[Servercert-wg] [EXTERNAL]Re: Proposal to address ballot effective date problem
Ryan Sleevi
sleevi at google.com
Wed Oct 17 18:42:12 MST 2018
On Wed, Oct 17, 2018 at 9:26 PM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:
> You were dismissive of the observation that this year was an odd year for
> ballots. Despite the fact that the observation is correct.
>
>
>
> I would encourage using a larger, more significant dataset. Reasoning
> about what our procedures should be going forward based on two datapoints
> is not a good strategy.
>
I don't think it's fair to say it's 2 data points - as discussed, it's
actually multiple ballots. It's also been a year of activity where we have
been sensitive and attentive to the concerns. If the statement is that we
should look at how bad a problem it was five years ago, then I hope such
advocates will actually do the analysis and report back about which ballots
caused trouble. I think we should also be mindful of the fact that the
Forum has changed. Much in the same way I'm sure CAs would not want to be
dismissed as "actively misissuing" when they had an incident five years
ago, revised their CPS, and haven't demonstrated the problem since, I think
it's reasonable to examine the historic context, while also being mindful
that members have been more actively sensitive to these issues in the years
since CAs remarked.
So I suppose concretely: Can you provide data that you believe demonstrates
the concern? We can then look at both how the Forum practices have changed,
as well as better understand why the concern. Given the flexibility
afforded by the current process, and the clear demonstration that in the
past year, it hasn't been significantly painful when browsers have been
proposing changes.
I would have thought CAs would be more actively concerned with such
proposals as batching. As the data for the past year shows, the majority of
the ballots have been offering CAs more flexibility, not less. Having to
wait 3 or more months to take advantage of that flexibility - or risking a
qualified audit - doesn't seem in CAs interests either.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20181017/43d6b425/attachment.html>
More information about the Servercert-wg
mailing list