[Servercert-wg] Identity in browser UIs

Kirk Hall Kirk.Hall at entrustdatacard.com
Thu Nov 7 00:15:07 MST 2019 

Two quick responses – it’s not true that Bylaws represent what an organization did in the past – Bylaws are a living document specifying what the purposes of the organization are today.  A Bylaw doesn’t become inactive unless and until it is deleted.  This language was on the Forum’s website for years until 2012, when it was added to version 1 of the Forum’s current Bylaws..

Bylaw 1.1 Purpose of the Forum:



The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of leading Certificate Issuers (as defined in Section 2.1(a)(1) and (2) below) and vendors of Internet browser software and other applications that use certificates (Certificate Consumers, as defined in Section 2.1(a)(3) below).



Members of the CA/Browser Forum have worked closely together in defining the guidelines and means of implementation for best practices as a way of providing a heightened security for Internet transactions and creating a more intuitive method of displaying secure sites to Internet users.

Also, Ryan suggested that the Forum should not discuss “creating a more intuitive method of displaying secure sites to Internet users” but instead should move the discussion to the W3C.  Here are the membership fees for W3C.  Why should Forum members have to pay $25,000-$77,000 to talk about the browser UI in W3C when we can talk about it for free under Bylaw 1.1 in the Forum???

https://www.w3.org/Consortium/fees?countryCode=US&quarter=10-01&year=2019#results

Fee Table For United States
Organization Type in United States (HIC category<http://data.worldbank.org/country>)

Annual Fee for Memberships Starting 2019-10-01

For-profit organization that has annual gross revenue, as measured by the most recent audited statement, of greater than or equal to 1,000,000,000 USD.

77,000 USD

For-profit organization that has annual gross revenue, as measured by the most recent audited statement, of greater than or equal to 500,000,000 USD and less than 1,000,000,000 USD.

68,500 USD

Introductory Industry Membership<https://www.w3.org/2014/08/intromem>, available for two years to a for-profit organization that has annual gross revenue, as measured by the most recent audited statement, of greater than or equal to 50,000,000 USD. Participation limited to one Interest Group

34,250 USD

For-profit organization that has annual gross revenue, as measured by the most recent audited statement, of greater than or equal to 50,000,000 USD and less than 500,000,000 USD.

25,000 USD

All other organizations, including non-profit organizations and government agencies.

7,900 USD

Enterprises and non-profits with 10 or fewer employees, with revenues below 3,000,000 USD, who have not been W3C Members in the previous two years. This fee is not applicable to membership organizations<https://www.w3.org/Consortium/Process/#MemberConsortia> generally, but is available to non-profit organizations of individual members. This fee applies for the first two years of W3C Membership.

2,250 USD



From: Servercert-wg <servercert-wg-bounces at cabforum.org> On Behalf Of Scott Rea via Servercert-wg
Sent: Thursday, November 7, 2019 2:36 PM
To: CA/B Forum Server Certificate WG Public Discussion List <servercert-wg at cabforum.org>
Subject: [EXTERNAL][Servercert-wg] Identity in browser UIs

WARNING: This email originated outside of Entrust Datacard.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.
________________________________
G’day Folks,

I listened to Chris’ presentation today at the CABF F2F 48. There are a couple of things I am not clear on…


  1.  What are the list of WG’s that Browsers are already participating in where Identity UI is being discussed? Can the participating Browsers please post a list of WG’s or forums they are participating in where this is discussed?
  2.  Secondary to the above, which of these are potentially open to CAs participating in them?
  3.  If CABF previously voted to stop work on coordinating Identity UIs, it would be good to understand the context for that decision – and I understand that potentially Ryan may be able to provide the documentation for this.
  4.  In respect to the alleged decision from #3 above, or any decision the CABF has made in the past, is there some prohibition in our by-laws that stops us from ever discussing it in future?? If the membership wants to take a fresh look at this particular issue/opportunity, aren’t we free to do so?
  5.  If there are forums where this is being discussed today, wouldn’t it be more efficient to coalesce an Industry perspective in CABF and then send a representative to those forums to convey that perspective rather than waiting for individual players to show up piecemeal to provide their perspectives.

I don’t have the historical context of the decision to work on this issue or not work on it, but it certainly seems to be a hot topic of interest today, and I am wondering if there is support for this in the CABF, why we can’t proceed to seek to address this like any other issue we identify?

Regards,
-Scott


Scott Rea

Senior Vice President - Trust Services


[cid:image001.png at 01D5957D.491E49B0]<http://www.darkmatter.ae>

Level 15, Aldar HQ
Abu Dhabi, United Arab Emirates
T  +971 2 417 1417<tel:+971%202%20417%201417>
M +971 52 847 5093<tel:+971%2052%20847%205093>
E  Scott.Rea at darkmatter.ae<mailto:Scott.Rea at darkmatter.ae>

darkmatter.ae<http://darkmatter.ae>

[Linkedin]<https://www.linkedin.com/company/dark-matter-llc> [Twitter] <https://twitter.com/GuardedbyGenius>
 [Year of Tolerance] <http://>  [expo]



The information in this email is intended only for the person(s) or entity to whom it is addressed and may contain confidential or privileged information. If you receive this email by error, please notify us immediately, delete the original message and do not disclose the contents to any other person, use or store or copy the information in any medium and for whatever purpose. Any unauthorized use is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5249 bytes
Desc: image001.png
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 663 bytes
Desc: image002.png
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 803 bytes
Desc: image003.png
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 8060 bytes
Desc: image005.jpg
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.jpg
Type: image/jpeg
Size: 22669 bytes
Desc: image006.jpg
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20191107/0650251b/attachment-0003.jpg>

More information about the Servercert-wg mailing list