[cabfpub] Final Minutes for CA/Browser Forum Teleconference - March 7, 2019
Dimitris Zacharopoulos (HARICA)
dzacharo at harica.gr
Sun Mar 17 15:37:24 UTC 2019
These are the Final Minutes of the Teleconference described in the
subject of this message
Attendees (in alphabetical order)
Anna Weinberg (Apple), Ben Wilson (Digicert), Bruce Morton (Entrust
Datacard), Chris Kemmerer (SSL.com), Daymion Reynolds (GoDaddy), Dean
Coclin (Digicert), Dimitris Zacharopoulos (HARICA), Doug Beattie
(GlobalSign), Dustin Hollenback (Microsoft), Frank Corday (SecureTrust),
Geoff Keating (Apple), Inaba Atsushi (GlobalSign), Iñigo Barreira (360
Browser), Joanna Fox (GoDaddy), Kirk Hall (Entrust Datacard), Li-Chun
Chen (Chunghwa Telecom), Mads Henriksveen (Buypass AS), Mahmud Khair
(SecureTrust), Marcelo Silva (Visa), Michelle Coon (OATI), Mike Reilly
(Microsoft), Neil Dunbar (TrustCor Systems), Niko Carpenter
(SecureTrust), Rich Smith (Sectigo), Robin Alden (Sectigo), Ryan Sleevi
(Google), Shelley Brewer (Digicert), Tim Shirley (SecureTrust), Trevoli
Ponds-White (Amazon), Wayne Thayer (Mozilla).
1. Roll Call
The Chair took attendance
2. Read Antitrust Statement
The Antitrust Statement was read
3. Review Agenda
Today's Agenda was approved.
4. Approval of Minutes of previous teleconference
The minutes of February 21, 2019 teleconference were approved and will
be posted to the Public list and the Public web site.
5. Forum Infrastructure Working Group update
Wayne reported that the Infrastructure WG discussed two major topics.
The first topic was around using Github as the canonical version of
cabforum documents. We currently have the ability to create a PDF
document from a GitHub "file" (currently in Markdown format) and the
question is whether this PDF document is acceptable, as in "does it have
all the features that we need" to make it usable as THE canonical document.
The solution might come from a specific session at the F2F meeting to
discuss the differences between the existing PDF documents and the
automatically produced PDF documents from GitHub. We will need to
compare that with the current practice where a word document is
maintained on the wiki and is manually updated. That's why there is now
a specific slot at the F2F to discuss this topic.
Dimitris added that this is one step towards using GitHub as the
maintainer engine for canonical versions of Guidelines and documents. We
have also scheduled a second slot with a short demo on how to create
red-line documents using GitHub, something useful for people that want
to create ballots and need to produce a red-lined document.
The second topic discussed was about the current ballot rules that
require both a "Ballot Version" (statements like "in section X, replace
the language with the following text") and a "red-line" which is just
for assistance and is not normative for the ballot. These
inconsistencies that have been spotted from time-to-time may create
confusion to Members that review the ballots.
Wayne also mentioned that most members prefer to read "red-lined"
versions because it makes the review easier. The question is whether
there is a need to create the "Ballot Version" when there is a clear
proposed red-line Maintenance Guideline version.
We would like to propose an option that a ballot only has to document
the red-line and that red-line version should be enforced. In order for
this to be permitted, a small change in the Bylaws is required. Since we
are already in the middle of changing the Bylaws, this additional change
may be added in the proposed Bylaws changes.
Kirk mentioned that was a time where only red-lines were required and
the "Ballot Version" was not required. Wayne responded that the current
Bylaws include language that strongly implies that the more descriptive
language ("Ballot Version") is required for every ballot. The plan is to
update the language to clearly state that a "Ballot Version" is optional.
Ryan commented that the language around the "Ballot Version" was
discussed during Governance reform and the main reason was that it would
cover for cases where the red-lined version was against an older version
of the Guidelines.
Kirk said that the same problem would probably exist in a red-line and
in a "Ballot Version" against an "incorrect" (or obsolete) text but is
happy with anything that makes things clearer.
Dimitris summarized that the goal is to "drive" things on maintaining
the "canonical" versions of documents on GitHub and in order to get
there, we need to get members acquainted with GitHub and more familiar
with it. Then, we would be in a position to introduce more specific
procedures on how to perform ballot updates. We can then add specific
steps utilizing GitHub and make these normative procedures in the future.
Of course, there will be specific instructions and demos to support that.
Ryan mentioned that he would circulate the minutes of the latest
Infrastructure Working Group soon.
6. Follow-up on new S/MIME WG Charter and formation of Code
Ballot Forum-8 for the creation of the Code Signing Working Group is
currently in the voting period and will likely pass. Dimitris asked
about provisions of the CSCWG at the upcoming F2F and if Dean would need
a slot for a kick-off meeting of the new WG, but also time during the
first day (Tuesday).
There was agreement to use the currently empty slot at the end of the
meeting on Thursday and 30 minutes closer to the end of Tuesday.
The S/MIME WG charter will be based on the Code Signing WG Charter but
there is no progress in that area yet.
7. Upcoming F2F 46 meeting March 12-14, 2019 (hosted by Apple)
All basic information related to the F2F meeting venue is published on
the wiki. Remote audio/video participation information will also be
posted on the wiki. Apple will prepare an Apple WebEx session. Geoff
also mentioned that there will be some breakfast available at the venue,
and this is stated in the F2F Agenda.
8. Finalize CA/B Forum Agenda for F2F 46
Dimitris read the topics of the current draft agenda and received no
objections about the topics or time allocations. The final agenda will
be posted on the public list.
9. Any Other Business
Dimitris mentioned that all F2F slots have been filled until October
2021. After Greece, the next F2F meeting will take place Oct 28-31 in
Guangzhou, hosted by GDCA. Feb-March 2020 the meeting is scheduled for
Bratislava, hosted by Disig and Feb-March 2021 the meeting is scheduled
for Dubai, hosted by DarkMatter.
10. Bylaws and existing Charters update
Wayne summarized the current state of updating the Bylaws, reminding
everyone that the last changes were sent already to the public list.
Members should use this period of time to discuss these changes with
their legal teams and attend the F2F with specific questions or concerns
that will have to be addressed. If we receive no objections, then there
will be a ballot prepared soon after the F2F to update the Bylaws
according to the proposed changes.
One change is proposed to be added in section 2.4, clarifying that a
single red-line should be sufficient for a draft guideline ballot.
Kirk mentioned that the group should put some thought about past cases
where some mail clients could not properly display the red-line
attachments and recommended that PDF is used for that. Wayne responded
that the proposal doesn't actually get into this area and leaves the
existing bylaws as-is and just clarifies that a red-line alone is
sufficient to submit a ballot.
11. Next call
March 21, 2019 at 11:00 am Eastern Time.
*F2F Meeting Schedule: *
* 2019: March 12-14, 2019 – Cupertino, CA (Apple), June 11-13, 2019 –
Greece (HARICA), October 28-31– Guangzhou (GDCA)
* 2020: Feb-MarchBratislava (Disig), June – Minneapolis (OATI),
October – Tokyo (GlobalSign)
* 2021: Feb-March Dubai (DarkMatter), June – Poland (Asseco-Certum),
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public