for example, misconstrued that a browser member should not discuss a CA member's failure to abide by the Baseline Requirements, unless time was spent discussion all CA member's failures, as that's the only way to be fair. This is a problem that naturally arises from the imbalanced power dynamic.

"Disrupting Forum events, including meetings, talks, and presentations" could be misconstrued as providing opposing viewpoints or disagreement, or correctly identifying provably factual inaccuracies. Similarly, it could be interpreted as a person who continues to raise a particular point, despite all reasonable efforts to address it, and refusing to progress on this topic or to allow others to talk. This is particularly exacerbated by the inbalanced power dynamic, because it can be beneficial for a member to engage in such 'stonewalling' or 'hypotheticals' as a way of trying to prevent agreement that might improve security, but negatively impact their business. In some spaces, this might be called 'concern trolling', and determining whether or not that constitutes a disruption is, understandably, difficult, even if from the plain reading it is not meant to be.

Similarly, the proposal of moderation, while well intentioned, exacerbates the power dynamic. Moderation can be used as a means of retaliation, and the proposal explicitly discourages transparency. One of the concerted efforts Google has made in the Forum for the past several years, and with the thankful help of Apple along the way, is to bring greater transparency. I certainly understand and agree with the spirit of trying to allow for an amicable airing of concerns in a way that creates a non-threatening environment, which I believe was your intent. That said, we've also seen some fairly problematic practices, whether intentional or otherwise, and it's important to speak truth to power and to do so transparently.

I admit, I don't have easy or good solutions to this, because I absolutely think the spirit of having an agreed upon baseline is incredibly useful. I similarly thought we had provided some basics of that through the Bylaws, but events over the past 3 years have demonstrated that there are a wide variety of interpretations about what is expected - of the Member organization, of the Forum's operation, of the technical expectations, and, of course, of the interpersonal behaviours. To support a code of conduct, there needs to be a degree of trust in the shared goals and values, so that we can use our similarities to overcome our differences and disagreements. However, I'm not sure I'm optimistic enough to believe that, either personally or organizationally, members have those shared goals. That's why I raised the discussion about the dynamics of power - because it can incentivize or reward abuse as much as correct and prevent it.

I realize this is beginning to sound like every "Code of Conduct" discussion, and it's disheartening to be the one making these arguments when I've looked so skeptically on them in the past. But I think it's at least worth some degree of discussion, to figure out how to balance these concerns in a particularly charged and complicated organization like the Forum.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170426/8b8fbac6/attachment-0003.html>

More information about the Public mailing list