[cabfpub] [EXTERNAL]Re: Send us you list of current problems with the Network Security Guidelines

Peter Bowen pzb at amzn.com
Sun Jun 11 22:10:25 MST 2017


Ryan,

I’ll take a stab at an answer, as I made a very similar proposal for the last F2F.  There are a number of reasons why people may not want to publish issues with the current requirements with their names attached.  Chief among these is repetitional concern — for some members, suggesting that the standard has issues or that their organization has seen issues may not be culturally acceptable.

On the other hand, it is not clear what “problems” you reference. I’m guessing this goes to the IPR agreement and the need for every contribution by a member to be tracked and associated with the member.  This is needed to assure our standards don’t end up like some other standards where it is necessary to license IP in order to implement the standard.  Is this why you see the anonymous proposal as problematic?

Thanks,
Peter

> On Jun 11, 2017, at 8:06 PM, Ryan Sleevi via Public <public at cabforum.org> wrote:
> 
> Kirk,
> 
> This is not helpful or productive. Should I take your response to mean that you do not wish to engage with or answer the question, which was hopefully both simple and clear, which was simply trying to understand why, given the problems, you would propose anonymity? Understanding your reasoning, and the things you considered in proposing it, is entirely based in good faith, and I hope you can extend the same courtesies.
> 
> On Sun, Jun 11, 2017 at 5:32 PM, Kirk Hall <Kirk.Hall at entrustdatacard.com <mailto:Kirk.Hall at entrustdatacard.com>> wrote:
> Actually, Ryan – you go first.  Why did you object?
> 
>  
> 
> From: Ryan Sleevi [mailto:sleevi at google.com <mailto:sleevi at google.com>] 
> Sent: Sunday, June 11, 2017 12:37 PM
> To: Kirk Hall <Kirk.Hall at entrustdatacard.com <mailto:Kirk.Hall at entrustdatacard.com>>
> Cc: CA/Browser Forum Public Discussion List <public at cabforum.org <mailto:public at cabforum.org>>
> Subject: Re: [EXTERNAL]Re: [cabfpub] Send us you list of current problems with the Network Security Guidelines
> 
>  
> 
> Hi Kirk,
> 
>  
> 
> While I realize your reply was seeking for more clarification, I think it's important to note that you didn't actually engage with the question I asked. I'm hoping to ask again - could you go into detail why this would be beneficial for discussion?
> 
>  
> 
> Thanks
> 
>  
> 
> On Sat, Jun 10, 2017 at 12:54 AM, Kirk Hall <Kirk.Hall at entrustdatacard.com <mailto:Kirk.Hall at entrustdatacard.com>> wrote:
> 
> Why do you think it’s detrimental to discussion – I don’t follow your logic?
> 
>  
> 
> From: Ryan Sleevi [mailto:sleevi at google.com <mailto:sleevi at google.com>] 
> Sent: Friday, June 9, 2017 4:49 PM
> To: CA/Browser Forum Public Discussion List <public at cabforum.org <mailto:public at cabforum.org>>
> Cc: Kirk Hall <Kirk.Hall at entrustdatacard.com <mailto:Kirk.Hall at entrustdatacard.com>>
> Subject: [EXTERNAL]Re: [cabfpub] Send us you list of current problems with the Network Security Guidelines
> 
>  
> 
>  
> 
>  
> 
> On Fri, Jun 9, 2017 at 4:34 PM, Kirk Hall via Public <public at cabforum.org <mailto:public at cabforum.org>> wrote:
> 
> Bruce and I will combine all suggestions received and report anonymously to the whole group for a discussion in Berlin.  
> 
>  
> 
> That seems pretty detrimental to discussion - that is, the anonymous aspect - unless we're talking about specific audit failures.
> 
>  
> 
> Could you go into detail why this would be beneficial for discussion? 
> 
>  
> 
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170611/8d27ed4b/attachment-0001.html>


More information about the Public mailing list