[Servercert-wg] Document Versioning

Wayne Thayer wthayer at mozilla.com
Fri Aug 30 17:18:09 MST 2019


I've just had a chance to catch up on this thread, and I think Dimitris has
raised valid concerns about this ballot. I agree that the ballot
technically complies with the Bylaws, and that of course is extremely
important. However, that position ignores the fact that the Bylaws are far
from perfect, and much of what we do is guided by established practices.
The Bylaws don't specify how document versioning should happen, and there
is established practice to guide us.

I see no good reason why this particular ballot must be the one that solves
this particular violation of the Bylaws, which has been going on for a very
long time. I also think it's reasonable for members to choose to vote
against this ballot because it changes an established norm without having
reached consensus for doing so.

We're spending incredible amounts of energy here arguing about the "how"
when I suspect we all agree on the "what" of improved versioning. In order
to move this forward, I'd suggest that the author change the version
numbers encoded in the ballot to match those that the chair would normally
assign so that the resulting ballot technically complies with the Bylaws,
and the resulting guidelines conform to past practice. On the other hand,
if the major/minor versioning is deemed to be critical to this ballot, I'd
suggest that the author withdraw it and propose formal rules about how
version numbers are assigned prior to reintroducing this ballot.

- Wayne

On Tue, Aug 27, 2019 at 5:58 AM Ryan Sleevi via Servercert-wg <
servercert-wg at cabforum.org> wrote:

>
>
> On Tue, Aug 27, 2019 at 3:42 AM Dimitris Zacharopoulos (HARICA) <
> dzacharo at harica.gr> wrote:
>
>> Dimitris: I'm wanting to make sure I understand your latest objection.
>> You believe it is important to object to an attempt which can help CA
>> understanding and compliance, because the numbers are not sequential, and
>> because sequential numbers - which have to date harmed CA understanding and
>> compliance - are how we've always done it, right?
>>
>>
>> Not at all. If we want to signal a "significant change" to CAs and the
>> ecosystem, all I'm saying is that we need to discuss what is the proper way
>> to do that. Is it a "bump" in the version number? Is it a blog on our
>> public web site? Is it both? Other ideas?
>>
>
> That is, in fact, an objection. You've just changed the objection from
> sequentiality to not having been consulted, except this is exactly what the
> Ballot process is intended for. If the suggestion now is earnest efforts to
> solve well-understood problems with Ballots are somehow problematic, not
> because the change itself is problematic, but because there wasn't some
> pre-Ballot discussion - and perhaps the formation of a Pre-Ballot
> Committee, and perhaps a subcommittee to explore the formation of a
> Pre-Ballot Committee, etc.
>
> Again, I know these are very direct statements, but I'm trying to cut to
> the core and highlight that the amount of discussion here is entirely
> disproportionate, and the reasons, while continually shifting, basically
> boil down to that.
>
>
>> My impression (and I don't know this for a fact) is that every change in
>> the Guidelines is "significant enough" for CAs to pay attention. Perhaps
>> this is why the numbers were sequential. Again, I would defer to the
>> previous Chairs to clarify.
>>
>
> This is hardly the case and hardly supported by any data. This was the
> exact motivation for skipping sequential numbers in the past.
>
>
>> I'm sorry for not phrasing it correctly. This is clearly not what I
>> wanted to convey so let me try again. When we have an existing unspecified
>> practice in place (like the fact that the Chair adds a version number,
>> updates the two tables and adds a table of contents), which has not been
>> objected to for years, this is not a reason to consider it wrong, malicious
>> or something that produces harm.
>>
>
> This is, unfortunately, again advocating that we should treat as canon
> everything the Chair does, despite any support.
>
> I'm fully supportive of following existing practices, and I'm fully
> supportive that changes in practices should be accompanied with a Ballot.
> Just as it would be unconscionable for the Chair to begin making up their
> own interpretations and imposing this on the Forum - something a previous
> Chair was in the habit of - it should be unconscionable to suggest we
> cannot or should not Ballot things which, while they may differ from
> existing practice, are attempts at doing the right thing.
>
> Like, we can't insist the status quo, or kick it off to endless
> discussions, when there are real problems we need to solve. If that's the
> approach the Forum wants to take to addressing the security issues, perhaps
> we should disband the Forum, because that's highly ineffective.
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> http://cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20190830/9d11941b/attachment-0001.html>


More information about the Servercert-wg mailing list