On Friday, October 28, 2016 at 11:06:26 AM UTC-7, Percy wrote: > Since I'm not familiar with CAB forum, does CAB forum has authority to compel > its members to protect its users?
No. The CA/Browser Forum is just a discussion group between CAs and Browsers to collaboratively develop a set of guidelines relevant to certificates, largely in order to reduce the odds of conflicts among various root store requirements, and to ensure there is a venue for discussing industry-wide concerns. It is not a legal entity. The bylaws are accepting of anyone who meets membership criteria (which means, conversely, there is not the ability to expel organizations), and the Forum itself has very strict rules regarding its activities to avoid Antitrust concerns (as per the Bylaws) _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
