[Servercert-wg] Participation Proposal for Revised SCWG Charter
Ben Wilson
bwilson at mozilla.com
Mon Jul 24 19:39:05 UTC 2023
Tim,
One problem we're trying to address is the potential for a great number of
“submarine voters”. Such members may remain inactive for extended periods
of time and then surface only to vote for or against something they
suddenly are urged to support or oppose, without being aware of the issues.
This will skew and damage the decision-making process.
Another problem, that I don't think has been mentioned before, is the
reliability of the CA/Browser Forum to adopt well-informed standards going
forward. In other words, if something like I suggest happens, then I can
see Certificate Consumers leaving the Forum and unilaterally setting very
separate and distinct rules. This will result in fragmentation,
inconsistency, and much more management overhead for CAs than the effort
needed to keep track of attendance, which is already being done by the
Forum. (If you'd like, I can share with everyone the list of members who
have not voted or attended meetings in over two years.)
Ben
On Mon, Jul 24, 2023 at 11:41 AM Tim Hollebeek <tim.hollebeek at digicert.com>
wrote:
> What is your argument in response to the point that any potential bad
> actors will be trivially able to satisfy the participation metrics?
>
>
>
> I’m very worried we’ll end up doing a lot of management and tracking work,
> without actually solving the problem.
>
>
>
> -Tim
>
>
>
> *From:* Ben Wilson <bwilson at mozilla.com>
> *Sent:* Monday, July 24, 2023 10:21 AM
> *To:* Ben Wilson <bwilson at mozilla.com>; CA/B Forum Server Certificate WG
> Public Discussion List <servercert-wg at cabforum.org>
> *Cc:* Tim Hollebeek <tim.hollebeek at digicert.com>
> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
> Charter
>
>
>
> All,
>
> I have thought a lot about this, including various other formulas (e.g.
> market share) to come up with something reasonable, but I've come back to
> attendance as the key metric that we need to focus on. I just think that an
> attendance metric provides the only workable, measurable, and sound
> solution for determining the right to vote as a Certificate Consumer
> because it offers the following three elements:
>
> - Informed Decision-Making: Voting requires a comprehensive
> understanding of ongoing discussions and developments. Regular attendance
> provides members with the necessary context and knowledge to make
> well-informed decisions.
> - Commitment: Attendance is a tangible and measurable representation
> of a member's commitment to the Server Certificate WG and its objectives.
> It demonstrates a genuine interest in contributing to the development and
> improvement of the requirements.
> - Active Involvement: By prioritizing attendance, we encourage active
> involvement and discourage passive membership. Voting rights should be
> earned through consistent engagement, as this ensures that decisions are
> made by those who are genuinely invested in the outcomes.
>
> At this point, I'm going to re-draft a proposal for a revision to the
> Server Certificate WG Charter and present it on the public list (because an
> eventual revision of the Charter will have to take place at the Forum
> level).
>
> Thanks,
>
> Ben
>
>
>
> On Thu, Jul 13, 2023 at 9:45 AM Ben Wilson via Servercert-wg <
> servercert-wg at cabforum.org> wrote:
>
> Thanks, Tim.
>
>
>
> All,
>
>
>
> I will look closer at the distribution and use of software for browsing
> the internet securely, instead of participation metrics. There is at least
> one source, StatCounter (https://gs.statcounter.com/browser-market-share),
> that purports to measure use of browsing software, both globally and
> regionally. Would it be worthwhile to explore distribution by region and
> come up with a reasonable threshold? Can we rely on StatCounter, or should
> we look elsewhere?
>
>
>
> Thanks,
>
>
>
> Ben
>
>
>
> On Wed, Jul 12, 2023 at 9:30 AM Tim Hollebeek via Servercert-wg <
> servercert-wg at cabforum.org> wrote:
>
> I have a meaningful comment.
>
>
>
> I don’t want to ever have to discuss or judge whether someone’s comment is
> “meaningful” or not, and I don’t think incentivizing people to post more
> comments than they otherwise would is helpful.
>
>
>
> I also think getting the chairs involved in any way in discussing whether
> a member representative did or did not have a medical condition during a
> particular time period is an extremely bad idea.
>
>
>
> Given that the original issue was trying to determine whether a
> certificate consumer is in fact a legitimate player in the ecosystem or
> not, I would suggest that exploring metrics like market share might be far
> more useful. Metrics like participation are rather intrusive and onerous,
> except to those who are trying to game them, and those trying to game such
> metrics will succeed with little or no effort.
>
>
>
> -Tim
>
>
>
> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf Of *Roman
> Fischer via Servercert-wg
> *Sent:* Wednesday, July 12, 2023 7:23 AM
> *To:* CA/B Forum Server Certificate WG Public Discussion List <
> servercert-wg at cabforum.org>
> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
> Charter
>
>
>
> Dear Ben,
>
>
>
> Mandatory participation has in my experience never resulted in more or
> better discussions. People will dial into the telco and let it run in the
> background to “earn the credits”.
>
>
>
> Also, what would happen after the 90 day suspension? Would the
> organization be removed as a CA/B member?
>
>
>
> Rgds
> Roman
>
>
>
> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf Of *Ben
> Wilson via Servercert-wg
> *Sent:* Freitag, 7. Juli 2023 21:59
> *To:* CA/B Forum Server Certificate WG Public Discussion List <
> servercert-wg at cabforum.org>
> *Subject:* [Servercert-wg] Participation Proposal for Revised SCWG Charter
>
>
>
> All,
>
>
>
> Here is a draft participation proposal for the SCWG to consider and
> discuss for inclusion in a revised SCWG Charter.
>
>
>
> #. Participation Requirements to Maintain Voting Privileges
>
>
>
> (a) Attendance. The privilege to vote “Yes” or “No” on ballots is
> suspended for 90 days if a Voting Member fails to meet the following
> attendance requirement over any 365-day period:
>
> - 10% of SCWG meetings for Voting Members located in time zones offset
> by UTC +5 through UTC +12
> - 30% of SCWG meetings for Voting Members located in all other time
> zones
>
> (b) Meaningful Comments. Posting a Meaningful Comment is an alternative
> means of meeting the attendance requirement in subsection (a). A Voting
> Member can earn an attendance credit to make up for each missed meeting by
> posting a Meaningful Comment to the SCWG Public Mail List. Each Meaningful
> Comment is equal to attending one (1) meeting.
>
>
>
> A Meaningful Comment is one that follows the Code of Conduct and provides
> relevant information to the SCWG, such as new information, an insight,
> suggestion, or perspective related to the Scope of the SCWG, or that
> proposes an improvement to the TLS Baseline Requirements or EV Guidelines.
> It can also be something that responds to or builds on the comments of
> others in a meaningful way, or that offers feedback, suggestions, or
> solutions to the issues or challenges raised by the topic of discussion.
>
>
>
> A Meaningful Comment should be both relevant (within the Scope of the
> SCWG or related to the discussion that is taking place on the mailing
> list) and well-supported (clear reasons why the Voting Representative
> believes what they believe and supported by facts, data, or other
> information.)
>
>
>
> (c) A Voting Member that has failed to meet the attendance requirement in
> subsection (a) above is considered an "Inactive Member". Any Member who
> believes that any other Member is an Inactive Member may report that Member
> on the Forum's Management List by providing specific information about that
> Member's non-participation, and the SCWG Chair shall send written notice
> to the Inactive Member by email within seven (7) calendar days. The notice
> will include a reminder of the requirement to participate and inform the
> Inactive Member of the consequences of not participating.
>
>
>
> (d) Suspension of Voting Privileges. The Inactive Member's privilege to
> vote “Yes” or “No” on any ballot shall be temporarily suspended for a
> period of 90 days from the date of the notice. During the suspension
> period, the Inactive Member may vote “Abstain” on ballots.
>
>
>
> (e) Restoration of Voting Privilege. Voting privileges will be
> automatically restored to the Inactive Member upon attending three
> consecutive meetings. The restoration of voting privileges will be
> effective on the next ballot that enters the voting period after the
> Inactive Member meets the reactivation criteria.
>
>
>
> (f) Exceptional Circumstances. In cases where an Inactive Member can
> demonstrate justifiable reasons for their inability to participate, such as
> medical conditions or other extenuating circumstances affecting their
> Voting Representative(s), the SCWG Chair may review and consider
> reinstating voting privileges on a case-by-case basis.
>
>
>
> Thanks,
>
>
>
> Ben
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20230724/6a302ea3/attachment-0001.html>
More information about the Servercert-wg
mailing list