[Servercert-wg] Proposed Revision of SCWG Charter

Ben Wilson bwilson at mozilla.com
Thu Sep 28 18:40:15 UTC 2023


Here is another revision based on comments received today -
https://github.com/cabforum/forum/blob/BenWilson-SCWG-charter-1.3/SCWG-charter.md,
which currently reads in relevant parts:

*3. (b) Certificate Consumer:* The Certificate Consumer voting class shall
consist of eligible organizations meeting the following criteria:

(1) it produces a software product intended for use by the general public
for browsing the Web securely;

(2) it provides updates for its membership-qualifying software product at
least every 6 months to ensure that customers of the Certificate Consumer
are getting regular security patches;

(3) it has public documentation stating that it requires Certificate
Issuers to comply with the TLS Baseline Requirements;

(4) its membership-qualifying software product uses a list of CA
certificates to validate the chain of trust from a TLS certificate to a CA
certificate in such list;

(5) it publishes the list of CA certificates used to validate the chain of
trust from a TLS certificate to a CA certificate in such list; *and*

(6) it publishes how it adds or removes a CA certificate from such list.

...

*4. (c)* Applicants that qualify as Certificate Consumers must supply the
following additional information:

   -

   URL from which to download its software product intended for use by the
   general public for browsing the Web securely;
   -

   URL or other evidence demonstrating that it provides updates for its
   membership-qualifying software product at least every 6 months;
   -

   URL to its statement requiring Certificate Issuer compliance with the
   TLS Baseline Requirements;
   -

   URL for its list of CA certificates that its membership-qualifying
   software product uses to validate the chain of trust from a TLS certificate
   to a CA certificate in such list; and
   -

   URL or other evidence explaining its process for adding or removing a CA
   certificate from such list.

...

*5. (a) Certificate Consumer:* A Certificate Consumer Member is suspended,
and its right to vote automatically ceases, if any of the following become
true:

   -

   six (6) months have elapsed since it last updated its
   membership-qualifying software product;
   -

   it ceases to require that Certificate Issuers comply with the TLS
   Baseline Requirements;
   -

   its membership-qualifying software product ceases to use a list of CA
   certificates to validate the chain of trust from a TLS certificate to a CA
   certificate in such list;
   -

   it ceases to publish such list of CA certificates used to validate the
   chain of trust; *or*
   -

   it ceases to publish how it adds or removes a CA certificate from such
   list.


I'm open to comments and suggestions.

Thanks,

Ben

On Tue, Sep 26, 2023 at 6:00 PM Aaron Gable <aaron at letsencrypt.org> wrote:

> Totally understood regarding CT Logs. It's something I think we should
> pursue, but perhaps not on this timeline.
>
> I would prefer that Certificate Consumers be required to "maintain" a list
> of CA certificates. This maintenance can be as simple as copying some other
> Root Program's list of trusted certificates. But I think it's helpful to
> have a requirement that Certificate Consumers actively decide whether to
> include individual certificates, or whether to take updates from their
> upstream trust store, on an ongoing basis.
>
> Aaron
>
> On Mon, Sep 25, 2023 at 4:35 PM Ben Wilson <bwilson at mozilla.com> wrote:
>
>> Thanks, Martijn and Aaron,
>>
>> Aaron, I don't think I can add a CT-support requirement for Certificate
>> Consumers at this time, although we can take the issue up for further
>> conversation.
>>
>> Martijn, So that the duration of the probationary period is kept to six
>> months, it might be better to eliminate the F2F attendance requirement. If
>> we keep it, then a probationary member might have to wait until the next
>> F2F (but certainly not a year).  How do people feel about this?
>>
>> Also, I have received feedback regarding whether a Certificate Consumer
>> should be required to "maintain" a full list of CAs. (I think I didn't have
>> the term "maintain" in the GitHub draft of the charter, so I'm thinking
>> that we might eliminate the term from the proposal.) Similarly, I'm
>> concerned that a requirement to publish "how a CA can apply for
>> inclusion in its root store" might make it less likely for a ballot to
>> pass. So, instead of "maintaining" a (full) list, what if we left it just,
>> "(4) its membership-qualifying software product uses a list of CA
>> certificates to validate the chain of trust from a TLS certificate to a CA
>> certificate in such list"?  What are everyone's thoughts on this?
>>
>> Thanks,
>>
>> Ben
>>
>> On Thu, Sep 14, 2023 at 9:23 AM Aaron Gable <aaron at letsencrypt.org>
>> wrote:
>>
>>> Hi all,
>>>
>>> I have a very different proposal for a Certificate Consumer membership
>>> criterion. I have no objection to any of the currently-proposed criteria;
>>> this could easily be in addition to them. What if we added:
>>>
>>> > (c) Applicants that qualify as Certificate Consumers must supply the
>>> following additional information:
>>> > - URL for its list of CA certificates that its membership-qualifying
>>> software product uses to validate the chain of trust from a TLS certificate
>>> to a CA certificate in such list; and
>>> > *- URL for the Certificate Transparency log which it operates within
>>> <uptime and latency constraints> and which accepts all submissions for TLS
>>> certificates which chain up to any CA certificate in the list above*;
>>> and
>>>
>>> Frankly, the Certificate Transparency ecosystem is in peril at the
>>> moment. With the recent shutdown of Sectigo's Mammoth
>>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/Ebj2hhe5QYA/m/Cl7IW33UAgAJ>
>>> log and retirement of DigiCert's Yeti
>>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/PVbs0ZMVeCI/m/Hf8kwuuAAQAJ>
>>> and Nessie
>>> <https://groups.google.com/a/chromium.org/g/ct-policy/c/MXLJFHdHdFo>
>>> logs, the already-tiny handful of organizations
>>> <https://googlechrome.github.io/CertificateTransparency/log_list.html> operating
>>> usable CT logs is feeling even smaller. So what if Certificate Consumers --
>>> the organizations which benefit most from a diverse and robust ecosystem of
>>> CT logs -- were required to bring their own to the table? Running a CT log
>>> is clearly non-trivial, so such a requirement would effectively demonstrate
>>> that potential Certificate Consumer members are serious about operating for
>>> the good of the ecosystem in the long term.
>>>
>>> Thanks,
>>> Aaron
>>>
>>> On Fri, Sep 1, 2023 at 1:42 AM Martijn Katerbarg via Servercert-wg <
>>> servercert-wg at cabforum.org> wrote:
>>>
>>>> Ben,
>>>>
>>>>
>>>>
>>>> This seems like a good option. I’d say maybe we need to increase the 6
>>>> months period to 12, otherwise within a 6 months period there may only be 1
>>>> F2F. Requiring attendance (remote or in-person) if there’s only 1 F2F in
>>>> the time-span, could be hard if there’s a case of bad timing.
>>>>
>>>>
>>>>
>>>> Additionally, I’d like to request the addition of an additional
>>>> criteria (although it’s related to the “publish how it decides to add or
>>>> remove a CA certificate from its list.” item. I’d like to request we add a
>>>> requirement to:
>>>>
>>>>
>>>>
>>>>    - Publish how a CA can apply for inclusion in its root store
>>>>
>>>>
>>>>
>>>> With this addition, I’d be happy to endorse
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Martijn
>>>>
>>>>
>>>>
>>>> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf
>>>> Of *Ben Wilson via Servercert-wg
>>>> *Sent:* Thursday, 31 August 2023 00:50
>>>> *To:* CA/B Forum Server Certificate WG Public Discussion List <
>>>> servercert-wg at cabforum.org>
>>>> *Subject:* [Servercert-wg] Proposed Revision of SCWG Charter
>>>>
>>>>
>>>>
>>>> CAUTION: This email originated from outside of the organization. Do not
>>>> click links or open attachments unless you recognize the sender and know
>>>> the content is safe.
>>>>
>>>>
>>>>
>>>> All,
>>>>
>>>>
>>>>
>>>> Thanks for your suggestions and recommendations. I think we are much
>>>> closer to an acceptable revision of the Server Certificate Working Group
>>>> Charter. Here is the current draft:
>>>> https://github.com/cabforum/forum/blob/BenWilson-SCWG-charter-1.3/SCWG-charter.md
>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fforum%2Fblob%2FBenWilson-SCWG-charter-1.3%2FSCWG-charter.md&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326178847047%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=v5YGnqCdwBXA4fa4h%2FMaUTSLaGOOXxUdcP5mwUYbRRA%3D&reserved=0>
>>>>
>>>>
>>>>
>>>> We have decided that a participation/attendance requirement for ongoing
>>>> membership is currently too complicated to manage, but we believe it is
>>>> important that there be a probationary period of six months during which
>>>> all new CABF-voting applicants must attend at least 30% of the
>>>> teleconferences and at least the SCWG portion of one F2F (virtually or
>>>> in-person). See section 4(d) in the draft cited above. We believe that with
>>>> this limited scope, we can and should measure attendance to ensure that
>>>> prospective members are serious about participating in the Forum.
>>>>
>>>>
>>>>
>>>> We no longer seek to require that a Certificate Consumer have any
>>>> particular size or user base (or that they meet other criteria that were
>>>> floated in recent emails).  Those criteria were also currently too
>>>> complicated. However, in addition to those Certificate Consumer
>>>> requirements that are in the existing charter, we want a Certificate
>>>> Consumer to:
>>>>
>>>>    - have public documentation stating that it requires Certificate
>>>>    Issuers to comply with the TLS Baseline Requirements;
>>>>    - maintain a list of CA certificates used to validate the chain of
>>>>    trust from a TLS certificate to a CA certificate in such list; and
>>>>    - publish how it decides to add or remove a CA certificate from its
>>>>    list.
>>>>
>>>> I am looking for two endorsers of a FORUM ballot, so if the
>>>> above-referenced draft is generally acceptable, please contact me, and we
>>>> can work out any remaining details.
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>
>>>> Ben
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Jul 25, 2023 at 11:07 PM Roman Fischer via Servercert-wg <
>>>> servercert-wg at cabforum.org> wrote:
>>>>
>>>> Dear Ben,
>>>>
>>>>
>>>>
>>>> I like your two new suggestions as they offer more lightweight
>>>> mechanisms.
>>>>
>>>>
>>>>
>>>> One other idea (completely ad hoc and not really thought through) would
>>>> be to change the charter to allow suspension of members from the SCWG by
>>>> ballot. That way a ballot could be proposed, discussed, endorsed and voted
>>>> on. And since the state of “suspended membership” is well defined
>>>> (including the way back to full membership), this might offer the “accused”
>>>> member enough possibility to counter the “allegations” made in the ballot.
>>>> It would also make transparent who wants to suspend whom for what reasons…
>>>>
>>>>
>>>>
>>>> Kind regards
>>>> Roman
>>>>
>>>>
>>>>
>>>> *From:* Ben Wilson <bwilson at mozilla.com>
>>>> *Sent:* Dienstag, 25. Juli 2023 17:40
>>>> *To:* Roman Fischer <roman.fischer at swisssign.com>
>>>> *Cc:* CA/B Forum Server Certificate WG Public Discussion List <
>>>> servercert-wg at cabforum.org>
>>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
>>>> Charter
>>>>
>>>>
>>>>
>>>> Thanks for your insights, Roman.
>>>>
>>>>
>>>>
>>>> I'm not yet convinced that the attendance approach would not be
>>>> effective. Nevertheless, here are some other potential alternatives to
>>>> discuss:
>>>>
>>>>
>>>>
>>>> 1 - require that a Certificate Consumer have a certain size userbase,
>>>> or alternatively, that they be a Root Store member of the Common CA
>>>> Database <https://www.ccadb.org/rootstores/how>, or
>>>>
>>>> 2 - require that a Certificate Consumer pay a membership fee to the
>>>> CA/Browser Forum.
>>>>
>>>>
>>>>
>>>> Does anyone have any other ideas, proposals, or suggestions that we can
>>>> discuss?
>>>>
>>>>
>>>>
>>>> The approaches listed above would be in addition to the following other
>>>> requirements already proposed:
>>>>
>>>>
>>>>
>>>> The Certificate Consumer has public documentation stating that it
>>>> requires Certification Authorities to comply with the CA/Browser Forum’s
>>>> Baseline Requirements for the issuance and maintenance of TLS server
>>>> certificates; its membership-qualifying software product uses a list of CA
>>>> certificates to validate the chain of trust from a TLS certificate to a CA
>>>> certificate in such list; and it publishes how it decides to add or remove
>>>> a CA certificate from the root store used in its membership-qualifying
>>>> software product.
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>
>>>> Ben
>>>>
>>>>
>>>>
>>>> On Mon, Jul 24, 2023 at 10:48 PM Roman Fischer <
>>>> roman.fischer at swisssign.com> wrote:
>>>>
>>>> Dear Ben,
>>>>
>>>>
>>>>
>>>> As stated before, I’m against minimal attendance (or even participation
>>>> – however you would measure that, numbers of words spoken or written?)
>>>> requirements. I’ve seen in university, in private associations, policitcs…
>>>> that this simply doesn’t solve the problem. I totally agree with Tim: It
>>>> will create administrative overhead and not solve the problem.
>>>>
>>>>
>>>>
>>>> IMHO non-particpants taking part in the democratic process (i.e.
>>>> voting) is just something we have to accept and factor in. It’s one end of
>>>> the extreme spectrum. There might be over-active participants that
>>>> overwhelm the group by pushing their own agenda… If we have minimum
>>>> participation requirements, then we maybe should also have maximum
>>>> participation rules? 😉
>>>>
>>>>
>>>>
>>>> Rgds
>>>> Roman
>>>>
>>>>
>>>>
>>>> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf
>>>> Of *Ben Wilson via Servercert-wg
>>>> *Sent:* Montag, 24. Juli 2023 21:40
>>>> *To:* Tim Hollebeek <tim.hollebeek at digicert.com>; CA/B Forum Server
>>>> Certificate WG Public Discussion List <servercert-wg at cabforum.org>
>>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
>>>> Charter
>>>>
>>>>
>>>>
>>>> Tim,
>>>>
>>>> One problem we're trying to address is the potential for a great number
>>>> of “submarine voters”.  Such members may remain inactive for extended
>>>> periods of time and then surface only to vote for or against something they
>>>> suddenly are urged to support or oppose, without being aware of the
>>>> issues.  This will skew and damage the decision-making process.
>>>>
>>>> Another problem, that I don't think has been mentioned before, is the
>>>> reliability of the CA/Browser Forum to adopt well-informed standards going
>>>> forward.  In other words, if something like I suggest happens, then I can
>>>> see Certificate Consumers leaving the Forum and unilaterally setting very
>>>> separate and distinct rules. This will result in fragmentation,
>>>> inconsistency, and much more management overhead for CAs than the effort
>>>> needed to keep track of attendance, which is already being done by the
>>>> Forum.  (If you'd like, I can share with everyone the list of members who
>>>> have not voted or attended meetings in over two years.)
>>>>
>>>> Ben
>>>>
>>>>
>>>>
>>>> On Mon, Jul 24, 2023 at 11:41 AM Tim Hollebeek <
>>>> tim.hollebeek at digicert.com> wrote:
>>>>
>>>> What is your argument in response to the point that any potential bad
>>>> actors will be trivially able to satisfy the participation metrics?
>>>>
>>>>
>>>>
>>>> I’m very worried we’ll end up doing a lot of management and tracking
>>>> work, without actually solving the problem.
>>>>
>>>>
>>>>
>>>> -Tim
>>>>
>>>>
>>>>
>>>> *From:* Ben Wilson <bwilson at mozilla.com>
>>>> *Sent:* Monday, July 24, 2023 10:21 AM
>>>> *To:* Ben Wilson <bwilson at mozilla.com>; CA/B Forum Server Certificate
>>>> WG Public Discussion List <servercert-wg at cabforum.org>
>>>> *Cc:* Tim Hollebeek <tim.hollebeek at digicert.com>
>>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
>>>> Charter
>>>>
>>>>
>>>>
>>>> All,
>>>>
>>>> I have thought a lot about this, including various other formulas (e.g.
>>>> market share) to come up with something reasonable, but I've come back to
>>>> attendance as the key metric that we need to focus on. I just think that an
>>>> attendance metric provides the only workable, measurable, and sound
>>>> solution for determining the right to vote as a Certificate Consumer
>>>> because it offers the following three elements:
>>>>
>>>>    - Informed Decision-Making: Voting requires a comprehensive
>>>>    understanding of ongoing discussions and developments. Regular attendance
>>>>    provides members with the necessary context and knowledge to make
>>>>    well-informed decisions.
>>>>    - Commitment: Attendance is a tangible and measurable
>>>>    representation of a member's commitment to the Server Certificate WG and
>>>>    its objectives. It demonstrates a genuine interest in contributing to the
>>>>    development and improvement of the requirements.
>>>>    - Active Involvement: By prioritizing attendance, we encourage
>>>>    active involvement and discourage passive membership. Voting rights should
>>>>    be earned through consistent engagement, as this ensures that decisions are
>>>>    made by those who are genuinely invested in the outcomes.
>>>>
>>>> At this point, I'm going to re-draft a proposal for a revision to the
>>>> Server Certificate WG Charter and present it on the public list (because an
>>>> eventual revision of the Charter will have to take place at the Forum
>>>> level).
>>>>
>>>> Thanks,
>>>>
>>>> Ben
>>>>
>>>>
>>>>
>>>> On Thu, Jul 13, 2023 at 9:45 AM Ben Wilson via Servercert-wg <
>>>> servercert-wg at cabforum.org> wrote:
>>>>
>>>> Thanks, Tim.
>>>>
>>>>
>>>>
>>>> All,
>>>>
>>>>
>>>>
>>>> I will look closer at the distribution and use of software for browsing
>>>> the internet securely, instead of participation metrics. There is at least
>>>> one source, StatCounter (
>>>> https://gs.statcounter.com/browser-market-share
>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgs.statcounter.com%2Fbrowser-market-share&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ydD0D6sfKEJ6o2wTujCNQ%2BdatbbJCovHalOjQM9heHA%3D&reserved=0>),
>>>> that purports to measure use of browsing software, both globally and
>>>> regionally. Would it be worthwhile to explore distribution by region and
>>>> come up with a reasonable threshold?  Can we rely on StatCounter, or should
>>>> we look elsewhere?
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>
>>>> Ben
>>>>
>>>>
>>>>
>>>> On Wed, Jul 12, 2023 at 9:30 AM Tim Hollebeek via Servercert-wg <
>>>> servercert-wg at cabforum.org> wrote:
>>>>
>>>> I have a meaningful comment.
>>>>
>>>>
>>>>
>>>> I don’t want to ever have to discuss or judge whether someone’s comment
>>>> is “meaningful” or not, and I don’t think incentivizing people to post more
>>>> comments than they otherwise would is helpful.
>>>>
>>>>
>>>>
>>>> I also think getting the chairs involved in any way in discussing
>>>> whether a member representative did or did not have a medical condition
>>>> during a particular time period is an extremely bad idea.
>>>>
>>>>
>>>>
>>>> Given that the original issue was trying to determine whether a
>>>> certificate consumer is in fact a legitimate player in the ecosystem or
>>>> not, I would suggest that exploring metrics like market share might be far
>>>> more useful.  Metrics like participation are rather intrusive and onerous,
>>>> except to those who are trying to game them, and those trying to game such
>>>> metrics will succeed with little or no effort.
>>>>
>>>>
>>>>
>>>> -Tim
>>>>
>>>>
>>>>
>>>> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf
>>>> Of *Roman Fischer via Servercert-wg
>>>> *Sent:* Wednesday, July 12, 2023 7:23 AM
>>>> *To:* CA/B Forum Server Certificate WG Public Discussion List <
>>>> servercert-wg at cabforum.org>
>>>> *Subject:* Re: [Servercert-wg] Participation Proposal for Revised SCWG
>>>> Charter
>>>>
>>>>
>>>>
>>>> Dear Ben,
>>>>
>>>>
>>>>
>>>> Mandatory participation has in my experience never resulted in more or
>>>> better discussions. People will dial into the telco and let it run in the
>>>> background to “earn the credits”.
>>>>
>>>>
>>>>
>>>> Also, what would happen after the 90 day suspension? Would the
>>>> organization be removed as a CA/B member?
>>>>
>>>>
>>>>
>>>> Rgds
>>>> Roman
>>>>
>>>>
>>>>
>>>> *From:* Servercert-wg <servercert-wg-bounces at cabforum.org> *On Behalf
>>>> Of *Ben Wilson via Servercert-wg
>>>> *Sent:* Freitag, 7. Juli 2023 21:59
>>>> *To:* CA/B Forum Server Certificate WG Public Discussion List <
>>>> servercert-wg at cabforum.org>
>>>> *Subject:* [Servercert-wg] Participation Proposal for Revised SCWG
>>>> Charter
>>>>
>>>>
>>>>
>>>> All,
>>>>
>>>>
>>>>
>>>> Here is a draft participation proposal for the SCWG to consider and
>>>> discuss for inclusion in a revised SCWG Charter.
>>>>
>>>>
>>>>
>>>> #.  Participation Requirements to Maintain Voting Privileges
>>>>
>>>>
>>>>
>>>> (a) Attendance.  The privilege to vote “Yes” or “No” on ballots is
>>>> suspended for 90 days if a Voting Member fails to meet the following
>>>> attendance requirement over any 365-day period:
>>>>
>>>>    - 10% of SCWG meetings for Voting Members located in time zones
>>>>    offset by UTC +5 through UTC +12
>>>>    - 30% of SCWG meetings for Voting Members located in all other time
>>>>    zones
>>>>
>>>> (b) Meaningful Comments.  Posting a Meaningful Comment is an
>>>> alternative means of meeting the attendance requirement in subsection (a).
>>>> A Voting Member can earn an attendance credit to make up for each missed
>>>> meeting by posting a Meaningful Comment to the SCWG Public Mail List. Each
>>>> Meaningful Comment is equal to attending one (1) meeting.
>>>>
>>>>
>>>>
>>>> A Meaningful Comment is one that follows the Code of Conduct and
>>>> provides relevant information to the SCWG, such as new information, an
>>>> insight, suggestion, or perspective related to the Scope of the SCWG, or
>>>> that proposes an improvement to the TLS Baseline Requirements or EV
>>>> Guidelines. It can also be something that responds to or builds on the
>>>> comments of others in a meaningful way, or that offers feedback,
>>>> suggestions, or solutions to the issues or challenges raised by the topic
>>>> of discussion.
>>>>
>>>>
>>>>
>>>> A Meaningful Comment should be both relevant (within the Scope of the
>>>> SCWG or related to the discussion that is taking place on the mailing
>>>> list) and well-supported (clear reasons why the Voting Representative
>>>> believes what they believe and supported by facts, data, or other
>>>> information.)
>>>>
>>>>
>>>>
>>>> (c) A Voting Member that has failed to meet the attendance requirement
>>>> in subsection (a) above is considered an "Inactive Member".  Any Member who
>>>> believes that any other Member is an Inactive Member may report that Member
>>>> on the Forum's Management List by providing specific information about that
>>>> Member's non-participation, and the SCWG Chair shall send written
>>>> notice to the Inactive Member by email within seven (7) calendar days. The
>>>> notice will include a reminder of the requirement to participate and inform
>>>> the Inactive Member of the consequences of not participating.
>>>>
>>>>
>>>>
>>>> (d) Suspension of Voting Privileges. The Inactive Member's privilege to
>>>> vote “Yes” or “No” on any ballot shall be temporarily suspended for a
>>>> period of 90 days from the date of the notice. During the suspension
>>>> period, the Inactive Member may vote “Abstain” on ballots.
>>>>
>>>>
>>>>
>>>> (e) Restoration of Voting Privilege. Voting privileges will be
>>>> automatically restored to the Inactive Member upon attending three
>>>> consecutive meetings. The restoration of voting privileges will be
>>>> effective on the next ballot that enters the voting period after the
>>>> Inactive Member meets the reactivation criteria.
>>>>
>>>>
>>>>
>>>> (f) Exceptional Circumstances. In cases where an Inactive Member can
>>>> demonstrate justifiable reasons for their inability to participate, such as
>>>> medical conditions or other extenuating circumstances affecting their
>>>> Voting Representative(s), the SCWG Chair may review and consider
>>>> reinstating voting privileges on a case-by-case basis.
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>
>>>> Ben
>>>>
>>>> _______________________________________________
>>>> Servercert-wg mailing list
>>>> Servercert-wg at cabforum.org
>>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0>
>>>>
>>>> _______________________________________________
>>>> Servercert-wg mailing list
>>>> Servercert-wg at cabforum.org
>>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0>
>>>>
>>>> _______________________________________________
>>>> Servercert-wg mailing list
>>>> Servercert-wg at cabforum.org
>>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C8b9a53bc77c6445114a808dba9ab7821%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638290326179003260%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mtCK0NJkw5hpj930sutPJm39JGzqRirYiQH7YIL2XEo%3D&reserved=0>
>>>>
>>>> _______________________________________________
>>>> Servercert-wg mailing list
>>>> Servercert-wg at cabforum.org
>>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>>
>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20230928/e4a7aa5b/attachment-0001.html>


More information about the Servercert-wg mailing list