You are correct that it's deeply concerning if there can be a Subcommittee that *doesn't* take minutes. A good ballot for such a subcommittee would affirm its commitment to running in such a way that reduces that risk, so that it's easy to support.
On Fri, Sep 14, 2018 at 6:34 PM Geoff Keating <geo...@apple.com> wrote: > I think we’re in agreement as to the effect of not having minutes on the > IPR policy. > > I don’t believe anyone is proposing a subcommittee charter which > *prevents* it from having minutes. So, perhaps if you’re concerned that a > subcommittee might not have the standard of minute-taking that you would > like, you could offer to take minutes for that subcommittee? My experience > is that such an offer is usually received with gratitude! > > On Sep 14, 2018, at 2:04 PM, Ryan Sleevi via Public <public@cabforum.org> > wrote: > > Please review section 8 of the IPR policy with your legal counsel, Tim, > particularly around what constitutes a "Contribution" > > On Fri, Sep 14, 2018 at 4:52 PM Tim Hollebeek <tim.holleb...@digicert.com> > wrote: > >> We have the protections in the IPR policy, because we have the IPR >> policy. To be clear, the existence or absence of minutes does not in any >> way affect the IPR policy, and there’s no text in the Bylaws or IPR policy >> that suggests that it does. >> >> >> >> -Tim >> >> >> >> *From:* Public <public-boun...@cabforum.org> *On Behalf Of *Ryan Sleevi >> via Public >> *Sent:* Friday, September 14, 2018 4:41 PM >> *To:* Virginia Fournier <vfourn...@apple.com>; CABFPub < >> public@cabforum.org> >> *Subject:* Re: [cabfpub] Public Digest, Vol 77, Issue 81 >> >> >> >> Virginia, >> >> >> >> I do not understand how that position is at all consistent with our >> bylaws with respect to IP risk. If we have Subcommittees without the >> requirement to maintain or produce minutes, how could we possibly hope to >> have the IP protections afforded by our policy? >> >> >> >> On Fri, Sep 14, 2018 at 4:32 PM Virginia Fournier via Public < >> public@cabforum.org> wrote: >> >> It would be great if the people who continually complain that the Bylaws >> don’t contain x, or took away y, would actively participate in the process >> to create new versions of the Bylaws. The version of the Bylaws creating >> CWGs and their Subcommittees was developed over more than a year, with >> ample time for review, comment, revision, rinse and repeat. >> >> >> >> The Bylaws say that "each CWG may establish any number of subcommittees >> within its own Working Group to address any of such CWG’s business.” >> However, there's nothing in the Bylaws that prohibits Subcommittees from >> having their own mailing lists, minutes, chairs, etc. It looks like >> Subcommittees have the flexibility to determine how to conduct their own >> business within the CWG. >> >> >> >> If a CWG wants a Subcommittee to do something specific (like keep >> minutes), they can specify that in the CWG charter. >> >> >> >> Best regards, >> >> >> >> Virginia Fournier >> >> Senior Standards Counsel >> >> Apple Inc. >> >> ☏ 669-227-9595 >> >> ✉︎ v...@apple.com >> >> >> >> >> >> >> >> On Sep 14, 2018, at 9:29 AM, public-requ...@cabforum.org wrote: >> >> >> >> Send Public mailing list submissions to >> public@cabforum.org >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://cabforum.org/mailman/listinfo/public >> or, via email, send a message with subject or body 'help' to >> public-requ...@cabforum.org >> >> You can reach the person managing the list at >> public-ow...@cabforum.org >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Public digest..." >> >> >> Today's Topics: >> >> 1. Re: Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG (Ryan Sleevi) >> 2. Re: Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG (Tim Hollebeek) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Fri, 14 Sep 2018 12:19:24 -0400 >> From: Ryan Sleevi <sle...@google.com> >> To: Tim Hollebeek <tim.holleb...@digicert.com> >> Cc: CABFPub <public@cabforum.org> >> Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG >> Message-ID: >> <cacvawvbodx1ec0bvxrnx7eik3tgb8efxeqv06j_qyzkt7cz...@mail.gmail.com> >> Content-Type: text/plain; charset="utf-8" >> >> Subcommittees don't have requirements for minutes or publicly-available >> notes. >> >> That's the point. All this thinking about subcommittees working "just >> like" >> LWGs is not the case. All of that was lost from the Bylaws. A subcommittee >> can just be two people having a chat, at least as written in the Bylaws >> today. >> >> There's nothing stating subcommittees work with their own mailing lists, >> for example, in the way our old bylaws did. There's nothing establishing >> chairs or charters or deliverables. It's a one-off note. >> >> That's the point. >> >> On Fri, Sep 14, 2018 at 12:13 PM Tim Hollebeek < >> tim.holleb...@digicert.com> >> wrote: >> >> >> Collaborating outside of a subcommittee has a bunch of drawbacks, >> including a complete lack of public transparency and much weaker IPR >> protections. >> >> >> >> In my opinion, there?s already way, way too much going on in private that >> would be better handled in subcommittees where everyone can participate >> and >> there are publicly available notes. >> >> >> >> -Tim >> >> >> >> *From:* Public <public-boun...@cabforum.org> *On Behalf Of *Wayne Thayer >> via Public >> *Sent:* Thursday, September 13, 2018 7:11 PM >> *To:* Ryan Sleevi <sle...@google.com>; CA/Browser Forum Public Discussion >> List <public@cabforum.org> >> *Subject:* Re: [cabfpub] Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG >> >> >> >> Would it be helpful to take a step back and propose an amendment to the >> Bylaws or SCWG charter that addresses Subcommittees in sufficient detail? >> I >> would be willing to work on that. Meanwhile, if the Network Security WG >> left some urgent work unfinished, nothing prevents SCWG members from >> collaborating outside of the Subcommittee structure. >> >> >> >> On Thu, Sep 13, 2018 at 3:49 PM Ryan Sleevi via Public < >> public@cabforum.org> wrote: >> >> I think that, without incorporating or responding to feedback, we will be >> opposed to this ballot. I agree that it's unfortunate we have gotten >> nowhere - but it's equally unfortunate to have spent two months without >> responding to any of the substance of the issues. It's great to see >> progress, but making small steps doesn't excuse leaving glaring issues. >> It's better to let these fall down than to support them with fundamental >> flaws. >> >> >> >> Concrete feedback is: >> >> Delete: "These renewed NCSSR documents will serve CAs, auditors and >> browsers in giving a state of the art set of rules for the deployment and >> operation of CAs computing infrastructures." >> >> Rationale: That presumes this output will be valid/valuable. >> >> >> >> Delete: "The Subcommittee may choose its own initial Chair." >> >> Rationale: Subcommittees don't have Chairs and votes. They're just >> meetings of the CWG with focus. >> >> >> >> Delete: "The Network Security Subcommittee shall produce one or more >> documents offering options to the Forum for establishing minimal security >> standards within the scope defined above, which may be used to modify the >> existing NCSSRs." >> >> Rationale: This is a pretty much a non-scope as worded, but worse, >> precludes some of the very activities you want to do. For example, >> reforming existing requirements doesn't establish minimums, so is out of >> scope. >> >> >> >> Obviously, that leaves you with nothing left. Hopefully there's something >> concrete you think should remain, and you can suggest improvements there. >> >> >> >> >> >> >> >> On Thu, Sep 13, 2018 at 6:24 PM Kirk Hall <kirk.h...@entrustdatacard.com> >> wrote: >> >> On this ballot and Ballot SC10, I?m only going to consider comments and >> criticisms that propose specific alternate language that you will support. >> We have spent two months on creation of Subcommittees that simply continue >> the work we have been doing., and getting nowhere. Time to finish up! >> >> >> >> Do you have specific alternate ballot language you want the Members to >> consider? If so, please post. >> >> >> >> *From:* Ryan Sleevi [mailto:sle...@google.com] >> *Sent:* Thursday, September 13, 2018 2:55 PM >> *To:* Kirk Hall <kirk.h...@entrustdatacard.com>; CABFPub < >> public@cabforum.org> >> *Subject:* [EXTERNAL]Re: [cabfpub] Ballot SC10 ? Establishing the Network >> Security Subcommittee of the SCWG >> >> >> >> On Thu, Sep 13, 2018 at 5:25 PM Kirk Hall via Public <public@cabforum.org >> > >> wrote: >> >> *Scope: *Revising and improving the Network and Certificate Systems >> Security Requirements (NCSSRs). >> >> >> *Out of Scope: *No provision. >> >> *Deliverables: *The Network Security Subcommittee shall produce one or >> more documents offering options to the Forum for establishing minimal >> security standards within the scope defined above, which may be used to >> modify the existing NCSSRs. These renewed NCSSR documents will serve CAs, >> auditors and browsers in giving a state of the art set of rules for the >> deployment and operation of CAs computing infrastructures. The >> Subcommittee may choose its own initial Chair. >> >> >> >> Is this Deliverable correct? Is that scope correct? The previous WG >> produced (only after significant prodding) a statement about 'options' - >> which was to modifying the existing NCSSRs. It seems like we're talking >> now >> about concrete recommendations for changes, and it seems more relevant to >> note what is in scope or out of scope. >> >> >> >> I disagree that the deliverable affirmatively stating "will serve CA, >> auditors, and browsers". >> >> >> >> However, there's other, more fundamental problems. Most notable is that >> Subcommittees aren't established to have Chairs - the point of the rework >> of the Bylaws was to make it clearer what activities are done and how they >> fit, and a SCWG subcommittee is just that - a subgroup of the SCWG. The >> other is that the SCWG does not yet have a defined process for the >> establishment of subcommittees. >> >> _______________________________________________ >> Public mailing list >> Public@cabforum.org >> https://cabforum.org/mailman/listinfo/public >> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://cabforum.org/pipermail/public/attachments/20180914/7203cd81/attachment-0001.html >> > >> >> ------------------------------ >> >> Message: 2 >> Date: Fri, 14 Sep 2018 16:29:38 +0000 >> From: Tim Hollebeek <tim.holleb...@digicert.com> >> To: Ryan Sleevi <sle...@google.com> >> Cc: CABFPub <public@cabforum.org> >> Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG >> Message-ID: >> < >> bn6pr14mb11066d38b44b3bf97d0857d883...@bn6pr14mb1106.namprd14.prod.outlook.com >> > >> >> Content-Type: text/plain; charset="utf-8" >> >> My ballot that I didn?t get around to writing would have had something >> like: >> >> >> >> ?The current Bylaws lack clarity and precision about the functioning of >> subcommittees. Until such a time as that is corrected, subcommittees >> created from LWGs shall operate in the same manner as pre-governance reform >> working groups.? >> >> >> >> Would that help? >> >> >> >> -Tim >> >> >> >> P.S. I asked the Validation WG chair if the Validation Subcommittee would >> continue using the validation mailing list, and continue to produce agendas >> and minutes, and he said yes. >> >> >> >> From: Ryan Sleevi <sle...@google.com> >> Sent: Friday, September 14, 2018 12:19 PM >> To: Tim Hollebeek <tim.holleb...@digicert.com> >> Cc: Wayne Thayer <wtha...@mozilla.com>; CABFPub <public@cabforum.org> >> Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG >> >> >> >> Subcommittees don't have requirements for minutes or publicly-available >> notes. >> >> >> >> That's the point. All this thinking about subcommittees working "just >> like" LWGs is not the case. All of that was lost from the Bylaws. A >> subcommittee can just be two people having a chat, at least as written in >> the Bylaws today. >> >> >> >> There's nothing stating subcommittees work with their own mailing lists, >> for example, in the way our old bylaws did. There's nothing establishing >> chairs or charters or deliverables. It's a one-off note. >> >> >> >> That's the point. >> >> >> >> On Fri, Sep 14, 2018 at 12:13 PM Tim Hollebeek < >> tim.holleb...@digicert.com <mailto:tim.holleb...@digicert.com> > wrote: >> >> Collaborating outside of a subcommittee has a bunch of drawbacks, >> including a complete lack of public transparency and much weaker IPR >> protections. >> >> >> >> In my opinion, there?s already way, way too much going on in private that >> would be better handled in subcommittees where everyone can participate and >> there are publicly available notes. >> >> >> >> -Tim >> >> >> >> From: Public <public-boun...@cabforum.org <mailto: >> public-boun...@cabforum.org> > On Behalf Of Wayne Thayer via Public >> Sent: Thursday, September 13, 2018 7:11 PM >> To: Ryan Sleevi <sle...@google.com <mailto:sle...@google.com> >; >> CA/Browser Forum Public Discussion List <public@cabforum.org <mailto: >> public@cabforum.org> > >> Subject: Re: [cabfpub] Ballot SC10 ? Establishing the Network Security >> Subcommittee of the SCWG >> >> >> >> Would it be helpful to take a step back and propose an amendment to the >> Bylaws or SCWG charter that addresses Subcommittees in sufficient detail? I >> would be willing to work on that. Meanwhile, if the Network Security WG >> left some urgent work unfinished, nothing prevents SCWG members from >> collaborating outside of the Subcommittee structure. >> >> >> >> On Thu, Sep 13, 2018 at 3:49 PM Ryan Sleevi via Public < >> public@cabforum.org <mailto:public@cabforum.org> > wrote: >> >> I think that, without incorporating or responding to feedback, we will be >> opposed to this ballot. I agree that it's unfortunate we have gotten >> nowhere - but it's equally unfortunate to have spent two months without >> responding to any of the substance of the issues. It's great to see >> progress, but making small steps doesn't excuse leaving glaring issues. >> It's better to let these fall down than to support them with fundamental >> flaws. >> >> >> >> Concrete feedback is: >> >> Delete: "These renewed NCSSR documents will serve CAs, auditors and >> browsers in giving a state of the art set of rules for the deployment and >> operation of CAs computing infrastructures." >> >> Rationale: That presumes this output will be valid/valuable. >> >> >> >> Delete: "The Subcommittee may choose its own initial Chair." >> >> Rationale: Subcommittees don't have Chairs and votes. They're just >> meetings of the CWG with focus. >> >> >> >> Delete: "The Network Security Subcommittee shall produce one or more >> documents offering options to the Forum for establishing minimal security >> standards within the scope defined above, which may be used to modify the >> existing NCSSRs." >> >> Rationale: This is a pretty much a non-scope as worded, but worse, >> precludes some of the very activities you want to do. For example, >> reforming existing requirements doesn't establish minimums, so is out of >> scope. >> >> >> >> Obviously, that leaves you with nothing left. Hopefully there's something >> concrete you think should remain, and you can suggest improvements there. >> >> >> >> >> >> >> >> On Thu, Sep 13, 2018 at 6:24 PM Kirk Hall <kirk.h...@entrustdatacard.com >> <mailto:kirk.h...@entrustdatacard.com> > wrote: >> >> On this ballot and Ballot SC10, I?m only going to consider comments and >> criticisms that propose specific alternate language that you will support. >> We have spent two months on creation of Subcommittees that simply continue >> the work we have been doing., and getting nowhere. Time to finish up! >> >> >> >> Do you have specific alternate ballot language you want the Members to >> consider? If so, please post. >> >> >> >> From: Ryan Sleevi [mailto:sle...@google.com <mailto:sle...@google.com> ] >> Sent: Thursday, September 13, 2018 2:55 PM >> To: Kirk Hall <kirk.h...@entrustdatacard.com <mailto: >> kirk.h...@entrustdatacard.com> >; CABFPub <public@cabforum.org <mailto: >> public@cabforum.org> > >> Subject: [EXTERNAL]Re: [cabfpub] Ballot SC10 ? Establishing the Network >> Security Subcommittee of the SCWG >> >> >> >> On Thu, Sep 13, 2018 at 5:25 PM Kirk Hall via Public <public@cabforum.org >> <mailto:public@cabforum.org> > wrote: >> >> Scope: Revising and improving the Network and Certificate Systems >> Security Requirements (NCSSRs). >> >> >> Out of Scope: No provision. >> >> Deliverables: The Network Security Subcommittee shall produce one or more >> documents offering options to the Forum for establishing minimal security >> standards within the scope defined above, which may be used to modify the >> existing NCSSRs. These renewed NCSSR documents will serve CAs, auditors and >> browsers in giving a state of the art set of rules for the deployment and >> operation of CAs computing infrastructures. The Subcommittee may choose >> its own initial Chair. >> >> >> >> Is this Deliverable correct? Is that scope correct? The previous WG >> produced (only after significant prodding) a statement about 'options' - >> which was to modifying the existing NCSSRs. It seems like we're talking now >> about concrete recommendations for changes, and it seems more relevant to >> note what is in scope or out of scope. >> >> >> >> I disagree that the deliverable affirmatively stating "will serve CA, >> auditors, and browsers". >> >> >> >> However, there's other, more fundamental problems. Most notable is that >> Subcommittees aren't established to have Chairs - the point of the rework >> of the Bylaws was to make it clearer what activities are done and how they >> fit, and a SCWG subcommittee is just that - a subgroup of the SCWG. The >> other is that the SCWG does not yet have a defined process for the >> establishment of subcommittees. >> >> _______________________________________________ >> Public mailing list >> Public@cabforum.org <mailto:Public@cabforum.org> >> https://cabforum.org/mailman/listinfo/public >> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://cabforum.org/pipermail/public/attachments/20180914/fe5fea4f/attachment.html >> > >> -------------- next part -------------- >> A non-text attachment was scrubbed... >> Name: smime.p7s >> Type: application/pkcs7-signature >> Size: 4940 bytes >> Desc: not available >> URL: < >> http://cabforum.org/pipermail/public/attachments/20180914/fe5fea4f/attachment.p7s >> > >> >> ------------------------------ >> >> Subject: Digest Footer >> >> _______________________________________________ >> Public mailing list >> Public@cabforum.org >> https://cabforum.org/mailman/listinfo/public >> >> >> ------------------------------ >> >> End of Public Digest, Vol 77, Issue 81 >> ************************************** >> >> >> >> _______________________________________________ >> Public mailing list >> Public@cabforum.org >> https://cabforum.org/mailman/listinfo/public >> >> _______________________________________________ > Public mailing list > Public@cabforum.org > https://cabforum.org/mailman/listinfo/public > > >
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public