[cabfpub] Creation of S/MIME Certificates Working Group

Wayne Thayer wthayer at gmail.com
Fri Mar 13 02:43:45 UTC 2020

Thank you Clint! I have reviewed this draft and I'm happy with it. Assuming
that Tim and Ryan feel their concerns have been addressed, I am willing to
endorse a new ballot on behalf of Mozilla.

- Wayne

On Thu, Mar 12, 2020 at 8:07 AM Clint Wilson via Public <public at cabforum.org>

> Sure thing, here’s a Word formatted version :)
> On Mar 12, 2020, at 8:05 AM, Ryan Sleevi <sleevi at google.com> wrote:
> Hey Clint,
> Is it possible to convert that file to a standard format? I'm having
> trouble opening it
> On Wed, Mar 11, 2020 at 10:30 PM Clint Wilson <clintw at apple.com> wrote:
>> Hello all,
>> I’ve attached below an updated draft charter which addresses the concerns
>> I raised previously, especially with regards to section 4.2.3. There are
>> additionally changes seeking to address Tim and Ryan’s comments/responses
>> below and a few minor updates that seemed warranted as I went through
>> another comprehensive review of the document. For each area changed, there
>> is a corresponding comment; if anything is unclear, please let me know and
>> I’d be happy to address.
>> Thank you for your patience and understanding in getting this back to the
>> group. Have a great evening!
>> -Clint
>> On Feb 18, 2020, at 1:57 PM, Ryan Sleevi via Public <public at cabforum.org>
>> wrote:
>> On Tue, Feb 18, 2020 at 1:57 PM Tim Hollebeek via Public <
>> public at cabforum.org> wrote:
>>>    - Automatic cessation of membership
>>>    - The balloted wording around software update cadences introduces
>>>       some precision/definition issues that would likely prove troublesome in and
>>>       of themselves.
>>>       - While some of those issues could be addressed through
>>>       wordsmithing, the entire precept that membership may be automatically
>>>       removed based on various conditions (both for Certificate Consumers
>>>       *and* Issuers) is itself problematic and I think an area rife for
>>>       improvement (both here and in other charters).
>>> REJECT: The language is consistent with the language in the other
>>> working group charters.  Introducing new inconsistencies in this charter
>>> would be confusing for all involved.  If Apple believes these provisions
>>> are problematic, potential improvements should be discussed an applied
>>> across all chartered working groups.
>> I'm not quite sure I understand this rationale, could you explain more.
>> Why does this charter need to follow the SCWG/CSWG charter? Who is "all
>> involved" that would be confused?
>> It seems very valuable to learn from mistakes and concerns and address
>> them, but perhaps I'm overlooking something?
>>>    - Invalid membership requirements/processes
>>>    - I think Ryan Sleevi has explained most of this better than I
>>>       could, so I’ll refer to his message instead:
>>>       https://cabforum.org/pipermail/public/2020-February/014874.html.
>>>       - I looked, but failed to find information as to how mail
>>>       transfer agents consume S/MIME certificates. However, since it’s included
>>>       in the ballot I can only conclude that the proposer has relevant and
>>>       detailed insight into how and why this is a valid categorization for
>>>       Certificate Consumers and had hoped to be pointed to that information so as
>>>       to better understand the scope of this proposed CWG.
>>> REJECT: This was discussed extensively during the governance reform
>>> process, and the current procedures were deemed to be sufficient.  This
>>> charter simply follows those precedents.  Indeed, two other chartered
>>> working groups were successfully bootstrapped already.
>> I understand one group was the Code Signing Working Group, which perhaps
>> did not have careful or close review from all Forum members due to the
>> explicit lack of intent to participate in the venue or fundamental
>> disagreements about the working group objectives.
>> However, I'm not sure, what's the other Chartered Working Group you're
>> thinking of? The SCWG explicitly did not follow this process, as part of
>> the Legacy Working Group transition, and so I'm not sure what the other CWG
>> is that avoided this?
>> Also, while I agree that this was discussed extensively, I must
>> respectfully disagree that the "current procedures were deemed to be
>> sufficient". The current (proposed) procedures were known to be problematic
>> in bootstrapping, something we discussed, and something we knew we could
>> avoid by defining an open and welcoming charter. This WG does not seem to
>> set out to do this.
>> In all fairness, this seems a repeat of the same issues the bedeviled,
>> and nearly derailed, the Forum in it's first start. The attempt to exclude
>> some CAs, via narrowly and restrictively scoped membership, nearly resulted
>> in the implosion of the Forum, as the management@ archives from 2009
>> show. Ultimately, it was the Forum's rejection of such exclusionary
>> attempts that helped grow the membership. In particular, it was DigiCert
>> who some were trying to prevent from joining the Forum, so it would be
>> unfortunate to have DigiCert repeat that same process.
>> I'm hoping you're open to addressing these issues, but I don't think we
>> can support the charter without this issue being addressed.
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20200312/4d8d79d5/attachment-0003.html>

More information about the Public mailing list