[cabfpub] Membership Application of Sony
Ryan Sleevi
sleevi at google.com
Wed Jun 27 17:35:36 UTC 2018
So, to make sure we have a clearly defined question and goal, which ensures
a productive use of our time (rather than ad-hoc discussions), is this a
correct summary of the exact topic to discuss:
"Does Sony, which distributes Android TV with additional Sony software
installed, produce a software product, such as a browser, intended for use
by the general public for relying upon certificates, based on the
information currently provided"
With possible outcomes being:
"Yes"
"No"
"Here are additional questions that may need to be answered before-hand"?
Similarly, one presumably repeats that process for all further definitions
- such as CWG membership groups.
I can see there are a number of questions that would need to be answered:
- What CWGs would Sony be interested in applying for
- Where are details about the Software Product (since updates to those
products are part of our Bylaws)
- Is the Software Product itself intended for use by the general public for
relying upon certificates?
- An example of how it could not be intended for use by the general
public is a system that is intended to only connect to a single host or a
limited set of hosts
If the discussion is focused on gathering further questions or additional
information to gather, that can be a productive conversation to have.
On Wed, Jun 27, 2018 at 1:21 PM Kirk Hall via Public <public at cabforum.org>
wrote:
> Summary based on quotes from my original email to the list:
>
>
>
> *Original Sony question*: “Can you please describe the bylaw requirement
> of “produces a software product, such as a browser, intended for use by the
> general public for relying upon certificates and is a member of a CWG”? If
> we produce a hardware product which includes software which relies upon
> (public root) certificates, does that meet the definition of “produces a
> software product”?”
>
>
>
> *Dean Coclin response*: “Perhaps you can help clarify by stating whether
> or not Sony makes the underlying software that runs in the hardware device
> made by Sony?”
>
>
>
> *Sony response*: “Limiting the discussion to televisions (the question
> at-hand), they’re based on Android TV then with Sony software on top. So,
> “does Sony make the software” is yes and no. But we **do** write the
> software that does the cryptographic signature validation.”
>
>
>
>
>
> Bylaws provide as follows:
>
>
>
> (a) All Forum members must *** meet at least one of the following
> criteria: ***
>
>
>
> (*3) Certificate Consumer: The member organization produces a software
> product, such as a browser, intended for use by the general public for
> relying upon certificates* and is a member of a CWG [Chartered Working
> Group, such as the new Server Certificate Working Group]*.*
>
>
>
> *From:* Ryan Sleevi [mailto:sleevi at google.com]
> *Sent:* Wednesday, June 27, 2018 10:13 AM
> *To:* Kirk Hall <Kirk.Hall at entrustdatacard.com>; CABFPub <
> public at cabforum.org>
> *Subject:* Re: [cabfpub] [EXTERNAL]Re: Membership Application of Sony
>
>
>
> I'm having trouble finding a clear summary of the question from the
> message forwarded.
>
>
>
> Could you helpfully re-state it?
>
>
>
> It sounds like the question is "Can we join the Forum without joining a
> CWG" - but that may not be a correct understanding.
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180627/8755738d/attachment-0003.html>
More information about the Public
mailing list