[cabfpub] Ballot Forum-11: Creation of S/MIME Certificates Working Group

Wayne Thayer wthayer at gmail.com
Wed Feb 5 22:45:20 UTC 2020


Based on my recollection of the Guangzhou discussion, and supported by the
minutes, the "path forward agreed to in Guangzhou" was that we would take
this charter to a ballot without further attempts to resolve the issue of
including identity in the charter's scope. There does not appear to be a
path to consensus on this issue, despite the considerable amount of time
spent discussing it. I'm unhappy with this approach, but as one of the
endorsers, I don't see an alternative other than "take it to a vote" that
gets this much-needed WG formed any time soon.

- Wayne

On Wed, Feb 5, 2020 at 3:22 PM Ryan Sleevi via Public <public at cabforum.org>
wrote:

> Hi Tim,
>
> Could you point to where that's reflected in the minutes? Our
> understanding here at Google is that Apple's proposed changes, which we
> support and would be unable to participate without incorporating, is that
> it accurately and correctly reflects the discussions in London [1],
> reiterated in Cupertino [2], and agreed upon in Thessaloniki [3]. It
> appears that, following that, the proposers of that ballot ignored that
> consensus and conclusion, and yet the discussion of Guangzhou [4] does not
> indicate there was consensus to do so.
>
> I'm hoping we've just overlooked something in the minutes, but Apple's
> proposed changes seem imminently reasonable, and a worthwhile path to
> drafting requirements that consuming software, such as mail clients (both
> native and Web), can use and consume as part of their root programs, as an
> alternative to their root-program-specific requirements.
>
> [1]
> https://cabforum.org/2018/06/06/minutes-for-ca-browser-forum-f2f-meeting-44-london-6-7-june-2018/#New-SMIME-Working-Group-Charter
> [2]
> https://cabforum.org/2019/05/03/minutes-for-ca-browser-forum-f2f-meeting-46-cupertino-12-14-march-2019/#Creation-of-additional-Working-Groups---Secure-Mail
> "Dean – We have a blank slate here and it seems the reluctance was to
> make it a narrow scope and then focus on either one aspect of SMIME. First
> task might be how to validate an email, and then focus on identity
> validation. Some comments were to make the chart narrow to focus on one
> task while others say to include all proposed tasks to not have to
> recharter which has caused issues in the past."
> [3]
> https://cabforum.org/2019/08/16/minutes-for-ca-browser-forum-f2f-meeting-47-thessaloniki-12-13-june-2019/#Creation-of-Additional-Groups---Secure-Mail
> "Eventually, all parties in the conversation came to the conclusion that
> it would behoove the Forum to scope the working group charter to domain
> validation, first, before adding other functionality once that portion was
> locked-down."
> [4]
> https://cabforum.org/2019/12/12/minutes-for-ca-browser-forum-f2f-meeting-48-guangzhou-5-7-november-2019/#Creation-of-Additional-Groups---Secure-Mail
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20200205/f6476dec/attachment-0003.html>


More information about the Public mailing list