Please review section 8 of the IPR policy with your legal counsel, Tim, particularly around what constitutes a "Contribution"
On Fri, Sep 14, 2018 at 4:52 PM Tim Hollebeek <tim.holleb...@digicert.com> wrote: > We have the protections in the IPR policy, because we have the IPR > policy. To be clear, the existence or absence of minutes does not in any > way affect the IPR policy, and there’s no text in the Bylaws or IPR policy > that suggests that it does. > > > > -Tim > > > > *From:* Public <public-boun...@cabforum.org> *On Behalf Of *Ryan Sleevi > via Public > *Sent:* Friday, September 14, 2018 4:41 PM > *To:* Virginia Fournier <vfourn...@apple.com>; CABFPub < > public@cabforum.org> > *Subject:* Re: [cabfpub] Public Digest, Vol 77, Issue 81 > > > > Virginia, > > > > I do not understand how that position is at all consistent with our bylaws > with respect to IP risk. If we have Subcommittees without the requirement > to maintain or produce minutes, how could we possibly hope to have the IP > protections afforded by our policy? > > > > On Fri, Sep 14, 2018 at 4:32 PM Virginia Fournier via Public < > public@cabforum.org> wrote: > > It would be great if the people who continually complain that the Bylaws > don’t contain x, or took away y, would actively participate in the process > to create new versions of the Bylaws. The version of the Bylaws creating > CWGs and their Subcommittees was developed over more than a year, with > ample time for review, comment, revision, rinse and repeat. > > > > The Bylaws say that "each CWG may establish any number of subcommittees > within its own Working Group to address any of such CWG’s business.” > However, there's nothing in the Bylaws that prohibits Subcommittees from > having their own mailing lists, minutes, chairs, etc. It looks like > Subcommittees have the flexibility to determine how to conduct their own > business within the CWG. > > > > If a CWG wants a Subcommittee to do something specific (like keep > minutes), they can specify that in the CWG charter. > > > > Best regards, > > > > Virginia Fournier > > Senior Standards Counsel > > Apple Inc. > > ☏ 669-227-9595 > > ✉︎ v...@apple.com > > > > > > > > On Sep 14, 2018, at 9:29 AM, public-requ...@cabforum.org wrote: > > > > Send Public mailing list submissions to > public@cabforum.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://cabforum.org/mailman/listinfo/public > or, via email, send a message with subject or body 'help' to > public-requ...@cabforum.org > > You can reach the person managing the list at > public-ow...@cabforum.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Public digest..." > > > Today's Topics: > > 1. Re: Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG (Ryan Sleevi) > 2. Re: Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG (Tim Hollebeek) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 14 Sep 2018 12:19:24 -0400 > From: Ryan Sleevi <sle...@google.com> > To: Tim Hollebeek <tim.holleb...@digicert.com> > Cc: CABFPub <public@cabforum.org> > Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG > Message-ID: > <cacvawvbodx1ec0bvxrnx7eik3tgb8efxeqv06j_qyzkt7cz...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Subcommittees don't have requirements for minutes or publicly-available > notes. > > That's the point. All this thinking about subcommittees working "just like" > LWGs is not the case. All of that was lost from the Bylaws. A subcommittee > can just be two people having a chat, at least as written in the Bylaws > today. > > There's nothing stating subcommittees work with their own mailing lists, > for example, in the way our old bylaws did. There's nothing establishing > chairs or charters or deliverables. It's a one-off note. > > That's the point. > > On Fri, Sep 14, 2018 at 12:13 PM Tim Hollebeek <tim.holleb...@digicert.com > > > wrote: > > > Collaborating outside of a subcommittee has a bunch of drawbacks, > including a complete lack of public transparency and much weaker IPR > protections. > > > > In my opinion, there?s already way, way too much going on in private that > would be better handled in subcommittees where everyone can participate and > there are publicly available notes. > > > > -Tim > > > > *From:* Public <public-boun...@cabforum.org> *On Behalf Of *Wayne Thayer > via Public > *Sent:* Thursday, September 13, 2018 7:11 PM > *To:* Ryan Sleevi <sle...@google.com>; CA/Browser Forum Public Discussion > List <public@cabforum.org> > *Subject:* Re: [cabfpub] Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG > > > > Would it be helpful to take a step back and propose an amendment to the > Bylaws or SCWG charter that addresses Subcommittees in sufficient detail? I > would be willing to work on that. Meanwhile, if the Network Security WG > left some urgent work unfinished, nothing prevents SCWG members from > collaborating outside of the Subcommittee structure. > > > > On Thu, Sep 13, 2018 at 3:49 PM Ryan Sleevi via Public < > public@cabforum.org> wrote: > > I think that, without incorporating or responding to feedback, we will be > opposed to this ballot. I agree that it's unfortunate we have gotten > nowhere - but it's equally unfortunate to have spent two months without > responding to any of the substance of the issues. It's great to see > progress, but making small steps doesn't excuse leaving glaring issues. > It's better to let these fall down than to support them with fundamental > flaws. > > > > Concrete feedback is: > > Delete: "These renewed NCSSR documents will serve CAs, auditors and > browsers in giving a state of the art set of rules for the deployment and > operation of CAs computing infrastructures." > > Rationale: That presumes this output will be valid/valuable. > > > > Delete: "The Subcommittee may choose its own initial Chair." > > Rationale: Subcommittees don't have Chairs and votes. They're just > meetings of the CWG with focus. > > > > Delete: "The Network Security Subcommittee shall produce one or more > documents offering options to the Forum for establishing minimal security > standards within the scope defined above, which may be used to modify the > existing NCSSRs." > > Rationale: This is a pretty much a non-scope as worded, but worse, > precludes some of the very activities you want to do. For example, > reforming existing requirements doesn't establish minimums, so is out of > scope. > > > > Obviously, that leaves you with nothing left. Hopefully there's something > concrete you think should remain, and you can suggest improvements there. > > > > > > > > On Thu, Sep 13, 2018 at 6:24 PM Kirk Hall <kirk.h...@entrustdatacard.com> > wrote: > > On this ballot and Ballot SC10, I?m only going to consider comments and > criticisms that propose specific alternate language that you will support. > We have spent two months on creation of Subcommittees that simply continue > the work we have been doing., and getting nowhere. Time to finish up! > > > > Do you have specific alternate ballot language you want the Members to > consider? If so, please post. > > > > *From:* Ryan Sleevi [mailto:sle...@google.com] > *Sent:* Thursday, September 13, 2018 2:55 PM > *To:* Kirk Hall <kirk.h...@entrustdatacard.com>; CABFPub < > public@cabforum.org> > *Subject:* [EXTERNAL]Re: [cabfpub] Ballot SC10 ? Establishing the Network > Security Subcommittee of the SCWG > > > > On Thu, Sep 13, 2018 at 5:25 PM Kirk Hall via Public <public@cabforum.org> > wrote: > > *Scope: *Revising and improving the Network and Certificate Systems > Security Requirements (NCSSRs). > > > *Out of Scope: *No provision. > > *Deliverables: *The Network Security Subcommittee shall produce one or > more documents offering options to the Forum for establishing minimal > security standards within the scope defined above, which may be used to > modify the existing NCSSRs. These renewed NCSSR documents will serve CAs, > auditors and browsers in giving a state of the art set of rules for the > deployment and operation of CAs computing infrastructures. The > Subcommittee may choose its own initial Chair. > > > > Is this Deliverable correct? Is that scope correct? The previous WG > produced (only after significant prodding) a statement about 'options' - > which was to modifying the existing NCSSRs. It seems like we're talking now > about concrete recommendations for changes, and it seems more relevant to > note what is in scope or out of scope. > > > > I disagree that the deliverable affirmatively stating "will serve CA, > auditors, and browsers". > > > > However, there's other, more fundamental problems. Most notable is that > Subcommittees aren't established to have Chairs - the point of the rework > of the Bylaws was to make it clearer what activities are done and how they > fit, and a SCWG subcommittee is just that - a subgroup of the SCWG. The > other is that the SCWG does not yet have a defined process for the > establishment of subcommittees. > > _______________________________________________ > Public mailing list > Public@cabforum.org > https://cabforum.org/mailman/listinfo/public > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://cabforum.org/pipermail/public/attachments/20180914/7203cd81/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Fri, 14 Sep 2018 16:29:38 +0000 > From: Tim Hollebeek <tim.holleb...@digicert.com> > To: Ryan Sleevi <sle...@google.com> > Cc: CABFPub <public@cabforum.org> > Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG > Message-ID: > < > bn6pr14mb11066d38b44b3bf97d0857d883...@bn6pr14mb1106.namprd14.prod.outlook.com > > > > Content-Type: text/plain; charset="utf-8" > > My ballot that I didn?t get around to writing would have had something > like: > > > > ?The current Bylaws lack clarity and precision about the functioning of > subcommittees. Until such a time as that is corrected, subcommittees > created from LWGs shall operate in the same manner as pre-governance reform > working groups.? > > > > Would that help? > > > > -Tim > > > > P.S. I asked the Validation WG chair if the Validation Subcommittee would > continue using the validation mailing list, and continue to produce agendas > and minutes, and he said yes. > > > > From: Ryan Sleevi <sle...@google.com> > Sent: Friday, September 14, 2018 12:19 PM > To: Tim Hollebeek <tim.holleb...@digicert.com> > Cc: Wayne Thayer <wtha...@mozilla.com>; CABFPub <public@cabforum.org> > Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG > > > > Subcommittees don't have requirements for minutes or publicly-available > notes. > > > > That's the point. All this thinking about subcommittees working "just > like" LWGs is not the case. All of that was lost from the Bylaws. A > subcommittee can just be two people having a chat, at least as written in > the Bylaws today. > > > > There's nothing stating subcommittees work with their own mailing lists, > for example, in the way our old bylaws did. There's nothing establishing > chairs or charters or deliverables. It's a one-off note. > > > > That's the point. > > > > On Fri, Sep 14, 2018 at 12:13 PM Tim Hollebeek <tim.holleb...@digicert.com > <mailto:tim.holleb...@digicert.com> > wrote: > > Collaborating outside of a subcommittee has a bunch of drawbacks, > including a complete lack of public transparency and much weaker IPR > protections. > > > > In my opinion, there?s already way, way too much going on in private that > would be better handled in subcommittees where everyone can participate and > there are publicly available notes. > > > > -Tim > > > > From: Public <public-boun...@cabforum.org <mailto: > public-boun...@cabforum.org> > On Behalf Of Wayne Thayer via Public > Sent: Thursday, September 13, 2018 7:11 PM > To: Ryan Sleevi <sle...@google.com <mailto:sle...@google.com> >; > CA/Browser Forum Public Discussion List <public@cabforum.org <mailto: > public@cabforum.org> > > Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security > Subcommittee of the SCWG > > > > Would it be helpful to take a step back and propose an amendment to the > Bylaws or SCWG charter that addresses Subcommittees in sufficient detail? I > would be willing to work on that. Meanwhile, if the Network Security WG > left some urgent work unfinished, nothing prevents SCWG members from > collaborating outside of the Subcommittee structure. > > > > On Thu, Sep 13, 2018 at 3:49 PM Ryan Sleevi via Public < > public@cabforum.org <mailto:public@cabforum.org> > wrote: > > I think that, without incorporating or responding to feedback, we will be > opposed to this ballot. I agree that it's unfortunate we have gotten > nowhere - but it's equally unfortunate to have spent two months without > responding to any of the substance of the issues. It's great to see > progress, but making small steps doesn't excuse leaving glaring issues. > It's better to let these fall down than to support them with fundamental > flaws. > > > > Concrete feedback is: > > Delete: "These renewed NCSSR documents will serve CAs, auditors and > browsers in giving a state of the art set of rules for the deployment and > operation of CAs computing infrastructures." > > Rationale: That presumes this output will be valid/valuable. > > > > Delete: "The Subcommittee may choose its own initial Chair." > > Rationale: Subcommittees don't have Chairs and votes. They're just > meetings of the CWG with focus. > > > > Delete: "The Network Security Subcommittee shall produce one or more > documents offering options to the Forum for establishing minimal security > standards within the scope defined above, which may be used to modify the > existing NCSSRs." > > Rationale: This is a pretty much a non-scope as worded, but worse, > precludes some of the very activities you want to do. For example, > reforming existing requirements doesn't establish minimums, so is out of > scope. > > > > Obviously, that leaves you with nothing left. Hopefully there's something > concrete you think should remain, and you can suggest improvements there. > > > > > > > > On Thu, Sep 13, 2018 at 6:24 PM Kirk Hall <kirk.h...@entrustdatacard.com > <mailto:kirk.h...@entrustdatacard.com> > wrote: > > On this ballot and Ballot SC10, I?m only going to consider comments and > criticisms that propose specific alternate language that you will support. > We have spent two months on creation of Subcommittees that simply continue > the work we have been doing., and getting nowhere. Time to finish up! > > > > Do you have specific alternate ballot language you want the Members to > consider? If so, please post. > > > > From: Ryan Sleevi [mailto:sle...@google.com <mailto:sle...@google.com> ] > Sent: Thursday, September 13, 2018 2:55 PM > To: Kirk Hall <kirk.h...@entrustdatacard.com <mailto: > kirk.h...@entrustdatacard.com> >; CABFPub <public@cabforum.org <mailto: > public@cabforum.org> > > Subject: [EXTERNAL]Re: [cabfpub] Ballot SC10 ? Establishing the Network > Security Subcommittee of the SCWG > > > > On Thu, Sep 13, 2018 at 5:25 PM Kirk Hall via Public <public@cabforum.org > <mailto:public@cabforum.org> > wrote: > > Scope: Revising and improving the Network and Certificate Systems Security > Requirements (NCSSRs). > > > Out of Scope: No provision. > > Deliverables: The Network Security Subcommittee shall produce one or more > documents offering options to the Forum for establishing minimal security > standards within the scope defined above, which may be used to modify the > existing NCSSRs. These renewed NCSSR documents will serve CAs, auditors and > browsers in giving a state of the art set of rules for the deployment and > operation of CAs computing infrastructures. The Subcommittee may choose > its own initial Chair. > > > > Is this Deliverable correct? Is that scope correct? The previous WG > produced (only after significant prodding) a statement about 'options' - > which was to modifying the existing NCSSRs. It seems like we're talking now > about concrete recommendations for changes, and it seems more relevant to > note what is in scope or out of scope. > > > > I disagree that the deliverable affirmatively stating "will serve CA, > auditors, and browsers". > > > > However, there's other, more fundamental problems. Most notable is that > Subcommittees aren't established to have Chairs - the point of the rework > of the Bylaws was to make it clearer what activities are done and how they > fit, and a SCWG subcommittee is just that - a subgroup of the SCWG. The > other is that the SCWG does not yet have a defined process for the > establishment of subcommittees. > > _______________________________________________ > Public mailing list > Public@cabforum.org <mailto:Public@cabforum.org> > https://cabforum.org/mailman/listinfo/public > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://cabforum.org/pipermail/public/attachments/20180914/fe5fea4f/attachment.html > > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: smime.p7s > Type: application/pkcs7-signature > Size: 4940 bytes > Desc: not available > URL: < > http://cabforum.org/pipermail/public/attachments/20180914/fe5fea4f/attachment.p7s > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Public mailing list > Public@cabforum.org > https://cabforum.org/mailman/listinfo/public > > > ------------------------------ > > End of Public Digest, Vol 77, Issue 81 > ************************************** > > > > _______________________________________________ > Public mailing list > Public@cabforum.org > https://cabforum.org/mailman/listinfo/public > >
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public