[cabfpub] Final Minutes for CA/Browser Forum Teleconference - March 7, 2019

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Sun Mar 17 15:37:24 UTC 2019

These are the Final Minutes of the Teleconference described in the 
subject of this message

    Attendees (in alphabetical order)

Anna Weinberg (Apple), Ben Wilson (Digicert), Bruce Morton (Entrust 
Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean 
Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie 
(GlobalSign), Dustin Hollenback (Microsoft), Frank Corday (SecureTrust), 
Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Iñigo Barreira (360 
Browser), Joanna Fox (GoDaddy), Kirk Hall (Entrust Datacard), Li-Chun 
Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Mahmud Khair 
(SecureTrust), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly 
(Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter 
(SecureTrust), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi 
(Google), Shelley Brewer (Digicert), Tim Shirley (SecureTrust), Trevoli 
Ponds-White (Amazon), Wayne Thayer (Mozilla).


      1. Roll Call

The Chair took attendance

      2. Read Antitrust Statement

The Antitrust Statement was read

      3. Review Agenda

Today's Agenda was approved.

      4. Approval of Minutes of previous teleconference

The minutes of February 21, 2019 teleconference were approved and will 
be posted to the Public list and the Public web site.

      5. Forum Infrastructure Working Group update

Wayne reported that the Infrastructure WG discussed two major topics. 
The first topic was around using Github as the canonical version of 
cabforum documents. We currently have the ability to create a PDF 
document from a GitHub "file" (currently in Markdown format) and the 
question is whether this PDF document is acceptable, as in "does it have 
all the features that we need" to make it usable as THE canonical document.

The solution might come from a specific session at the F2F meeting to 
discuss the differences between the existing PDF documents and the 
automatically produced PDF documents from GitHub. We will need to 
compare that with the current practice where a word document is 
maintained on the wiki and is manually updated. That's why there is now 
a specific slot at the F2F to discuss this topic.

Dimitris added that this is one step towards using GitHub as the 
maintainer engine for canonical versions of Guidelines and documents. We 
have also scheduled a second slot with a short demo on how to create 
red-line documents using GitHub, something useful for people that want 
to create ballots and need to produce a red-lined document.

The second topic discussed was about the current ballot rules that 
require both a "Ballot Version" (statements like "in section X, replace 
the language with the following text") and a "red-line" which is just 
for assistance and is not normative for the ballot. These 
inconsistencies that have been spotted from time-to-time may create 
confusion to Members that review the ballots.

Wayne also mentioned that most members prefer to read "red-lined" 
versions because it makes the review easier. The question is whether 
there is a need to create the "Ballot Version" when there is a clear 
proposed red-line Maintenance Guideline version.

We would like to propose an option that a ballot only has to document 
the red-line and that red-line version should be enforced. In order for 
this to be permitted, a small change in the Bylaws is required. Since we 
are already in the middle of changing the Bylaws, this additional change 
may be added in the proposed Bylaws changes.

Kirk mentioned that was a time where only red-lines were required and 
the "Ballot Version" was not required. Wayne responded that the current 
Bylaws include language that strongly implies that the more descriptive 
language ("Ballot Version") is required for every ballot. The plan is to 
update the language to clearly state that a "Ballot Version" is optional.

Ryan commented that the language around the "Ballot Version" was 
discussed during Governance reform and the main reason was that it would 
cover for cases where the red-lined version was against an older version 
of the Guidelines.

Kirk said that the same problem would probably exist in a red-line and 
in a "Ballot Version" against an "incorrect" (or obsolete) text but is 
happy with anything that makes things clearer.

Dimitris summarized that the goal is to "drive" things on maintaining 
the "canonical" versions of documents on GitHub and in order to get 
there, we need to get members acquainted with GitHub and more familiar 
with it. Then, we would be in a position to introduce more specific 
procedures on how to perform ballot updates. We can then add specific 
steps utilizing GitHub and make these normative procedures in the future.

Of course, there will be specific instructions and demos to support that.

Ryan mentioned that he would circulate the minutes of the latest 
Infrastructure Working Group soon.

      6. Follow-up on new S/MIME WG Charter and formation of Code
      Signing WG

Ballot Forum-8 for the creation of the Code Signing Working Group is 
currently in the voting period and will likely pass. Dimitris asked 
about provisions of the CSCWG at the upcoming F2F and if Dean would need 
a slot for a kick-off meeting of the new WG, but also time during the 
first day (Tuesday).

There was agreement to use the currently empty slot at the end of the 
meeting on Thursday and 30 minutes closer to the end of Tuesday.

The S/MIME WG charter will be based on the Code Signing WG Charter but 
there is no progress in that area yet.

      7. Upcoming F2F 46 meeting March 12-14, 2019 (hosted by Apple)

All basic information related to the F2F meeting venue is published on 
the wiki. Remote audio/video participation information will also be 
posted on the wiki. Apple will prepare an Apple WebEx session. Geoff 
also mentioned that there will be some breakfast available at the venue, 
and this is stated in the F2F Agenda.

      8. Finalize CA/B Forum Agenda for F2F 46

Dimitris read the topics of the current draft agenda and received no 
objections about the topics or time allocations. The final agenda will 
be posted on the public list.

      9. Any Other Business

Dimitris mentioned that all F2F slots have been filled until October 
2021. After Greece, the next F2F meeting will take place Oct 28-31 in 
Guangzhou, hosted by GDCA. Feb-March 2020 the meeting is scheduled for 
Bratislava, hosted by Disig and Feb-March 2021 the meeting is scheduled 
for Dubai, hosted by DarkMatter.

      10. Bylaws and existing Charters update

Wayne summarized the current state of updating the Bylaws, reminding 
everyone that the last changes were sent already to the public list. 
Members should use this period of time to discuss these changes with 
their legal teams and attend the F2F with specific questions or concerns 
that will have to be addressed. If we receive no objections, then there 
will be a ballot prepared soon after the F2F to update the Bylaws 
according to the proposed changes.

One change is proposed to be added in section 2.4, clarifying that a 
single red-line should be sufficient for a draft guideline ballot.

Kirk mentioned that the group should put some thought about past cases 
where some mail clients could not properly display the red-line 
attachments and recommended that PDF is used for that. Wayne responded 
that the proposal doesn't actually get into this area and leaves the 
existing bylaws as-is and just clarifies that a red-line alone is 
sufficient to submit a ballot.

      11. Next call

March 21, 2019 at 11:00 am Eastern Time.


      *F2F Meeting Schedule: *

  * 2019: March 12-14, 2019 – Cupertino, CA (Apple), June 11-13, 2019 –
    Greece (HARICA), October 28-31– Guangzhou (GDCA)
  * 2020: Feb-MarchBratislava (Disig), June – Minneapolis (OATI),
    October – Tokyo (GlobalSign)
  * 2021: Feb-March Dubai (DarkMatter), June – Poland (Asseco-Certum),
    October [Open]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20190317/6b7f3a63/attachment-0002.html>

More information about the Public mailing list