[cabfpub] Draft Agenda - Server Certificate Working Group organizational meeting - July 12, 2018, 11:00 am Eastern Time

[Kirk Hall]

Here is the draft Server Certificate Working Group (CSWG) agenda for our teleconference this Thursday, July 12, 2018 at 11:00 am Eastern Daylight Time.  Please offer suggested edits.

This Organizational Meeting of the new Server Certificate Working Group will be convened on the same teleconference call as soon as the Forum's meeting is adjourned.  The SCWG Charter and certain Bylaws references are included at the end of this message.


SERVER CERTIFICATE WORKING GROUP (SCWG) ORGANIZATION MEETING AGENDA - July 12, 2018, 11:00 am Eastern Time

1. Roll Call - Rely on Roll Call from prior CABF call.

2. Read Antitrust Statement - Occurred during prior Forum teleconference - not required again.

3. Review Agenda.

4. Organization of SCWG, Approval of Initial Members, Associate Members, and Interested Parties.  [1]


a)      Kirk to read list of proposed Members, Associate Members, and Interested Parties who have signed both IPRA v1.3 and indicated participation in SCWG; call for any objections; approval of initial membership list.

b)      Kirk to read list of proposed Members and Associate Members who have signed the IPRA v1.3 but have NOT indicated participation in SCWG - ask for participation.

c)       Initial membership of SCWG is established, on to substantive business.

5.  Election of SCWG Officers.  [2], [3].  Issues for decision:

a)      What voting rules apply?  Should the SCWG copy Forum voting rules at Bylaw Sec. 4.1 into new SCWG Bylaws?  This will require a SCWG Ballot.

b)      Only a SCWG "Chair" is mentioned in Bylaw 5.3.1(c), but the SCWG Charter starts with Kirk and Ben as initial Chair and Vice Chair.  What officers will the SCWG have? [2], [3]

c)       What should initial terms for SCWG officer elections be?  Choices:

1.       Random - from date of election for 24 months (out of sync with Forum terms)

2.       Same as Forum - Oct. 22, 2018 - Oct. 21, 2020

3.       Same as Forum, but realign to come after Fall F2F: Nov. 1, 2018 - Oct. 31, 2020.  Would require Ballot in Forum to deal with "gap" period Oct. 21-31, 2018

6.  How are SCWG Ballots to be conducted?  Procedures for conducting SCWG Ballots are not specified in either the Forum Bylaws v1.9 or in the SCWG Charter - Forum Bylaws Sec. 2.2 and 2.3 only specify procedures for Ballots that affect Guidelines, not for other procedural Ballots, and don't extend to new Working Group Ballots by their terms.  The SCWG Charter only talks about "Voting Structure," but does not specify procedures for conducting a ballot.

Should we add a provision to new SCWG Bylaws that says "All matters to be decided by the SCWG shall be decided by Ballots to be conducted according to the procedures of Forum Bylaws 2.2 and 2.3"?  Adopt this (and other initial SCWG Bylaws) by a preliminary SCWG Ballot?

7.  Conversion of old Forum "Working Groups" to new SCWG "Subcommittees."  How?  By SCWG Ballot?  Here are the existing Forum Working Groups for consideration - Governance Change Working Group probably should not become a SCWG Charter.  [4], [5]


a)      Validation Working Group to Validation Working Subcommittee

b)      Network Security Working Group to Network Security Subcommittee

c)       Policy Review Working Group to Policy Review Subcommittee

d)      Governance Change Working Group


8.  Proposing and Adopting New "Guidelines Ballots" in the SCWG.

a)      A "Voting Structure" is specified in the SCWG Charter, but the SCWG needs to adopt Ballot procedure first - see Issue 6.

b)      Start a new "Ballots" page on wiki under SCWG tab, keep track of SCWG Ballots in same manner as Forum Ballots?

c)       Adopt a new numbering system for SCWG Ballots (and also for future new Working Groups) - SCWG Ballot 1, SCWG Ballot 2, etc.?

d)      All previously pending Forum Ballots to be deleted from Forum list and wiki, refiled (if desired) as new SCWG Ballots once rules clarified.

e)      Who owns the Baseline Requirements, NetSec Requirements, and EV Guidelines now - only the SCWG?  Can the Forum itself or any other future Working Group amend these Guidelines?

9.  Application of IPR Agreement v1.3 to SCWG Ballots; Procedures.  Defer to future meeting.

10. Next call: July 26, 2018 at 11:00 am Eastern upon adjournment of Forum teleconference?  Consider setting new time for SCWG apart from Forum calls?  Extend meeting time to 90 minutes?

11. Adjourn


REFERENCES

[1] Bylaw 5.3.1(c): *** The CWG Chair will send an invitation to the Public Mail List for an initial CWG [Chartered Working Group] meeting and will solicit eligible Members, Associate Members and Interested Parties (as specified in the charter) with expertise and interest in the CWG's subject matter to participate in the CWG. In order to participate in a Working Group, a party must have agreed to the IPR Policy Agreement and formally declared participation. ***

[2] Bylaw 5.3.1(c): After the charter is approved, the CWG [Chartered Working Group] MAY elect a new Chair by majority vote of the CWG's members, or as otherwise specified in the charter.  *** Each CWG Chair shall be responsible for ensuring that all parties attending the respective CWG meetings have signed the IPR Policy Agreement and have formally declared their participation in the CWG via the mechanism designated by the Forum prior to attending.

[3] From SCWG Charter: Initial chairs and contacts: Chair, Kirk Hall, Vice Chair [and] Ben Wilson, *** terms to run concurrently with their terms as Chair and Vice Chair of the Forum, respectively, unless otherwise voted upon by the Working Group.

[4] Bylaw 5.3.1(e): CWGs may establish any number of subcommittees within its own Working Group to address any of such CWG's business (each, a "Subcommittee"). A CWG-created Subcommittee needs to be approved by the CWG itself according to the approval process set forth in the CWG charter, but approval of the Forum is not necessary. Subcommittees must exist under an approved CWG.

[5] Bylaw 5.3.4 Legacy Working Groups.  Any "Legacy" Working Groups ("LWG") in existence when this Bylaws v.1.8 is approved by the Forum shall have the option of (a) converting to a Subcommittee under a CWG pursuant to Section 5.3.1(e), (b) immediately terminating, or (c) continuing in effect without change for 6 months [i.e., to October 3, 2018, which is 6 months after when Ballot 206 was approved on April 3, 2018] following such approval. For an LWG to continue beyond such 6 months, it must have a charter approved as described in Section 5.3.1 above, as if it was a new Working Group.

*****

SERVER CERTIFICATE WORKING GROUP CHARTER (Approved April 3, 2018)

Upon approval of the CAB Forum by ballot, the Server Certificate Working Group ("Working Group") is created to perform the activities as specified in this Charter, subject to the terms and conditions of the CA/Browser Forum Bylaws and Intellectual Property Rights (IPR) Policy, as such documents may change from time to time. The definitions found in the Forum's Bylaws shall apply to capitalized terms in this Charter.

SCOPE: The authorized scope of the Server Certificate Working Group shall be as follows:

1. To specify Baseline Requirements, Extended Validation Guidelines, Network and Certificate System Security Requirements, and other acceptable practices for the issuance and management of SSL/TLS server certificates used for authenticating servers accessible through the Internet.

2. To update such requirements and guidelines from time to time, in order to address both existing and emerging threats to online security, including responsibility for the maintenance of and future amendments to the current CA/Browser Forum Baseline Requirements, Extended Validation Requirements, and Network and Certificate System Security Requirements.

3. To perform such other activities that are ancillary to the primary activities listed above.

OUT OF SCOPE: The Server Certificate Working Group will not address certificates intended to be used primarily for code signing, S/MIME, time-stamping, VoIP, IM, or Web services. The Server Certificate Working Group will not address the issuance, or management of certificates by enterprises that operate their own Public Key Infrastructure for internal purposes only, and for which the Root Certificate is not distributed by any Application Software Supplier.

Anticipated End Date: None.

Initial chairs and contacts: Chair, Kirk Hall, kirk.hall at entrustdatacard.com<mailto:kirk.hall at entrustdatacard.com>; Vice Chair, Ben Wilson, ben.wilson at digicert.com<mailto:ben.wilson at digicert.com>; terms to run concurrently with their terms as Chair and Vice Chair of the Forum, respectively, unless otherwise voted upon by the Working Group.

Members eligible to participate: The Working Group shall consist of two classes of voting members, the Certificate Issuers and the Certificate Consumers. The CA Class shall consist of eligible Certificate Issuers and Root Certificate Issuers meeting the following criteria:

(1) Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit, or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1 audit report prepared by a properly-qualified auditor, and that actively issues certificates to Web servers that are openly accessible from the Internet, such certificates being treated as valid when using a browser created by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum.

(2) Root Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI TS 102042, ETSI TS 101456, ETSI EN 319 411-1 audit report prepared by a properly-qualified auditor, and that actively issues certificates to subordinate CAs that, in turn, actively issue certificates to Web servers that are openly accessible from the Internet, such certificates being treated as valid when using a browser created by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum.

(3) A Certificate Consumer can participate in this Working Group if it produces a software product intended for use by the general public for browsing the Web securely.

The Working Group shall include Interested Parties and Associate Members as defined in the Bylaws.

Voting structure: In order for a ballot to be adopted by the Working Group, two-thirds or more of the votes cast by the Certificate Issuers must be in favor of the ballot and more than 50% of the votes cast by the Certificate Consumers must be in favor of the ballot. At least one member of each class must vote in favor of a ballot for it to be adopted. Quorum is the average number of Member organizations (cumulative, regardless of Class) that have participated in the previous three Server Certificate Working Group Meetings or Teleconferences (not counting subcommittee meetings thereof). For transition purposes, if three meetings have not yet occurred, quorum is ten (10).

Summary of the work that the WG plans to accomplish: As specified in Scope section above.

Summary of major WG deliverables and guidelines: As specified in Scope section above.

Primary means of communication: listserv-based email, periodic calls, and face-to-face meetings.

IPR Policy: The CA/Browser Forum Intellectual Rights Policy, v. 1.3 or later, SHALL apply to all Working Group activity.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180709/69c948fc/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Draft SCWG Agenda - 12 July 2018.pdf
Type: application/pdf
Size: 363771 bytes
Desc: Draft SCWG Agenda - 12 July 2018.pdf
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180709/69c948fc/attachment-0002.pdf>