Responses inline
From: Ryan Sleevi [mailto:[email protected]]
Sent: Monday, April 11, 2016 1:31 PM
To: Kirk Hall (RD-US)
Cc: Dean Coclin; [email protected]
Subject: Re: [cabfpub] FW: Associate member of the CA/B Forum
On Mon, Apr 11, 2016 at 1:23 PM,
[email protected]<mailto:[email protected]>
<[email protected]<mailto:[email protected]>> wrote:
Just to add one more perspective – I have always viewed Associate Members as
people or groups that CAs and Browsers wanted on our calls and meetings as
providing necessary expertise – starting with WebTrust and ETSI
representatives. It’s very convenient to have them understand what we are
doing and provide feedback during meetings and calls. I was not active with
the Forum when PayPal was added as an Associate Member, and was never entirely
certain about the reasons for a single company to be an Associate Member.
As to adding ETA as an Associate Member – I think the Forum would benefit by
adding one financial services group Associate Member who can provide rapid
responses to our work at meetings and on calls (and serve as a conduit of
information back to the ETA membership), especially after the SHA-1 problems.
Interested Parties can participate as invited guests when topics relevant to
their interests are discussed. If they're not sure when such items will be
discussed, then it would be because we aren't sending out agendas with advance
notice, or they're not paying attention to the agendas and speaking up about
their relevant interest?
I think there is a lot to be gained by an Associate Member’s ongoing
participation in the full meetings. We may not always know what is important
to the group they represent. I also think that trust and rapport grow among
people who spend time together rather than parachuting in for limited
discussion from time to time (and it may not be worth it for an invitee to come
to a distant meeting only for a 20 minute segment).
Some Forum members have been very harsh toward those financial services
companies who didn’t respond in time to the SHA-1 cutoff and are now seeking
SHA-1 certificates, saying “they should have paid attention”. Future Forum
changes are likely to have a disproportionate impact on financial services
companies, so I think one Associate Member makes sense – I just want to make
sure ETA is the right member from that community.
Is there a reason you feel these parties can't participate on the Public list?
Is there added or differential value from that participation?
Given that the list is Public, and both Interested Parties and Associate
Members can participate, this seems an entirely appropriate venue. If there are
items being discussed on our calls or meetings that aren't reflected completely
to the list (as I expressed concern about), isn't that symptomatic of a broader
issue that won't be solved by adding associate members?
See comments above. Associate Members will also participate with comments on
the Public List just as Members do, so presumably their views will be widely
distributed there. But in many cases the greatest value can come from someone
in the room saying on the spot “Wait a moment, have you thought of this?” and
giving us all immediate feedback. I think that can be lost in email strings.
Perhaps we also could benefit from one Associate Member who can represent all
the independent hosting and registrar companies out there (not associated with
a CA or browser). But to keep meetings and calls to manageable size, in my
opinion we should only add a very limited number of Associate Members.
<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential
and may be subject to copyright or other intellectual property protection.
If you are not the intended recipient, you are not authorized to use or
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
