[cabfpub] [EXTERNAL]Re: CA/Browser Face to Face Meeting 41 Agenda – Berlin
Ryan Sleevi
sleevi at google.com
Wed Jun 14 19:49:44 UTC 2017
Kirk,
While as you know, we are thrilled to see a proposal for greater
participation of the public, a point that Google has supported for a number
of years, but which TrendMicro and several other members of the Forum at
the time opposed, it does bear highlighting that there's a selection bias
being exercised. My hope is that by correcting for that selection bias, we
might receive more useful, earnest, and valuable feedback for the Forum, if
we are admitting that the Forum benefits from participation of more than
just the CAs and browsers.
For example, you've proposed "major website users of certificates with
complex infrastructures". We've previously heard from organizations who had
difficulty replacing their SHA-1 certificates with SHA-256 certificates,
but we did not afford much time for the many millions of users - and
certificate holders - who either did not have such difficulty or who were
put at risk from such difficulties.
My hope is that by being open in a way that is truly meaningful, we might
have a more robust picture of the ecosystem. While I realize that major
website users may represent CAs largest customers, either by volume or by
cost, and thus there is a predisposition to those opinions, considering
that we collectively are managing a global shared resource whose security
is critical for the Internet, we should take into consideration a fullness
of views.
As much as I appreciate your suggestion of a separate section, might I
suggest that it might be more useful to focus on a single section, with
open participation? That is, preselecting ontologies would only serve to
alienate users, but it would seem your goal is a more robust participatory
model.
On Wed, Jun 14, 2017 at 9:53 AM, Kirk Hall <Kirk.Hall at entrustdatacard.com>
wrote:
> My intent is to allow major website users of certificates with complex
> infrastructures to tell us about their experiences with and comments on
> rule changes, and how they are implemented. Right now, I’m not sure
> whether or not the enterprises will be available during our meeting, but if
> not we can schedule during a late teleconference call.
>
>
>
> You can certainly approach this from another angle as well, and bring in
> users in general who have interesting and useful things to say to the
> Forum. I think we still have some time slots available if you want to
> organize that as a separate session. Let me know if you want to do that,
> and how much time you would like.
>
>
>
> *From:* Ryan Sleevi [mailto:sleevi at google.com]
> *Sent:* Wednesday, June 14, 2017 3:04 AM
> *To:* CA/Browser Forum Public Discussion List <public at cabforum.org>
> *Cc:* Kirk Hall <Kirk.Hall at entrustdatacard.com>
>
> *Subject:* Re: [cabfpub] [EXTERNAL]Re: CA/Browser Face to Face Meeting 41
> Agenda – Berlin
>
>
>
> Kirk,
>
>
>
> Could you clarify your intent? You mentioned "any other enterprise users"
> - but I believe the goal is certificate users in general (i.e. more broadly
> than just enterprise).
>
>
>
> Is that correct?
>
>
>
> On Tue, Jun 13, 2017 at 6:03 PM, Kirk Hall via Public <public at cabforum.org>
> wrote:
>
> I will present names and companies once their participation is confirmed.
> Yes, at the Chair’s invitation, but I will additionally “invite” any other
> enterprise users others may propose to tell their stories.
>
>
>
> I’d point out that over the years we have heard from many people and
> organizations at our meetings. It’s been very useful.
>
>
>
> *From:* Public [mailto:public-bounces at cabforum.org] *On Behalf Of *Peter
> Bowen via Public
> *Sent:* Tuesday, June 13, 2017 2:35 PM
> *To:* CA/Browser Forum Public Discussion List <public at cabforum.org>
> *Cc:* Peter Bowen <pzb at amzn.com>
> *Subject:* Re: [cabfpub] [EXTERNAL]Re: CA/Browser Face to Face Meeting 41
> Agenda – Berlin
>
>
>
>
>
> On Jun 13, 2017, at 2:28 PM, Ryan Sleevi via Public <public at cabforum.org>
> wrote:
>
>
>
>
>
>
>
> On Tue, Jun 13, 2017 at 5:00 PM, Kirk Hall via Public <public at cabforum.org>
> wrote:
>
> On your first question - some major enterprise users would like to present
> their ideas and concerns about SSL certificate rules, changes, etc. from
> their perspective, which I know the browsers have wanted (rather than
> hearing it reported by the CAs who provide the certs to enterprise
> customers).
>
>
>
> To be clear: Several browsers have wanted open participation. I would
> suggest that having CA-selected participants, without explanation (as Gerv
> had to seek) is perhaps detrimental to the productive dialog, in as much as
> it allows the Chair - and CA members - to favour particular viewpoints to
> the detriment of the overall ecosystem.
>
>
>
> Might I suggest that it might not be appropriate?
>
>
>
> I think we should welcome hearing from certificate users directly.
>
>
>
> Kirk: Can you provide a list of certificate users who will be presenting,
> including their affiliation? I’m assuming they are attending the F2F at
> the invitation of the Chair.
>
>
>
> Thanks,
>
> Peter
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170614/b618940f/attachment-0003.html>
More information about the Public
mailing list