Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 18/04/17 22:12, Jeremy Rowley via Public wrote:
> [JR] “Submitted” and “Posted” are two different words. So is “Sent” and
> “submitted”. It’s basic legal drafting to use the same word if you want
> the same meaning. The fact that the words chosen differ means either
> poor drafting or they have different meanings.

As the person who I believe drafted the motion concerned, I can tell you
that it's poor drafting. It was absolutely not my intent that messages
where someone attempted to send to the public list but failed would be
counted as valid votes.

Anyone should be able to tally the votes to check the chair's maths,
without requiring special knowledge or to take anyone's word for it.
That's only possible if votes are actually sent to all subscribers.

Gerv

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

+ 1 to the different view points. 

 

However, I think the ambiguity means the ballot didn’t pass and didn’t fail.  
Per 2.3(d) – “If the Draft Guidelines Ballot does not pass the Initial Vote, 
the ballot will stop.”

 

From: geo...@apple.com [mailto:geo...@apple.com] 
Sent: Tuesday, April 18, 2017 4:58 PM
To: CA/Browser Forum Public Discussion List 
Cc: Eric Mill ; Jeremy Rowley 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

On 18 Apr 2017, at 3:14 pm, Jeremy Rowley via Public mailto:public@cabforum.org> > wrote:

 

What is the strained interpretation? Seems logical to me. I also disagree that 
the energy can be better spent. This is a good exercise and shows that 
regardless of the ballot outcome, we should fix the confusion in bylaw wording.

 

The argument is about the process at this point is more interesting than the 
results. We can’t maintain discipline about the process if we can’t figure out 
what the process even is.

 

If it helps, I think I’ve figured out why different people are interpreting 
this differently.

 

A technical person will read “Public Mail List” as meaning a server, a web site 
and e-mail relay.  A non-technical person will read it as meaning a list, of 
people or e-mail addresses.

 

You can read the whole document with each of these meanings in your head and 
never once hit a definite contradiction, although it’s clear that different 
bits of the document were written by people with different ideas about what it 
meant; compare "The Chair will notify both the Member Mail List and the Public 
Mail List of the approval” in 2.3(i)(A) with "all such separate list-servs must 
be managed in the same fashion as the Public Mail List” in 5.3.

 

But ‘submitting’ something to a server is the meaning of 'submit’ that is 'to 
present or propose to another for review, consideration, or decision’ and 
allows the server to reject it, while ‘submitting’ something to a list of 
people is the other meaning of ‘submit’, ‘to deliver formally’, and you haven’t 
delivered it if it didn’t arrive.

 

 

So, you’re all right and you’re all wrong, I hope that helped!

 

 

A bigger problem we have is that we have no way to resolve this issue.  There 
has been a vote, and it either passed or it didn’t, and the bylaws are 
ambiguous on which is the case.  So I think that what we need most of all is a 
resolution mechanism.  One simple one is to say that the Chair’s ballot count 
is definitive.



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Geoff Keating via Public]

> On 18 Apr 2017, at 3:14 pm, Jeremy Rowley via Public  
> wrote:
> 
> What is the strained interpretation? Seems logical to me. I also disagree 
> that the energy can be better spent. This is a good exercise and shows that 
> regardless of the ballot outcome, we should fix the confusion in bylaw 
> wording.
>  
> The argument is about the process at this point is more interesting than the 
> results. We can’t maintain discipline about the process if we can’t figure 
> out what the process even is.

If it helps, I think I’ve figured out why different people are interpreting 
this differently.

A technical person will read “Public Mail List” as meaning a server, a web site 
and e-mail relay.  A non-technical person will read it as meaning a list, of 
people or e-mail addresses.

You can read the whole document with each of these meanings in your head and 
never once hit a definite contradiction, although it’s clear that different 
bits of the document were written by people with different ideas about what it 
meant; compare "The Chair will notify both the Member Mail List and the Public 
Mail List of the approval” in 2.3(i)(A) with "all such separate list-servs must 
be managed in the same fashion as the Public Mail List” in 5.3.

But ‘submitting’ something to a server is the meaning of 'submit’ that is 'to 
present or propose to another for review, consideration, or decision’ and 
allows the server to reject it, while ‘submitting’ something to a list of 
people is the other meaning of ‘submit’, ‘to deliver formally’, and you haven’t 
delivered it if it didn’t arrive.


So, you’re all right and you’re all wrong, I hope that helped!


A bigger problem we have is that we have no way to resolve this issue.  There 
has been a vote, and it either passed or it didn’t, and the bylaws are 
ambiguous on which is the case.  So I think that what we need most of all is a 
resolution mechanism.  One simple one is to say that the Chair’s ballot count 
is definitive.

smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

What is the strained interpretation? Seems logical to me. I also disagree that 
the energy can be better spent. This is a good exercise and shows that 
regardless of the ballot outcome, we should fix the confusion in bylaw wording.

 

The argument is about the process at this point is more interesting than the 
results. We can’t maintain discipline about the process if we can’t figure out 
what the process even is.

 

From: Eric Mill [mailto:e...@konklone.com] 
Sent: Tuesday, April 18, 2017 3:39 PM
To: CABFPub 
Cc: Jeremy Rowley ; Ryan Sleevi 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

All of the energy being spent on this thread could probably be better spent in 
just initiating a new ballot for a revote and getting that started.

 

For what it's worth, I agree entirely with Geoff that it would be a bad outcome 
for the Forum if a revote on a technicality led to a changed outcome. Apple 
changing their vote for that reason to make sure the original vote is 
respected, if Apple truly doesn't object to the outcome (as their original 
abstention would indicate), seems completely reasonable.

 

But I think it makes the Forum look really bad if they hinge a tiebreaker vote 
on an interpretation of "submitted to" that allows for someone to have their 
email rejected by a mailing list they're not subscribed to. That's not a 
credible interpretation of the Bylaws, and what Ryan is pointing to is that 
since the Bylaws are in part meant to guarantee the legal defensibility of IP 
protections, you should try to maintain discipline about process and not reach 
out to strained interpretations to avoid inconvenience.

 

-- Eric

 

On Tue, Apr 18, 2017 at 4:16 PM, Ryan Sleevi via Public mailto:public@cabforum.org> > wrote:

 

 

On Tue, Apr 18, 2017 at 3:58 PM, Jeremy Rowley mailto:jeremy.row...@digicert.com> > wrote:

In your view, the act of submission does not require authorization to post on 
the Public Mail List, does not require acceptance by the Public Mail List, nor 
does it require distribution as part of the public mail list. Your view is that 
"All voting will take place via the Public Mail List" does not correspond with 
the deadline of "Members shall have exactly seven days for voting" - that is, 
provided that a vote is (eventually) shared on the Public Mail List, that the 
requirement is met. 

 

[JR] Correct. If the bylaws meant the vote needed to be distributed to the 
Forum through the public mailing list during the allotted time, the wording 
would have stated such. Instead, the author chose to use the word submitted 
despite the previous sentence mandating that all voting occur on the mailing 
list. Either its poor drafting or the intent was that the submission is 
sufficient.

 

The wording does though, within Section 5.2, by stating that:

"The following materials shall be posted to the Public Mail List or Public Web 
Site:"

 

and then continuing

"(c) Messages formally proposing a Forum ballot (including ballots to 
establish, modify, or terminate Working Groups), individual votes, vote and 
quorum counts, and messages announcing ballot outcomes and voting breakdowns. "

 

It would appear you're suggesting that "sent" and "posted" are distinct. That 
is, that Section 5.2 merely states that "Messages formally proposing a Forum 
ballot" must eventually appear on the Public Mail List, but that, by logical 
extension of the context for voting, this only needs to occur at some point in 
the future, and not necessarily in conjunction with the disclosure of the 
Ballot.

 

This interpretation is based upon Section 2.2(d), which states that "the 
deadline clearly communicated in the ballot and sent via the Public Mail List."

 

Since this is the same method of disclosing votes, is it reasonable to conclude 
that you believe it is a valid interpretation of our Bylaws that members may, 
in a coordinated enterprise, ensure their submissions to the public mail list 
are delayed (for example, using a "send delay" or by temporarily blocking 
communication the public list), coordinate their votes with eachother and, upon 
conclusion of such a Ballot, direct the Chair to post to the Public Mail List?

 

This is the interpretation that naturally results from suggesting that "sent 
via the Public Mail List" and "All voting will take place via the Public Mail 
List" are not required to appear on the Public Mail List within the alotted 
time, and that eventual consistency is sufficient.

 

 

Is it consistent, then, that the act of "submitted Exclusion Notices" does not 
require confirmation of the receipt by the Chair? If the Chair claims not to 
have received an Exclusion Notice after the 3 business days afforded, is that 
exclusion valid

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

I cut a lot to make the response readable. Hopefully not too much to follow. 
Apologies if I did.

 

My definitions are probably not the best and certainly not conclusive (and, 
ultimately, does not matter with respect to the outcome of 194). However, 
getting consensus on the meaning would help solve future issues. 

 

The bylaws use four terms that have similar meanings:

 

1.  Sent – Using the CAB Forum’s public mailing list in the “TO: “ of an 
email (Phil’s interpretation) 
2.  Submit – Requires permission in addition to sending messages to the 
mailing list (Virginia’s definition)
3.  Post – Delivery of the message to the mailing list
4.  Distribute – Sent to subscribers of the mailing list 

 

Although many ballots have poor wording (my own included), I don’t think it 
materially affects these particular definitions. The bylaws were created by the 
members’ lawyers so I assume a little more care was taken to the wording than 
most of the technical ballots, which are a mash-up of various drafter 
specifications (like ballot 169 – lots of authors throwing technical 
requirements in a pot). 

 

As far as a coordinate block of the mailing list, we have a similar problem 
now. If the mailing list “goes down” (say through a sustained attack) a member 
can effectively block votes made after a certain date. I think both are risks, 
but we choose what is acceptable. I’m very happy to change the wording to 
specify something like “Members must post votes to the mailing list within the 
ballot period” to clarify though. 

>> So you believe voting can happen after the conclusion of the Ballot?

No. Voting must happen during the ballot period. However, the vote may not be 
received by members until after the ballot period (such as if the mail server 
fails for some reason). In this particular case, Microsoft’s vote was clearly 
not distributed to the mailing list during the ballot period. Similarly, I 
don’t think there is a dispute it was “sent”. However, I don’t know whether it 
was “submitted” or “posted”.

 

>> You're now seeming to argue that "sent", "post", "distribute", and "via" all 
>> represent distinct, and unrelated events. How do you see the process working?

I think we should just agree on a meaning by ballot and consolidate on one or 
two terms. Maybe “Distribute” and “Submit”?

 

>>>For example, Section 2.3 states "The Chair will initiate the Review Period 
>>>by sending the Review Notice to both the Member Mail List and the Public 
>>>Mail List."

 

 

>>> Why not? That is, how do you conclude that they are different definitions, 
>>> if you've not articulated those definitions.

I haven’t articulated the definition because I don’t know what it is. If there 
were clear definitions, this wouldn’t be a dispute.  However, you don’t use the 
same term to mean two different things in legal docs. This is a legal doc.

 

Section 5.2

…

"Forum Members and Interested Parties may post to the Public Mail List in 
compliance with these Bylaws. "

"Anyone else is allowed to subscribe to and receive messages posted to the 
Public Mail List, which may be crawled and indexed by Internet search engines. "

 

Definitions:

Public Mail List: The public email list-serv currently located at 
public@cabforum.org   maintained by the Forum for 
communications by and among Members and Interested Parties. The Public Mail 
List may be read by Other Parties, but Other Parties may not post to the Public 
Mail List. 

 

>>> If we accept your definition that sent and distributed are distinct, must 
>>> we also accept that Gordon's vote, by not being posted to the Public Mail 
>>> List due to lack of permissions, means that he was an Other Party at the 
>>> time of posting, and not a Member?

 

Thanks for sending over the references. However, the language doesn’t specify 
that only other parties are prohibited from posting to the public mailing list 
or that all members have write access to the public list.

 

>>> And your conclusion that it cannot mean the same is because it's a 
>>> different word, and two words cannot mean the same thing, correct?

Yes, with a caveat. I’m willing to accept they mean the same thing if that is 
what the historical context shows but am bothered that we potentially used at 
least four different words to mean the same action.

 

>> You mean the Bylaws. Perhaps that was a drafting error?

Lol. Yes -  I’m not a model citizen.

 

>>> The drafter was Virginia, and I linked to you the discussion of concerns. 
>>> Do you still belief that the drafter had a different intent? If the drafter 
>>> clarified the intent, would you accept that clarification? If not, how 
>>> would you propose to resolve this ambiguity, if not by Ballot?

I think we should fix the language by ballot.  

 

>> https://cabforum.org/pipermail/public/2017-April/010644.html

Thanks. Sorry I missed this message exchange. It’s probably super annoying to 
have to dig that ou

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Eric Mill via Public]

All of the energy being spent on this thread could probably be better spent
in just initiating a new ballot for a revote and getting that started.

For what it's worth, I agree entirely with Geoff that it would be a bad
outcome for the Forum if a revote on a technicality led to a changed
outcome. Apple changing their vote for that reason to make sure the
original vote is respected, if Apple truly doesn't object to the outcome
(as their original abstention would indicate), seems completely reasonable.

But I think it makes the Forum look really bad if they hinge a tiebreaker
vote on an interpretation of "submitted to" that allows for someone to have
their email rejected by a mailing list they're not subscribed to. That's
not a credible interpretation of the Bylaws, and what Ryan is pointing to
is that since the Bylaws are in part meant to guarantee the legal
defensibility of IP protections, you should try to maintain discipline
about process and not reach out to strained interpretations to avoid
inconvenience.

-- Eric

On Tue, Apr 18, 2017 at 4:16 PM, Ryan Sleevi via Public  wrote:

>
>
> On Tue, Apr 18, 2017 at 3:58 PM, Jeremy Rowley  > wrote:
>>
>> In your view, the act of submission does not require authorization to
>> post on the Public Mail List, does not require acceptance by the Public
>> Mail List, nor does it require distribution as part of the public mail
>> list. Your view is that "All voting will take place via the Public Mail
>> List" does not correspond with the deadline of "Members shall have exactly
>> seven days for voting" - that is, provided that a vote is (eventually)
>> shared on the Public Mail List, that the requirement is met.
>>
>>
>>
>> [JR] Correct. If the bylaws meant the vote needed to be distributed to
>> the Forum through the public mailing list during the allotted time, the
>> wording would have stated such. Instead, the author chose to use the word
>> submitted despite the previous sentence mandating that all voting occur on
>> the mailing list. Either its poor drafting or the intent was that the
>> submission is sufficient.
>>
>
> The wording does though, within Section 5.2, by stating that:
> "The following materials shall be posted to the Public Mail List or Public
> Web Site:"
>
> and then continuing
> "(c) Messages formally proposing a Forum ballot (including ballots to
> establish, modify, or terminate Working Groups), individual votes, vote and
> quorum counts, and messages announcing ballot outcomes and voting
> breakdowns. "
>
> It would appear you're suggesting that "sent" and "posted" are distinct.
> That is, that Section 5.2 merely states that "Messages formally proposing a
> Forum ballot" must eventually appear on the Public Mail List, but that, by
> logical extension of the context for voting, this only needs to occur at
> some point in the future, and not necessarily in conjunction with the
> disclosure of the Ballot.
>
> This interpretation is based upon Section 2.2(d), which states that "the
> deadline clearly communicated in the ballot and sent via the Public Mail
> List."
>
> Since this is the same method of disclosing votes, is it reasonable to
> conclude that you believe it is a valid interpretation of our Bylaws that
> members may, in a coordinated enterprise, ensure their submissions to the
> public mail list are delayed (for example, using a "send delay" or by
> temporarily blocking communication the public list), coordinate their votes
> with eachother and, upon conclusion of such a Ballot, direct the Chair to
> post to the Public Mail List?
>
> This is the interpretation that naturally results from suggesting that
> "sent via the Public Mail List" and "All voting will take place via the
> Public Mail List" are not required to appear on the Public Mail List within
> the alotted time, and that eventual consistency is sufficient.
>
>
>>
>>
>> Is it consistent, then, that the act of "submitted Exclusion Notices"
>> does not require confirmation of the receipt by the Chair? If the Chair
>> claims not to have received an Exclusion Notice after the 3 business days
>> afforded, is that exclusion valid?
>>
>> [JR] Yes. That is why the bylaws in (g) mandate that the exclusion
>> notices also be sent to the Public Mailing list as a safeguard.
>>
>
> But this is the problem. The interpretation you're seemingly advocating is
> that "sent" merely indicates TO. This is clearly evidenced in Phillip
> Hallam-Baker's proposed definition for "sent". As a consequence of this,
> the Bylaws in (g) do not provide assurances that the actual message will be
> received and/or posted, but will, by the same interpretation and intent
> being argued for here, constitute having met the obligations as "sent" to
> the Public Mailing List.
>
> Put more explicitly, if we accept "sent" merely means adding to the To:
> (or using RCPT TO/DATA, as suggested by PHB), then an organization can
> "submit" an Exclusion Notice to the Chair (without confirming its receipt),
> "send" an Exclusi

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 5:12 PM, Jeremy Rowley 
wrote:

> In your view, the act of submission does not require authorization to post
> on the Public Mail List, does not require acceptance by the Public Mail
> List, nor does it require distribution as part of the public mail list.
> Your view is that "All voting will take place via the Public Mail List"
> does not correspond with the deadline of "Members shall have exactly seven
> days for voting" - that is, provided that a vote is (eventually) shared on
> the Public Mail List, that the requirement is met.
>
> [JR] Yes – they are distinct actions. The bylaws would use the same word
> for both if they were the same action. I think is apparent considering the
> bylaws use different terminology to specify that the documents must be
> distributed to the mailing list (such as 2.3(f)).
>

This is an interesting, and entirely unexpected, conclusion. Could you
provide what you believe are the definitions for each of these words and/or
how they should be determined?


> It would appear you're suggesting that "sent" and "posted" are distinct.
> That is, that Section 5.2 merely states that "Messages formally proposing a
> Forum ballot" must eventually appear on the Public Mail List, but that, by
> logical extension of the context for voting, this only needs to occur at
> some point in the future, and not necessarily in conjunction with the
> disclosure of the Ballot.
>
>
>
> [JR] “Submitted” and “Posted” are two different words. So is “Sent” and
> “submitted”. It’s basic legal drafting to use the same word if you want the
> same meaning. The fact that the words chosen differ means either poor
> drafting or they have different meanings.
>

Considering the Ballot 194 has been shown to be the result of "poor
drafting", and that the previous Ballot it was "correcting," Ballot 193,
was originally much worse, as were the drafts of Ballot 183 (of which we
called out), how do you believe that materially changes things?


> This interpretation is based upon Section 2.2(d), which states that "the
> deadline clearly communicated in the ballot and sent via the Public Mail
> List."
>
>
>
> Since this is the same method of disclosing votes, is it reasonable to
> conclude that you believe it is a valid interpretation of our Bylaws that
> members may, in a coordinated enterprise, ensure their submissions to the
> public mail list are delayed (for example, using a "send delay" or by
> temporarily blocking communication the public list), coordinate their votes
> with eachother and, upon conclusion of such a Ballot, direct the Chair to
> post to the Public Mail List?
>
>
>
> [JR] As Gerv brought up in my previous post on this very issue, it’s too
> far-fetched to consider.
>

Why? We're very concerned about this, much as with the discussions of
Ballot 180 - 182. The legal risk is a significant danger to continued
participation, as is the current approach the Chair has unilaterally
declared.


> This is the interpretation that naturally results from suggesting that
> "sent via the Public Mail List" and "All voting will take place via the
> Public Mail List" are not required to appear on the Public Mail List within
> the alotted time, and that eventual consistency is sufficient.
>
>
>
> [JR] I’m not sure, but I’m now leaning towards yes. Previously, I thought
> the ballot failed, not because Microsoft failed to vote, but because not
> “All voting took place on the Public Mail List”. However, it really did
> because Kirk forwarded it the mail list. As re-distribution of a vote is
> not prohibited and (a) all voting takes place on the public mail list is
> separate from (b) “votes not submitted to the public mail list will not be
> considered valid”, Microsoft did have its vote submitted  in time and all
> votes took place on the public mail list (although I do acknowledge the
> term “submitted” is undefined so reasonable minds may disagree).
>

So you believe voting can happen after the conclusion of the Ballot?


>  Is it consistent, then, that the act of "submitted Exclusion Notices"
> does not require confirmation of the receipt by the Chair? If the Chair
> claims not to have received an Exclusion Notice after the 3 business days
> afforded, is that exclusion valid?
>
> [JR] Which section? 2.3(f) requires that the chair distribute any
> exclusion notices submitted in accordance with Section 4.2 of the IPR to
> the public mailing list. The fact that this section uses “distributed”
> instead of “submitted” is what made me change my mind about the Microsoft
> vote. Why didn’t the other sections use “distributed” instead of
> “submitted”? If the author meant “distributed” they would have used it
> throughout. The two words must mean two different things.
>

Because it was poorly drafted, as shown by the versions that I linked. That
is, I do not mean to undermine Virginia's many useful contributions on this
matter, but the point was made throughout that there was a poor choice of
words, and 

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

The converse is also true. If mailing list issues determine the validity of 
exclusion notices, we are unfairly endangering a member’s IP. This looks like 
why we added 2.3(f) – to help reduce both risks.

 

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via 
Public
Sent: Tuesday, April 18, 2017 2:43 PM
To: Peter Bowen 
Cc: Ryan Sleevi ; CA/Browser Forum Public Discussion List 

Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

 

On Tue, Apr 18, 2017 at 4:25 PM, Peter Bowen mailto:p...@amzn.com> > wrote:

Ryan,

 

Am I understanding correctly that Google’s concern is that the ambiguity of 
whether this ballot had the proper majority required could result in a member 
with Essential Claims privately determining that the ballot did not pass, that 
the initiation of the Review period was therefore illegitimate, and therefore 
the license required by the IPR agreement does not apply?

 

Yes, both for this Ballot and, in applying the definition used here as accepted 
precedent, for conducting future Ballots (and IP exclusions) in a manner that 
would directly put members at risk.



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 5:04 PM, phill...@comodo.com 
wrote:

> The best way to address future concerns would be to propose a ballot to
> fix them.
>

Hi Phillip,

That's an excellent suggestion. We did, it was called Ballot 183, and at a
minimum, Apple and Google believed it was addressed (and by extension of
support, presumably TrendMicro and Amazon)

You can read about that at
https://cabforum.org/pipermail/public/2017-April/010644.html

Perhaps you could check with Comodo's Legal Team to see how they feel about
that discussion, and whether that sufficiently establishes the common
understanding
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

In your view, the act of submission does not require authorization to post on 
the Public Mail List, does not require acceptance by the Public Mail List, nor 
does it require distribution as part of the public mail list. Your view is that 
"All voting will take place via the Public Mail List" does not correspond with 
the deadline of "Members shall have exactly seven days for voting" - that is, 
provided that a vote is (eventually) shared on the Public Mail List, that the 
requirement is met. 

[JR] Yes – they are distinct actions. The bylaws would use the same word for 
both if they were the same action. I think is apparent considering the bylaws 
use different terminology to specify that the documents must be distributed to 
the mailing list (such as 2.3(f)). 

 

The wording does though, within Section 5.2, by stating that:

"The following materials shall be posted to the Public Mail List or Public Web 
Site:"

 

and then continuing

"(c) Messages formally proposing a Forum ballot (including ballots to 
establish, modify, or terminate Working Groups), individual votes, vote and 
quorum counts, and messages announcing ballot outcomes and voting breakdowns. "

 

It would appear you're suggesting that "sent" and "posted" are distinct. That 
is, that Section 5.2 merely states that "Messages formally proposing a Forum 
ballot" must eventually appear on the Public Mail List, but that, by logical 
extension of the context for voting, this only needs to occur at some point in 
the future, and not necessarily in conjunction with the disclosure of the 
Ballot.

 

[JR] “Submitted” and “Posted” are two different words. So is “Sent” and 
“submitted”. It’s basic legal drafting to use the same word if you want the 
same meaning. The fact that the words chosen differ means either poor drafting 
or they have different meanings.

 

This interpretation is based upon Section 2.2(d), which states that "the 
deadline clearly communicated in the ballot and sent via the Public Mail List."

 

Since this is the same method of disclosing votes, is it reasonable to conclude 
that you believe it is a valid interpretation of our Bylaws that members may, 
in a coordinated enterprise, ensure their submissions to the public mail list 
are delayed (for example, using a "send delay" or by temporarily blocking 
communication the public list), coordinate their votes with eachother and, upon 
conclusion of such a Ballot, direct the Chair to post to the Public Mail List?

 

[JR] As Gerv brought up in my previous post on this very issue, it’s too 
far-fetched to consider. 

 

This is the interpretation that naturally results from suggesting that "sent 
via the Public Mail List" and "All voting will take place via the Public Mail 
List" are not required to appear on the Public Mail List within the alotted 
time, and that eventual consistency is sufficient.

 

[JR] I’m not sure, but I’m now leaning towards yes. Previously, I thought the 
ballot failed, not because Microsoft failed to vote, but because not “All 
voting took place on the Public Mail List”. However, it really did because Kirk 
forwarded it the mail list. As re-distribution of a vote is not prohibited and 
(a) all voting takes place on the public mail list is separate from (b) “votes 
not submitted to the public mail list will not be considered valid”, Microsoft 
did have its vote submitted  in time and all votes took place on the public 
mail list (although I do acknowledge the term “submitted” is undefined so 
reasonable minds may disagree).

 Is it consistent, then, that the act of "submitted Exclusion Notices" does not 
require confirmation of the receipt by the Chair? If the Chair claims not to 
have received an Exclusion Notice after the 3 business days afforded, is that 
exclusion valid?

[JR] Which section? 2.3(f) requires that the chair distribute any exclusion 
notices submitted in accordance with Section 4.2 of the IPR to the public 
mailing list. The fact that this section uses “distributed” instead of 
“submitted” is what made me change my mind about the Microsoft vote. Why didn’t 
the other sections use “distributed” instead of “submitted”? If the author 
meant “distributed” they would have used it throughout. The two words must mean 
two different things.

 

But this is the problem. The interpretation you're seemingly advocating is that 
"sent" merely indicates TO. This is clearly evidenced in Phillip Hallam-Baker's 
proposed definition for "sent". As a consequence of this, the Bylaws in (g) do 
not provide assurances that the actual message will be received and/or posted, 
but will, by the same interpretation and intent being argued for here, 
constitute having met the obligations as "sent" to the Public Mailing List.

 

[JR] “Submitted” isn’t “sent”. As it is not defined, I’m not sure what the word 
means, but it does not mean “distributed” (because that word is also used in 
the document). Where do you see that the intent is for the actual message to be 

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[philliph--- via Public]

The best way to address future concerns would be to propose a ballot to fix 
them.




> On Apr 18, 2017, at 4:42 PM, Ryan Sleevi via Public  
> wrote:
> 
> 
> 
> On Tue, Apr 18, 2017 at 4:25 PM, Peter Bowen  > wrote:
> Ryan,
> 
> Am I understanding correctly that Google’s concern is that the ambiguity of 
> whether this ballot had the proper majority required could result in a member 
> with Essential Claims privately determining that the ballot did not pass, 
> that the initiation of the Review period was therefore illegitimate, and 
> therefore the license required by the IPR agreement does not apply?
> 
> Yes, both for this Ballot and, in applying the definition used here as 
> accepted precedent, for conducting future Ballots (and IP exclusions) in a 
> manner that would directly put members at risk.
> ___
> Public mailing list
> Public@cabforum.org
> https://cabforum.org/mailman/listinfo/public

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 4:25 PM, Peter Bowen  wrote:
>
> Ryan,
>
> Am I understanding correctly that Google’s concern is that the ambiguity
> of whether this ballot had the proper majority required could result in a
> member with Essential Claims privately determining that the ballot did not
> pass, that the initiation of the Review period was therefore illegitimate,
> and therefore the license required by the IPR agreement does not apply?
>

Yes, both for this Ballot and, in applying the definition used here as
accepted precedent, for conducting future Ballots (and IP exclusions) in a
manner that would directly put members at risk.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 4:16 PM, Ryan Sleevi  wrote:

> Considering that this very exact scenario was repeatedly discussed in the
> Forum and the calls regarding our process, and the intent was very much
> that the act of "submiting" something is "to post", and that "to post"
> means to ensure it is publicly distributed and archived, the belief at the
> time was that "submit" means the plain reading of it.
>

For reference,
https://cabforum.org/pipermail/public/2017-January/009185.html

"2.3(j) - Again, assume the Chair fails in any of these steps, what do you
believe happens / should happen?
  1) Chair fails to distribute Exclusion Notices within two business days
after the Review Period closes
  2) Chair distributes an incomplete set of Exclusion Notices
  3) Chair's MTA represents to the person making the Exclusion Notice that
mail has been successfully queued for delivery (e.g. the mail server
reports to the sender that it's accepted)
 a) Chair encounters a mailbox corruption issue and loses exclusion
notices
 b) Chair's antivirus system later quarantines the mail so that it's
not kept in their inbox, but instead moved to a quarantine"

Virginia responded in
https://cabforum.org/pipermail/public/2017-January/009192.html

"VMF: The Bylaws are going to be as long as War and Peace if we try to
address everything that could possibly go wrong. Earthquakes, floods,
locusts, meteors. The general rule should be that if the Chair “fails” for
some reason to send out the Exclusion Notices, it does not affect the
validity of the Exclusion Notices. However, if the member does not file the
Exclusion Notice properly, it would affect the validity of the notice. I
hope the difference is clear. "

This was then countered with
https://cabforum.org/pipermail/public/2017-January/009196.html
"The previous proposed resolution was to require Exclusion Notices be
submitted to the public at cabforum.org list. This avoids some of the
ambiguity, but seems to materially overlap with the IPR Policy (Section
4.3). My hope was that we might find a way within the bylaws to accomodate
this, without the corresponding IPR Policy change, but it may be that the
latter is unavoidable. Equally, the 'uncertainty' aspect is one we could
also accept - and it would be a matter for the Courts to evaluate the
evidence as to whether the Exclusion was valid. If that's the direction we
want to go, it seems useful if we can quantify anything that would make
that a more concrete, and less nebulous, matter to ascertain."

This change was introduced in
https://cabforum.org/pipermail/public/2017-January/009261.html , with the
previous version having been
https://cabforum.org/pipermail/public/2017-January/009183.html

I think you can see this understanding was at least shared by Apple's
Lawyers who drafted this, that "send Exclusion Notices to the Public Mail
list as a safeguard" was specifically meant to address the set of scenarios
we now face with votes being sent.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Peter Bowen via Public]

> On Apr 18, 2017, at 12:12 PM, Ryan Sleevi via Public  
> wrote:
> 
> On Tue, Apr 18, 2017 at 2:48 PM, Geoff Keating  > wrote:
> I’m really not sure what the issue is here.  Microsoft sent their vote to the 
> public mailing list before the deadline.  The message was posted on the 
> public mailing list (by Kirk) in a reasonably timely manner.  I don’t see any 
> conflict with the bylaws.
> 
> I also see no point in litigating this.  If this ballot fails solely for this 
> reason it will surely be submitted again and will pass.  In fact I would 
> lobby for Apple to support the re-ballot instead of abstaining, purely to 
> discourage rules lawyering.
> 
> I think if the result is that a subsequent Ballot was held, then the concerns 
> would be meaningfully addressed and the result would be unambiguous and 
> uncontested. Further, there would be no uncertainty that our Bylaws, and the 
> protections afforded by them, are meaningful, and the ability of the Forum to 
> self-regulate is not questioned. Surely that's a clear and desirable goal, 
> regardless of the position of rules lawyering.
> 
> I would suggest that had this not been a 'tiebreaker' vote, the concern about 
> accepting Microsoft's vote would not be an issue. [...]
> 
> The issue we're presented now is whether we value our Bylaws - and the 
> protections afforded by them, for all members - over the results. A position 
> that suggests it's acceptable to accept this vote, because a revote "will 
> pass", suggests that the results are more important. And in valuing such 
> results, we undermine the protections, and thus undermine the ability of 
> members to participate and of the Forum to self-regulate.

Ryan,

Am I understanding correctly that Google’s concern is that the ambiguity of 
whether this ballot had the proper majority required could result in a member 
with Essential Claims privately determining that the ballot did not pass, that 
the initiation of the Review period was therefore illegitimate, and therefore 
the license required by the IPR agreement does not apply?

Thanks,
Peter___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 3:58 PM, Jeremy Rowley 
wrote:
>
> In your view, the act of submission does not require authorization to post
> on the Public Mail List, does not require acceptance by the Public Mail
> List, nor does it require distribution as part of the public mail list.
> Your view is that "All voting will take place via the Public Mail List"
> does not correspond with the deadline of "Members shall have exactly seven
> days for voting" - that is, provided that a vote is (eventually) shared on
> the Public Mail List, that the requirement is met.
>
>
>
> [JR] Correct. If the bylaws meant the vote needed to be distributed to the
> Forum through the public mailing list during the allotted time, the wording
> would have stated such. Instead, the author chose to use the word submitted
> despite the previous sentence mandating that all voting occur on the
> mailing list. Either its poor drafting or the intent was that the
> submission is sufficient.
>

The wording does though, within Section 5.2, by stating that:
"The following materials shall be posted to the Public Mail List or Public
Web Site:"

and then continuing
"(c) Messages formally proposing a Forum ballot (including ballots to
establish, modify, or terminate Working Groups), individual votes, vote and
quorum counts, and messages announcing ballot outcomes and voting
breakdowns. "

It would appear you're suggesting that "sent" and "posted" are distinct.
That is, that Section 5.2 merely states that "Messages formally proposing a
Forum ballot" must eventually appear on the Public Mail List, but that, by
logical extension of the context for voting, this only needs to occur at
some point in the future, and not necessarily in conjunction with the
disclosure of the Ballot.

This interpretation is based upon Section 2.2(d), which states that "the
deadline clearly communicated in the ballot and sent via the Public Mail
List."

Since this is the same method of disclosing votes, is it reasonable to
conclude that you believe it is a valid interpretation of our Bylaws that
members may, in a coordinated enterprise, ensure their submissions to the
public mail list are delayed (for example, using a "send delay" or by
temporarily blocking communication the public list), coordinate their votes
with eachother and, upon conclusion of such a Ballot, direct the Chair to
post to the Public Mail List?

This is the interpretation that naturally results from suggesting that
"sent via the Public Mail List" and "All voting will take place via the
Public Mail List" are not required to appear on the Public Mail List within
the alotted time, and that eventual consistency is sufficient.


>
>
> Is it consistent, then, that the act of "submitted Exclusion Notices" does
> not require confirmation of the receipt by the Chair? If the Chair claims
> not to have received an Exclusion Notice after the 3 business days
> afforded, is that exclusion valid?
>
> [JR] Yes. That is why the bylaws in (g) mandate that the exclusion notices
> also be sent to the Public Mailing list as a safeguard.
>

But this is the problem. The interpretation you're seemingly advocating is
that "sent" merely indicates TO. This is clearly evidenced in Phillip
Hallam-Baker's proposed definition for "sent". As a consequence of this,
the Bylaws in (g) do not provide assurances that the actual message will be
received and/or posted, but will, by the same interpretation and intent
being argued for here, constitute having met the obligations as "sent" to
the Public Mailing List.

Put more explicitly, if we accept "sent" merely means adding to the To: (or
using RCPT TO/DATA, as suggested by PHB), then an organization can "submit"
an Exclusion Notice to the Chair (without confirming its receipt), "send"
an Exclusion Notice to the Public Mail List (without ensuring the posting),
and thus exclude an Essential Claim from the Forum's IPR Policy. Further,
the Chair can "distribute" the Exclusion Notices (without confirm its
receipt).

Do you disagree with this conclusion from the interpretation of
sent/submitted? If so, can you clarify?


>
>
> I realize this sounds very much like "Bylawyer-ing", but I hope it
> clarifies the importance of these concerns. If this interpretation of
> "submit" stands, and Microsoft's vote is accepted, it means that Ballot 183
> has failed to meaningfully address the concerns related to IP disclosures,
> in a way that creates a singular and central point of failure or abuse.
> While we assume good faith in all participants, the risk becomes
> unacceptable if there is no assurance that exclusions will either
> meaningfully be disclosed (if done by other parties) or accepted (if done
> on our part). The key advantage of the Forum, carefully negotiated over
> years of effort, which is that of the IP protection for such contributions,
> entirely evaporates.
>
> [JR] I’m okay with bylaw-ering. However, I disagree with your assessment
> on the IP issue. The issue remains with all non-members. T

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

Refusing to count multiple votes from one organization is not the same issue as 
counting a vote received on the public list after the voting period closed. 
They are not analogous as the two scenarios present two different risks.

 

Improper votes are improper votes?

 

[JR] Improper votes are not defined in the bylaws. The only action that is 
defined is “Votes not submitted to the Public Mail List will not be considered 
valid, and will not be counted for any purpose.” The bylaws lack guidance on 
what other non-compliances in the process mean.

The vote was received via the public mailing list (thanks to Kirk forwarding 
the vote), but after the voting period expired. The bylaws don’t dictate that 
the member must make the vote via the public mailing list, just that all voting 
will occur there.

 

To make sure I understand this argument in the context of 
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-Bylaws-v.-1.5.pdf

 

The bylaws state the following:

 

Section 2.2 states:

(d) Upon completion of the discussion period, Members shall have exactly seven 
calendar days for voting, with the deadline clearly communicated in the ballot 
and sent via the Public Mail List. All voting will take place via the Public 
Mail List. Votes not submitted to the Public Mail List will not be considered 
valid, and will not be counted for any purpose. 

 

Section 2.3 states

(c) As described in Section 2.2(d), upon completion of such discussion period, 
Members shall have exactly seven calendar days to vote on a Draft Guideline 
Ballot, with the deadline clearly communicated in the ballot sent via the 
Public Mail List. All voting will take place via the Public Mail List. Votes 
not submitted to the Public Mail List will not be considered valid, and will 
not be counted for any purpose. The Chair may send an email to the Public Mail 
List reminding Members of when the voting period opens and closes. 

 

 

Section 5.2 states:

(c) Messages formally proposing a Forum ballot (including ballots to establish, 
modify, or terminate Working Groups), individual votes, vote and quorum counts, 
and messages announcing ballot outcomes and voting breakdowns.

 

 

The word "submit" occurs 9 times within the Baseline Requirements. Section 2.2, 
Section 2.3, Section 4.1, and Section 5.3. With the exclusion of Section 5.3, 
the references in Section 4.1 all related to "vote submitted" or "votes 
submitted", so we should conclude those are the same.

 

[JR] Agreed. 

 

Within Section 2.3, the following occurrences exist:

 

(f) The Review Period will continue to the end of the 30- or 60-day period, as 
applicable, regardless of the number of Exclusion Notices filed pursuant to the 
IPR Policy during such period, if any. No later than 3 business days after the 
conclusion of the applicable Review Period, the Chair will distribute any 
Exclusion Notices submitted in accordance with Section 4.2 of the IPR Policy 
via the Public Mail List; provided, however, that the Chair may distribute such 
Exclusion Notices earlier. 

 

(g) In addition to following the process for submitting Exclusion Notices set 
forth in Section 4 of the IPR Policy, Members will also send Exclusion Notices 
to the Public Mail List as a safeguard. 

 

 

In your view, the act of submission does not require authorization to post on 
the Public Mail List, does not require acceptance by the Public Mail List, nor 
does it require distribution as part of the public mail list. Your view is that 
"All voting will take place via the Public Mail List" does not correspond with 
the deadline of "Members shall have exactly seven days for voting" - that is, 
provided that a vote is (eventually) shared on the Public Mail List, that the 
requirement is met. 

 

[JR] Correct. If the bylaws meant the vote needed to be distributed to the 
Forum through the public mailing list during the allotted time, the wording 
would have stated such. Instead, the author chose to use the word submitted 
despite the previous sentence mandating that all voting occur on the mailing 
list. Either its poor drafting or the intent was that the submission is 
sufficient. 

 

Is it consistent, then, that the act of "submitted Exclusion Notices" does not 
require confirmation of the receipt by the Chair? If the Chair claims not to 
have received an Exclusion Notice after the 3 business days afforded, is that 
exclusion valid?

[JR] Yes. That is why the bylaws in (g) mandate that the exclusion notices also 
be sent to the Public Mailing list as a safeguard.

 

I realize this sounds very much like "Bylawyer-ing", but I hope it clarifies 
the importance of these concerns. If this interpretation of "submit" stands, 
and Microsoft's vote is accepted, it means that Ballot 183 has failed to 
meaningfully address the concerns related to IP disclosures, in a way that 
creates a singular and central point of failure or abuse. While we assume good 
faith in all participants, the risk becomes

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 3:21 PM, Jeremy Rowley 
wrote:

> Refusing to count multiple votes from one organization is not the same
> issue as counting a vote received on the public list after the voting
> period closed. They are not analogous as the two scenarios present two
> different risks.
>

Improper votes are improper votes?


> The vote was received via the public mailing list (thanks to Kirk
> forwarding the vote), but after the voting period expired. The bylaws don’t
> dictate that the member must make the vote via the public mailing list,
> just that all voting will occur there.
>

To make sure I understand this argument in the context of
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-Bylaws-v.-1.5.pdf

The bylaws state the following:

Section 2.2 states:
(d) Upon completion of the discussion period, Members shall have exactly
seven calendar days for voting, with the deadline clearly communicated in
the ballot and sent via the Public Mail List. All voting will take place
via the Public Mail List. Votes not submitted to the Public Mail List will
not be considered valid, and will not be counted for any purpose.

Section 2.3 states
(c) As described in Section 2.2(d), upon completion of such discussion
period, Members shall have exactly seven calendar days to vote on a Draft
Guideline Ballot, with the deadline clearly communicated in the ballot sent
via the Public Mail List. All voting will take place via the Public Mail
List. Votes not submitted to the Public Mail List will not be considered
valid, and will not be counted for any purpose. The Chair may send an email
to the Public Mail List reminding Members of when the voting period opens
and closes.


Section 5.2 states:
(c) Messages formally proposing a Forum ballot (including ballots to
establish, modify, or terminate Working Groups), individual votes, vote and
quorum counts, and messages announcing ballot outcomes and voting
breakdowns.


The word "submit" occurs 9 times within the Baseline Requirements. Section
2.2, Section 2.3, Section 4.1, and Section 5.3. With the exclusion of
Section 5.3, the references in Section 4.1 all related to "vote submitted"
or "votes submitted", so we should conclude those are the same.

Within Section 2.3, the following occurrences exist:

(f) The Review Period will continue to the end of the 30- or 60-day period,
as applicable, regardless of the number of Exclusion Notices filed pursuant
to the IPR Policy during such period, if any. No later than 3 business days
after the conclusion of the applicable Review Period, the Chair will
distribute any Exclusion Notices *submitted *in accordance with Section 4.2
of the IPR Policy via the Public Mail List; provided, however, that the
Chair may distribute such Exclusion Notices earlier.

(g) In addition to following the process for *submitting *Exclusion Notices
set forth in Section 4 of the IPR Policy, Members will also send Exclusion
Notices to the Public Mail List as a safeguard.


In your view, the act of submission does not require authorization to post
on the Public Mail List, does not require acceptance by the Public Mail
List, nor does it require distribution as part of the public mail list.
Your view is that "All voting will take place via the Public Mail List"
does not correspond with the deadline of "Members shall have exactly seven
days for voting" - that is, provided that a vote is (eventually) shared on
the Public Mail List, that the requirement is met.

Is it consistent, then, that the act of "submitted Exclusion Notices" does
not require confirmation of the receipt by the Chair? If the Chair claims
not to have received an Exclusion Notice after the 3 business days
afforded, is that exclusion valid?


I realize this sounds very much like "Bylawyer-ing", but I hope it
clarifies the importance of these concerns. If this interpretation of
"submit" stands, and Microsoft's vote is accepted, it means that Ballot 183
has failed to meaningfully address the concerns related to IP disclosures,
in a way that creates a singular and central point of failure or abuse.
While we assume good faith in all participants, the risk becomes
unacceptable if there is no assurance that exclusions will either
meaningfully be disclosed (if done by other parties) or accepted (if done
on our part). The key advantage of the Forum, carefully negotiated over
years of effort, which is that of the IP protection for such contributions,
entirely evaporates.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

Refusing to count multiple votes from one organization is not the same issue as 
counting a vote received on the public list after the voting period closed. 
They are not analogous as the two scenarios present two different risks.

 

The vote was received via the public mailing list (thanks to Kirk forwarding 
the vote), but after the voting period expired. The bylaws don’t dictate that 
the member must make the vote via the public mailing list, just that all voting 
will occur there. 

 

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via 
Public
Sent: Tuesday, April 18, 2017 1:12 PM
To: Geoff Keating 
Cc: Ryan Sleevi ; CA/Browser Forum Public Discussion List 

Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

 

On Tue, Apr 18, 2017 at 2:48 PM, Geoff Keating mailto:geo...@apple.com> > wrote:

I’m really not sure what the issue is here.  Microsoft sent their vote to the 
public mailing list before the deadline.  The message was posted on the public 
mailing list (by Kirk) in a reasonably timely manner.  I don’t see any conflict 
with the bylaws.

 

It's unclear if your "really not sure" reflects an uncertainty of the concerns, 
or a disagreement with it. The Bylaws don't permit the process you described.

 

I agree it would have been better if the vote had appeared on the list at the 
time it was sent.

I also see no point in litigating this.  If this ballot fails solely for this 
reason it will surely be submitted again and will pass.  In fact I would lobby 
for Apple to support the re-ballot instead of abstaining, purely to discourage 
rules lawyering.

 

I think if the result is that a subsequent Ballot was held, then the concerns 
would be meaningfully addressed and the result would be unambiguous and 
uncontested. Further, there would be no uncertainty that our Bylaws, and the 
protections afforded by them, are meaningful, and the ability of the Forum to 
self-regulate is not questioned. Surely that's a clear and desirable goal, 
regardless of the position of rules lawyering.

 

I would suggest that had this not been a 'tiebreaker' vote, the concern about 
accepting Microsoft's vote would not be an issue. The Forum, via the Chair, has 
already demonstrated several times that it's willing to abide by the timeliness 
of the votes, regardless of how well-intentioned the delayed votes may be. The 
Forum has also demonstrated that it's willing to discard votes in situations 
where multiple organizations represent the same Member (in the Qihoo 
360/WoSign/StartCom case). In these past cases, there was no issue with 
discarding these votes that did not adhere to the bylaws, because they did not 
have any meaningful impact on the result.

 

The issue we're presented now is whether we value our Bylaws - and the 
protections afforded by them, for all members - over the results. A position 
that suggests it's acceptable to accept this vote, because a revote "will 
pass", suggests that the results are more important. And in valuing such 
results, we undermine the protections, and thus undermine the ability of 
members to participate and of the Forum to self-regulate.

 

The fact that Google voted "No" against this and that Microsoft voted "Yes" is 
not the issue at play. The issue at play is whether or not we adhered to our 
process for adoption.

 

Were it not for Section 2 of Ballot 194, which is entirely improper, if other 
browser members, which use the Baseline Requirements and their audits as part 
of their root program, agree with Ballot 194's goals, then it does seem 
reasonable to incorporate into the BRs. I don't think anyone has suggested the 
BRs represent the best security, or the necessary security, just the minimum 
consistent among all browsers. If some browsers feel that reuse of information 
is acceptable, and others do not, then it's perfectly reasonable to suggest 
that it can be imposed as a root program requirement, unless and until there is 
consensus that the security improvements are worthwhile. This is no different 
than, for example, Mozilla requiring disclosure of subordinate CAs (which the 
BRs do not require), or of Google requiring Certificate Transparency for EV 
certficates (which the EVGs do not require), or of Microsoft requiring 
disclosure of security incidents to them and the ability to revoke certificates 
(with the BRs equally do not require).

 

So I think Apple voting in favor of a reformed Ballot 194, excluding Section 2, 
if it so agrees, would be fine. But let's not confuse the result with the 
concerns about the process and the propriety of it. 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 2:48 PM, Geoff Keating  wrote:

> I’m really not sure what the issue is here.  Microsoft sent their vote to
> the public mailing list before the deadline.  The message was posted on the
> public mailing list (by Kirk) in a reasonably timely manner.  I don’t see
> any conflict with the bylaws.
>

It's unclear if your "really not sure" reflects an uncertainty of the
concerns, or a disagreement with it. The Bylaws don't permit the process
you described.


> I agree it would have been better if the vote had appeared on the list at
> the time it was sent.
>
> I also see no point in litigating this.  If this ballot fails solely for
> this reason it will surely be submitted again and will pass.  In fact I
> would lobby for Apple to support the re-ballot instead of abstaining,
> purely to discourage rules lawyering.
>

I think if the result is that a subsequent Ballot was held, then the
concerns would be meaningfully addressed and the result would be
unambiguous and uncontested. Further, there would be no uncertainty that
our Bylaws, and the protections afforded by them, are meaningful, and the
ability of the Forum to self-regulate is not questioned. Surely that's a
clear and desirable goal, regardless of the position of rules lawyering.

I would suggest that had this not been a 'tiebreaker' vote, the concern
about accepting Microsoft's vote would not be an issue. The Forum, via the
Chair, has already demonstrated several times that it's willing to abide by
the timeliness of the votes, regardless of how well-intentioned the delayed
votes may be. The Forum has also demonstrated that it's willing to discard
votes in situations where multiple organizations represent the same Member
(in the Qihoo 360/WoSign/StartCom case). In these past cases, there was no
issue with discarding these votes that did not adhere to the bylaws,
because they did not have any meaningful impact on the result.

The issue we're presented now is whether we value our Bylaws - and the
protections afforded by them, for all members - over the results. A
position that suggests it's acceptable to accept this vote, because a
revote "will pass", suggests that the results are more important. And in
valuing such results, we undermine the protections, and thus undermine the
ability of members to participate and of the Forum to self-regulate.

The fact that Google voted "No" against this and that Microsoft voted "Yes"
is not the issue at play. The issue at play is whether or not we adhered to
our process for adoption.

Were it not for Section 2 of Ballot 194, which is entirely improper, if
other browser members, which use the Baseline Requirements and their audits
as part of their root program, agree with Ballot 194's goals, then it does
seem reasonable to incorporate into the BRs. I don't think anyone has
suggested the BRs represent the best security, or the necessary security,
just the minimum consistent among all browsers. If some browsers feel that
reuse of information is acceptable, and others do not, then it's perfectly
reasonable to suggest that it can be imposed as a root program requirement,
unless and until there is consensus that the security improvements are
worthwhile. This is no different than, for example, Mozilla requiring
disclosure of subordinate CAs (which the BRs do not require), or of Google
requiring Certificate Transparency for EV certficates (which the EVGs do
not require), or of Microsoft requiring disclosure of security incidents to
them and the ability to revoke certificates (with the BRs equally do not
require).

So I think Apple voting in favor of a reformed Ballot 194, excluding
Section 2, if it so agrees, would be fine. But let's not confuse the result
with the concerns about the process and the propriety of it.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Geoff Keating via Public]

I’m really not sure what the issue is here.  Microsoft sent their vote to the 
public mailing list before the deadline.  The message was posted on the public 
mailing list (by Kirk) in a reasonably timely manner.  I don’t see any conflict 
with the bylaws.

I agree it would have been better if the vote had appeared on the list at the 
time it was sent.

I also see no point in litigating this.  If this ballot fails solely for this 
reason it will surely be submitted again and will pass.  In fact I would lobby 
for Apple to support the re-ballot instead of abstaining, purely to discourage 
rules lawyering.



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 1:50 PM, Phillip Hallam-Baker 
wrote:

> Well if you think trying to toss out a vote on an absurd technicality to
> be ‘the spirit of comity, respect, and productive contribution’.
>

Phillip,

I can understand you may disagree with the concerns, but I hope you do not
disagree that there are valid concerns. I will note that a number of
members and Interested Parties - Eric Mill, Peter Bowen, Gervase Markham,
Dean Coclin - have agreed with the fact that there IS an issue here.

Regardless of your personal feelings about the ballot, or those of your
employer, I do hope you can see how having a contested vote, decided by a
tiebreaker ballot, that at very best was questionable as to whether it
followed the Bylaws, which introduces IP encumbrances and obligations, and
which the Chair has to date disregarded these concerns and proposed a
'majority rule via Doodle poll' is, from a legal perspective, undesirable.

If the Forum is unable to follow its Bylaws, it calls into question whether
or not the organization is able to adhere to its Antitrust Policy, and
calls into question whether or not the organization's IP Policy between
members is enforceable. I encourage you that, regardless of whether you
personally feel they are legitimate, you speak with the rest of your
organization, and in particular, their legal team. Your colleague Robin
routinely reads out the Antitrust Statement on behalf of the Forum. If the
Forum cannot follow its Bylaws, or disputes whether or not it is engaging
in a practice that would be anti-competitive on the basis of a doodle poll
by the Chair, you surely can understand the challenges that would face.

If you would take a moment to understand these concerns, and recognize that
this can and should be resolved by a Ballot among the Forum, it would be
greatly appreciated. Alternatively, I would request that you work with your
colleagues to ensure your views represent the formal views of Comodo, and
that your contributions are in that spirit. I have certainly been working
with our team here at Google to make sure to firmly and clearly articulate
these concerns, because if this process is adopted as valid, then our
concerns about the CA/Browser Forum being unable to follow its Bylaws will
be realized.

This is a serious matter. Please treat it as such.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Phillip Hallam-Baker via Public]

Well if you think trying to toss out a vote on an absurd technicality to be 
‘the spirit of comity, respect, and productive contribution’.

 

 

 

From: Ryan Sleevi [mailto:sle...@google.com] 
Sent: Tuesday, April 18, 2017 11:33 AM
To: phill...@comodo.com
Cc: CA/Browser Forum Public Discussion List 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

 

On Tue, Apr 18, 2017 at 11:28 AM, phill...@comodo.com 
<mailto:phill...@comodo.com>  mailto:phill...@comodo.com> 
> wrote:

The best use you could make of your time would be to let this absurd argument 
drop.

 

Thank you for embodying the spirit of comity, respect, and productive 
contribution.

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 11:28 AM, phill...@comodo.com 
wrote:

> The best use you could make of your time would be to let this absurd
> argument drop.
>

Thank you for embodying the spirit of comity, respect, and productive
contribution.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[philliph--- via Public]

The best use you could make of your time would be to let this absurd argument 
drop.


> On Apr 18, 2017, at 11:24 AM, Ryan Sleevi  wrote:
> 
> 
> 
> On Tue, Apr 18, 2017 at 11:20 AM, philliph--- via Public  > wrote:
> 'Votes not submitted to the Public Mail...’
> 
> If we are going to be hyper pedantic about this, nobody disputes that the 
> vote was submitted to the Public Mail list. It is therefore a valid vote.
> 
> Yes, multiple people do. Because you're ignoring both the surrounding 
> paragraph and the Bylaws.
> 
> Would you like me to provide you a full analysis about how this approach is 
> factually incorrect?
>  
> If we are to be hyper pedantic, let us consider the precise meaning of RFC 
> 5821, section 3.3 in which the process of submitting a message is described.
> 
> Did Microsoft execute a MAIL command?
> Did Microsoft execute a RCPT command?
> Did Microsoft execute a DATA command?
> 
> The answer to these is yes and thus Microsoft completed all the necessary 
> steps for submission of the vote. The failure to forward the vote to the list 
> subscribers was due entirely to the configuration of the mail system, a 
> factor over which Microsoft had not control. 
> 
> Thus, according to the bylaws, the vote is valid and shall be counted.
> 
> This is perhaps the most useful new argument, but fails to address any of the 
> broader concerns.
> 
> To make best use of my time, can you clarify: Have you read the entire Bylaws 
> before making this argument? Have you read the concerns to date? Would it be 
> useful for your further discussion to point out the many ways in which your 
> position is at conflict with them? 
> 

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Tue, Apr 18, 2017 at 11:20 AM, philliph--- via Public <
public@cabforum.org> wrote:

> 'Votes not submitted to the Public Mail...’
>
> If we are going to be hyper pedantic about this, nobody disputes that the
> vote was submitted to the Public Mail list. It is therefore a valid vote.
>

Yes, multiple people do. Because you're ignoring both the surrounding
paragraph and the Bylaws.

Would you like me to provide you a full analysis about how this approach is
factually incorrect?


> If we are to be hyper pedantic, let us consider the precise meaning of RFC
> 5821, section 3.3 in which the process of submitting a message is described.
>
> Did Microsoft execute a MAIL command?
> Did Microsoft execute a RCPT command?
> Did Microsoft execute a DATA command?
>
> The answer to these is yes and thus Microsoft completed all the necessary
> steps for submission of the vote. The failure to forward the vote to the
> list subscribers was due entirely to the configuration of the mail system,
> a factor over which Microsoft had not control.
>
> Thus, according to the bylaws, the vote is valid and shall be counted.
>

This is perhaps the most useful new argument, but fails to address any of
the broader concerns.

To make best use of my time, can you clarify: Have you read the entire
Bylaws before making this argument? Have you read the concerns to date?
Would it be useful for your further discussion to point out the many ways
in which your position is at conflict with them?
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[philliph--- via Public]

'Votes not submitted to the Public Mail...’

If we are going to be hyper pedantic about this, nobody disputes that the vote 
was submitted to the Public Mail list. It is therefore a valid vote.


I note that in making the claims to the contrary, people have

1) Stated that Microsoft’s intent in casting the ballot does not matter.
2) The intent to which the rule is meant to serve does.

Well if intent should be accepted for one or neither.


If we are to be hyper pedantic, let us consider the precise meaning of RFC 
5821, section 3.3 in which the process of submitting a message is described.

Did Microsoft execute a MAIL command?
Did Microsoft execute a RCPT command?
Did Microsoft execute a DATA command?

The answer to these is yes and thus Microsoft completed all the necessary steps 
for submission of the vote. The failure to forward the vote to the list 
subscribers was due entirely to the configuration of the mail system, a factor 
over which Microsoft had not control. 

Thus, according to the bylaws, the vote is valid and shall be counted.



> On Apr 16, 2017, at 9:40 PM, Kirk Hall via Public  wrote:
> 
> Eric, look again at the rule:
>  
> *** All voting will take place via the Public Mail List. Votes not submitted 
> to the Public Mail List will not be considered valid, and will not be counted 
> for any purpose.
>  
> In this case, Microsoft’s vote did take place “via the Public Mail List”.  
> It’s vote was submitted “to the Public Mail List”.  To be hyper technical, 
> the Bylaw does not say the vote must APPEAR on the list during the voting 
> period (just that the vote must occur), and any number of things can prevent 
> a message to the Public list from being forwarded – I have had my messages 
> trapped or even disappear before.
>  
> I think it’s unfortunate that we are parsing the Bylaws so closely as this – 
> this has always been an informal organization, and getting hung up on 
> interpretations is a waste of time.
>  
> In any case this seems pretty silly, as a repeat vote, with the same 
> retroactive clause, would end up with the same result.
>  
> From: Eric Mill [mailto:e...@konklone.com] 
> Sent: Sunday, April 16, 2017 6:17 PM
> To: CA/Browser Forum Public Discussion List 
> Cc: Kirk Hall 
> Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 
> 193 Provisions is in the VOTING period (ends April 16)
>  
> I don't think Microsoft cast its vote correctly. Microsoft is aware of how 
> the CA/Browser Forum list works, and should have been able to cast a vote 
> from a subscribed member address before the deadline. I think this obligation 
> is especially apparent when their vote is likely to be a tiebreaker.
>  
> Peter's right that there's some greyness to the Bylaws, but I think a plain 
> reading of the text, and its clear intent to have votes be cast where it is 
> publicly attributable to the voter, supports this vote not being validly 
> cast. 
>  
> I'm sure it was a good faith error, but it would not be a good precedent for 
> votes to be counted which were only distributed to and reforwarded by the 
> Chair (or any other member). Unfortunately, since 1 browser vote is the 
> difference between success and failure, this probably points to needing a 
> revote.
>  
> -- Eric
>  
> On Sun, Apr 16, 2017 at 9:07 PM, Kirk Hall via Public  > wrote:
> Ryan, it’s kind of unseemly for one browser to try to block the vote of 
> another browser.  Google were the only Forum member to vote no on this ballot 
> – 20 CAs and 2 browsers voted yes. Clearly the consensus of the members is in 
> favor of this ballot, and technically Microsoft cast its vote correctly, even 
> if it was not forwarded by our server.  I would suggest you reconsider 
> following this line.
>  
> From: Public [mailto:public-boun...@cabforum.org 
> ] On Behalf Of Ryan Sleevi via Public
> Sent: Sunday, April 16, 2017 6:03 PM
> To: CA/Browser Forum Public Discussion List  >
> Cc: Ryan Sleevi mailto:sle...@google.com>>
> Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 
> 193 Provisions is in the VOTING period (ends April 16)
>  
> To that end, this was a concern raised nearly a year ago when discussing what 
> would become Ballot 174, with respect to Section 9.16.3
>  
> https://cabforum.org/pipermail/public/2016-April/007468.html 
>  and 
> https://cabforum.org/pipermail/public/2016-April/007480.html 
> 
>  
> There is certainly precedent within the Forum that "posted" shall mean 
> available for access via the archives, as that can be objectively measured 
> and quantified. I do not believe we can reasonably argue that "posted" shall 
> mean sent to this address. It cannot be shown, for example, that Microsoft 
> did not block the posting on their end, thereby

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 17/04/17 20:07, Ryan Sleevi via Public wrote:
> I think this is the crux of the matter at hand. There are different
> interpretations of “posting” and interpreting it one way or the
> other is the cause of the issue. Looking at “entirety” is one way.
> Looking at “intent” is another. 

If we want to figure out what "posting" means, we should look at the
ballot where that language was introduced:
https://cabforum.org/2012/07/25/ballot-79-mailing-list-usage/

Here's one of the provisions of that ballot:

"2) Draft minutes of Forum meetings (both virtual and in-person, and
including any sub-groups or committees) will be posted to the private
list to allow members to make sure they are being correctly reported."

If the concept of "posting" were allowed to include "sending but not
getting through", how could this make any sense? Members cannot make
sure they are being correctly reported if they can't read the message
with the minutes in.

It seems clear to me that the meaning of "posting" in the original
ballot which introduced that language includes the concept of successful
delivery to list members.

Gerv
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 17/04/17 19:47, Dean Coclin via Public wrote:
> I think this is the crux of the matter at hand. There are different
> interpretations of “posting” and interpreting it one way or the other is
> the cause of the issue. Looking at “entirety” is one way. Looking at
> “intent” is another.

If intent were normative, then my life would be easier in dealing with
CA misissuance and BR violations, because almost all of them are
unintended, and so I should treat the CA as if they had succeeded in
their goal of producing compliant certs :-)

> I remember a time when we did not have public voting. Then a change was
> made, with the intent being to inject transparency into the voting
> process and publicly disclose where CAs and Browsers came down on
> issues. It would seem this intent is satisfied by the chair’s disclosure
> of the votes online.

Without saying I don't trust the chair :-), there's a lot of difference
between putting your name to something, and someone else reporting that
you've put your name to it.

Gerv
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Mon, Apr 17, 2017 at 2:47 PM, Dean Coclin 
wrote:

> “Unless it can be demonstrated that this message was received by all
> participants subscribed, and was able to be crawled and index by an
> Internet search engine, I do not believe you can argue that the "posting"
> requirement has been met. We must look at the entirity of the Bylaws, and
> choosing this particular interpretation is not consistent.”
>
>
>
>
>
> I think this is the crux of the matter at hand. There are different
> interpretations of “posting” and interpreting it one way or the other is
> the cause of the issue. Looking at “entirety” is one way. Looking at
> “intent” is another.
>
>
> I remember a time when we did not have public voting. Then a change was
> made, with the intent being to inject transparency into the voting process
> and publicly disclose where CAs and Browsers came down on issues. It would
> seem this intent is satisfied by the chair’s disclosure of the votes online.
>

We discussed this during the adoption of public voting and the public mail
list, however. That is, in the conversations leading up to that, there was
the discussion about whether to have 'secret ballot' approaches (all votes
sent to Chair) or whether to have on-list public votes, with the conclusion
being the latter.

To ensure all members understand the history related to these changes:
Ballot 73 - https://cabforum.org/2012/05/11/ballot-73-public-mail-list/ -
introduced the public mailing list
Ballot 79 - https://cabforum.org/2012/07/25/ballot-79-mailing-list-usage/ -
introduced the deference to do things publicly
Ballot 98 - https://cabforum.org/2013/02/22/ballot-98-public-voting/ -
required that all voting happen on the public list


> I’m not arguing either way, just pointing out the viewpoints.
>
>
>
> So what are the possible solutions?:
>
> 1.   Do not count Microsoft’s vote. The ballot then fails. I’m
> guessing the proponents will post a new ballot stating the same thing and
> is voted on again. The bylaw ambiguity should be clarified in a different
> ballot.
>
> 2.   Count Microsoft’s vote. The ballot passes. Clarify the bylaw
> ambiguity in a new ballot.
>
>
>
> These are really the only possible ways forward under our bylaws. The
> Chair and Vice-Chair can’t be asked to make a ruling since they could be
> biased one way or the other on the outcome.
>

Thanks for stating that Dean, because that really is the crux of the
matter. I agree with you that neither the Chair nor the Vice-Chair can or
should be asked to serve as "tie-breakers" or "interpreters at large" of
the Bylaws. They exist to facilitate and honor the Bylaws, but not to offer
their interpretation in a privileged place beyond that of any other member.
Thus, to decide #2 - whether to count Microsoft's vote - the process is
what we do for all such matters, which is the formalization of a Ballot.
We've done Ballots like this in the past, without touching on documents, as
reflected in Ballot 77 -
https://cabforum.org/2012/06/07/ballot-77-emergency-extension-of-ipr-requirements/
- and the (failed) Ballot 82 -
https://cabforum.org/2012/07/31/ballot-82-extend-ipr-introduction-timetable/

When it came to deciding process, we've used Ballots such as Ballot 85 -
https://cabforum.org/2012/08/24/ballot-85-governance-reform/ - to define a
process and reflect members agreement on that process. Most notably, it
spells out an agreement first and foremost that the process was correct,
and then, and only then, did it proceed to executing that process. This was
done to ensure there was consensus on the process.

>From this perspective, if we were to accept Microsoft's vote, it raises the
question about whether the Ballot is retroactively changing the Bylaws (if
it succeeds). This is understandably troubling, as discussed during Ballots
180 - 182, as it suggests our bylaws are flexible to the point that
retroactive IP risk may be introduced for members. This is part of why we
so strongly objected to the approach the Chair used with respect to
interpreting the execution of these Ballots, and why we supported the
further clarifications in Ballot 183 as a necessary condition before
introducing any further ballots using such an ad-hoc and unsupported
approach.

Thus, it argues that Option 1 is the correct, unambiguous, and with
precedent approach to resolve this issue. If this Ballot succeeds on its
merits, it's clear that there's not agreement that the current language
represents the Baseline of security, and that's perfectly fine and
appropriate, and allows for other members to appropriately reflect that
within their policies, should they so wish. This may be the most desirable
outcome for everyone regardless, and so it seems entirely reasonable and
appropriate to go forward on that.

Regarding the "Section 2" of the Ballot, the outcome of Ballot 194 in no
way changes how the Baseline Requirements applies to new certificate
issuance, so there is no additional 'risk' in conducting this second
ba

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

There’s a third option, but the results are the same as #1. IMO, the current 
results fall in a grey area not adequately addressed by the CAB Forum process. 
Therefore, the results of the ballot are “Indeterminant” (or something similar) 
as the process required by the bylaws wasn’t followed. Although the net result 
is the same as “fail” (meaning the ballot didn’t pass), an indicator that 
something unexpected happened preserves a more accurate historical record and 
avoids some of the negativity of the word “fail”. 

 

Regardless, I think the forum should move to a better voting platform than 
email. There’s better solutions out there than email that retain public 
disclosure but aren’t as susceptible to errors.

 

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Dean Coclin via 
Public
Sent: Monday, April 17, 2017 12:47 PM
To: Ryan Sleevi ; CA/Browser Forum Public Discussion List 

Cc: Dean Coclin 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

“Unless it can be demonstrated that this message was received by all 
participants subscribed, and was able to be crawled and index by an Internet 
search engine, I do not believe you can argue that the "posting" requirement 
has been met. We must look at the entirity of the Bylaws, and choosing this 
particular interpretation is not consistent.”

 

 

I think this is the crux of the matter at hand. There are different 
interpretations of “posting” and interpreting it one way or the other is the 
cause of the issue. Looking at “entirety” is one way. Looking at “intent” is 
another. 


I remember a time when we did not have public voting. Then a change was made, 
with the intent being to inject transparency into the voting process and 
publicly disclose where CAs and Browsers came down on issues. It would seem 
this intent is satisfied by the chair’s disclosure of the votes online.

 

I’m not arguing either way, just pointing out the viewpoints.

 

So what are the possible solutions?:

1.  Do not count Microsoft’s vote. The ballot then fails. I’m guessing the 
proponents will post a new ballot stating the same thing and is voted on again. 
The bylaw ambiguity should be clarified in a different ballot.
2.  Count Microsoft’s vote. The ballot passes. Clarify the bylaw ambiguity 
in a new ballot.

 

These are really the only possible ways forward under our bylaws. The Chair and 
Vice-Chair can’t be asked to make a ruling since they could be biased one way 
or the other on the outcome.

 

 

 

From: Ryan Sleevi [mailto:sle...@google.com] 
Sent: Monday, April 17, 2017 11:22 AM
To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >
Cc: Kirk Hall mailto:kirk.h...@entrustdatacard.com> >; Dean Coclin mailto:dean_coc...@symantec.com> >
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

 

On Mon, Apr 17, 2017 at 11:06 AM, Dean Coclin via Public mailto:public@cabforum.org> > wrote:

Speaking as former chair, I would like to offer my observations on this:

 

1.   I think everyone was unaware and surprised to see that a vote was 
counted from Microsoft since it did not appear on the public list

2.   Kirk, being cc’d on the message, would have no idea that the message 
didn’t make the public list. He saw the public list in the address field

3.   Gordon, as the sender of the message, would also be unaware that he 
did not have posting privs to the public list (unless the listserv notified him 
afterwards-Wayne-does our list serv do this?)

4.   Kirk counted the vote, unaware that the message never made it to the 
list but seeing it addressed to the list, assumed it did.

5.   I assume Gordon voted because Jody was away and unable to vote. 
(Suggestion for MSFT-Good idea to have a backup with posting privs ;-))

6.   In my opinion, Microsoft did nothing wrong and was following our 
bylaws in placing their vote in good faith

 

I agree with you on all of these points, and do not want any of the concerns 
with Kirk's proposed resolution to be discounted on that, until this point, 
there was a good faith engagement on both Microsoft and Kirk's part, even if 
flawed.

 

7.   Would it have made a difference if they did not cc Kirk, not get their 
vote counted and then come out with a note saying, “Hey I voted, Here’s the 
email”? Maybe. Someone could claim that it was a fake email and there might be 
a whole other set of circumstances we’d have to deal with. But since Kirk was 
cc’d (and presumably the chair is not complicit with Microsoft) then it’s 
reasonable to say the vote is valid.

Under what basis with our Bylaws?

8.   The bylaws state that “votes not submitted to the public list will not 
be counted”. However, this vote was submitted to the public list. But the 
pu

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Dean Coclin via Public]

“Unless it can be demonstrated that this message was received by all 
participants subscribed, and was able to be crawled and index by an Internet 
search engine, I do not believe you can argue that the "posting" requirement 
has been met. We must look at the entirity of the Bylaws, and choosing this 
particular interpretation is not consistent.”


I think this is the crux of the matter at hand. There are different 
interpretations of “posting” and interpreting it one way or the other is the 
cause of the issue. Looking at “entirety” is one way. Looking at “intent” is 
another.

I remember a time when we did not have public voting. Then a change was made, 
with the intent being to inject transparency into the voting process and 
publicly disclose where CAs and Browsers came down on issues. It would seem 
this intent is satisfied by the chair’s disclosure of the votes online.

I’m not arguing either way, just pointing out the viewpoints.

So what are the possible solutions?:

1.   Do not count Microsoft’s vote. The ballot then fails. I’m guessing the 
proponents will post a new ballot stating the same thing and is voted on again. 
The bylaw ambiguity should be clarified in a different ballot.

2.   Count Microsoft’s vote. The ballot passes. Clarify the bylaw ambiguity 
in a new ballot.

These are really the only possible ways forward under our bylaws. The Chair and 
Vice-Chair can’t be asked to make a ruling since they could be biased one way 
or the other on the outcome.



From: Ryan Sleevi [mailto:sle...@google.com]
Sent: Monday, April 17, 2017 11:22 AM
To: CA/Browser Forum Public Discussion List 
Cc: Kirk Hall ; Dean Coclin 

Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)



On Mon, Apr 17, 2017 at 11:06 AM, Dean Coclin via Public 
mailto:public@cabforum.org>> wrote:
Speaking as former chair, I would like to offer my observations on this:


1.   I think everyone was unaware and surprised to see that a vote was 
counted from Microsoft since it did not appear on the public list

2.   Kirk, being cc’d on the message, would have no idea that the message 
didn’t make the public list. He saw the public list in the address field

3.   Gordon, as the sender of the message, would also be unaware that he 
did not have posting privs to the public list (unless the listserv notified him 
afterwards-Wayne-does our list serv do this?)

4.   Kirk counted the vote, unaware that the message never made it to the 
list but seeing it addressed to the list, assumed it did.

5.   I assume Gordon voted because Jody was away and unable to vote. 
(Suggestion for MSFT-Good idea to have a backup with posting privs ;-))

6.   In my opinion, Microsoft did nothing wrong and was following our 
bylaws in placing their vote in good faith

I agree with you on all of these points, and do not want any of the concerns 
with Kirk's proposed resolution to be discounted on that, until this point, 
there was a good faith engagement on both Microsoft and Kirk's part, even if 
flawed.


7.   Would it have made a difference if they did not cc Kirk, not get their 
vote counted and then come out with a note saying, “Hey I voted, Here’s the 
email”? Maybe. Someone could claim that it was a fake email and there might be 
a whole other set of circumstances we’d have to deal with. But since Kirk was 
cc’d (and presumably the chair is not complicit with Microsoft) then it’s 
reasonable to say the vote is valid.
Under what basis with our Bylaws?

8.   The bylaws state that “votes not submitted to the public list will not 
be counted”. However, this vote was submitted to the public list. But the 
public list rejected the email. The bylaws are silent in this case.
If that was all the Bylaws stated, this would be a reasonable, if undesirable, 
conclusion. However, they state more:

(d) Upon completion of the discussion period, Members shall have exactly seven 
calendar days for voting, with the deadline clearly communicated in the ballot 
and sent via the Public Mail List. All voting will take place via the Public 
Mail List. Votes not submitted to the Public Mail List will not be considered 
valid, and will not be counted for any purpose.

Further, this interpretation that "sending to 
public@cabforum.org<mailto:public@cabforum.org> is posting" is not consistent 
with the rest of the Bylaws. If it was, then it would mean that anyone can 
"post to the Public Mail List" by sending to 
public@cabforum.org<mailto:public@cabforum.org>. However, we know that is not 
the case, because our Bylaws specifically govern who can post to the public 
list (3.2(b), 3.3, 5.2)

I want to highlight Section 5.2 for you:
"Anyone else is allowed to subscribe to and receive messages posted to the 
Public Mail List, which may be crawled and indexed by Internet search engines"

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Aaron Kornblum via Public]

Test.

AK

Aaron E. Kornblum | GPM, Governance, Risk Mgt. & Compliance (GRC)
Windows and Devices Group (WDG)
Microsoft Corp.|One Microsoft Way|Redmond, WA 98052
Office (425) 705-3210|Fax (425) 936-7329| aaro...@microsoft.com

-Original Message-
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley 
via Public
Sent: Monday, April 17, 2017 9:46 AM
To: CA/Browser Forum Public Discussion List 
Cc: Jeremy Rowley 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

Agreed. 

-Original Message-
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham 
via Public
Sent: Monday, April 17, 2017 10:45 AM
To: CA/Browser Forum Public Discussion List 
Cc: Gervase Markham 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

On 17/04/17 17:33, Wayne Thayer via Public wrote:
> That is correct. The public list is configured to “discard” messages 
> from non-members, meaning that no rejection notice is sent.

Regardless of anything else, perhaps we should change that setting to "Reject".

Gerv

___
Public mailing list
Public@cabforum.org
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic&data=02%7C01%7Caaronko%40microsoft.com%7Cfa45592fb1d04e49dcf708d485b13ff7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636280443722508878&sdata=LfeYc0pq4ujzRuBw0qs9GFYcLu%2BGzUD3JTKr%2Bjesh1U%3D&reserved=0
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

Agreed. 

-Original Message-
From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Gervase Markham 
via Public
Sent: Monday, April 17, 2017 10:45 AM
To: CA/Browser Forum Public Discussion List 
Cc: Gervase Markham 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

On 17/04/17 17:33, Wayne Thayer via Public wrote:
> That is correct. The public list is configured to “discard” messages 
> from non-members, meaning that no rejection notice is sent.

Regardless of anything else, perhaps we should change that setting to "Reject".

Gerv

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public


smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 17/04/17 17:33, Wayne Thayer via Public wrote:
> That is correct. The public list is configured to “discard” messages
> from non-members, meaning that no rejection notice is sent.

Regardless of anything else, perhaps we should change that setting to
"Reject".

Gerv

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Peter Bowen via Public]

This would appear to be true.  I just tried sending from a mail from an 
unsubscribed account to public@cabforum.org <mailto:public@cabforum.org> and 
didn’t get any bounce message nor did the message end up on the list.  It 
appears that the list blackholes messages that are not from subscribers.

Conversely, persons subscribed who are not members get a bounce message that 
says in part: "Per our bylaws, this list is read-only for non-members.”

Assuming Gordon isn’t subscribed he had no notice that his mail was not 
accepted.

Thanks,
Peter 

> On Apr 17, 2017, at 9:38 AM, Jeremy Rowley via Public  
> wrote:
> 
> So neither Kirk nor Microsoft had any notice that their email didn’t reach 
> the public list? 
>   <>
> From: Public [mailto:public-boun...@cabforum.org 
> <mailto:public-boun...@cabforum.org>] On Behalf Of Wayne Thayer via Public
> Sent: Monday, April 17, 2017 10:34 AM
> To: CA/Browser Forum Public Discussion List  <mailto:public@cabforum.org>>
> Cc: Wayne Thayer mailto:wtha...@godaddy.com>>
> Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of 
> Ballot 193 Provisions is in the VOTING period (ends April 16)
>  
> >> Gordon, as the sender of the message, would also be unaware that he did 
> >> not have posting privs to the public list (unless the listserv notified 
> >> him afterwards-Wayne-does our list serv do this?)
>  
> That is correct. The public list is configured to “discard” messages from 
> non-members, meaning that no rejection notice is sent.
>  
> From: Public  <mailto:public-boun...@cabforum.org>> on behalf of Dean Coclin via Public 
> mailto:public@cabforum.org>>
> Reply-To: CA/Browser Forum Public Discussion List  <mailto:public@cabforum.org>>
> Date: Monday, April 17, 2017 at 8:06 AM
> To: CA/Browser Forum Public Discussion List  <mailto:public@cabforum.org>>, Kirk Hall  <mailto:kirk.h...@entrustdatacard.com>>
> Cc: Dean Coclin mailto:dean_coc...@symantec.com>>
> Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of 
> Ballot 193 Provisions is in the VOTING period (ends April 16)
>  
> ___
> Public mailing list
> Public@cabforum.org <mailto:Public@cabforum.org>
> https://cabforum.org/mailman/listinfo/public 
> <https://cabforum.org/mailman/listinfo/public>

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Wayne Thayer via Public]

Correct – had Gordon been subscribed to the list he could have seen that the 
message wasn’t delivered, but there’s no way to tell if you’re not subscribed.

From: Jeremy Rowley 
Date: Monday, April 17, 2017 at 9:38 AM
To: CA/Browser Forum Public Discussion List 
Cc: Wayne Thayer 
Subject: RE: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

So neither Kirk nor Microsoft had any notice that their email didn’t reach the 
public list?

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Wayne Thayer via 
Public
Sent: Monday, April 17, 2017 10:34 AM
To: CA/Browser Forum Public Discussion List 
Cc: Wayne Thayer 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

>> Gordon, as the sender of the message, would also be unaware that he did not 
>> have posting privs to the public list (unless the listserv notified him 
>> afterwards-Wayne-does our list serv do this?)

That is correct. The public list is configured to “discard” messages from 
non-members, meaning that no rejection notice is sent.

From: Public mailto:public-boun...@cabforum.org>> 
on behalf of Dean Coclin via Public 
mailto:public@cabforum.org>>
Reply-To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Date: Monday, April 17, 2017 at 8:06 AM
To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>, Kirk Hall 
mailto:kirk.h...@entrustdatacard.com>>
Cc: Dean Coclin mailto:dean_coc...@symantec.com>>
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

So neither Kirk nor Microsoft had any notice that their email didn’t reach the 
public list? 

 

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Wayne Thayer via 
Public
Sent: Monday, April 17, 2017 10:34 AM
To: CA/Browser Forum Public Discussion List 
Cc: Wayne Thayer 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

>> Gordon, as the sender of the message, would also be unaware that he did not 
>> have posting privs to the public list (unless the listserv notified him 
>> afterwards-Wayne-does our list serv do this?)

 

That is correct. The public list is configured to “discard” messages from 
non-members, meaning that no rejection notice is sent.

 

From: Public mailto:public-boun...@cabforum.org> 
> on behalf of Dean Coclin via Public mailto:public@cabforum.org> >
Reply-To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >
Date: Monday, April 17, 2017 at 8:06 AM
To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >, Kirk Hall mailto:kirk.h...@entrustdatacard.com> >
Cc: Dean Coclin mailto:dean_coc...@symantec.com> >
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 



smime.p7s
Description: S/MIME cryptographic signature
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Wayne Thayer via Public]

>> Gordon, as the sender of the message, would also be unaware that he did not 
>> have posting privs to the public list (unless the listserv notified him 
>> afterwards-Wayne-does our list serv do this?)

That is correct. The public list is configured to “discard” messages from 
non-members, meaning that no rejection notice is sent.

From: Public  on behalf of Dean Coclin via Public 

Reply-To: CA/Browser Forum Public Discussion List 
Date: Monday, April 17, 2017 at 8:06 AM
To: CA/Browser Forum Public Discussion List , Kirk Hall 

Cc: Dean Coclin 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Mon, Apr 17, 2017 at 11:06 AM, Dean Coclin via Public <
public@cabforum.org> wrote:

> Speaking as former chair, I would like to offer my observations on this:
>
>
>
> 1.   I think everyone was unaware and surprised to see that a vote
> was counted from Microsoft since it did not appear on the public list
>
> 2.   Kirk, being cc’d on the message, would have no idea that the
> message didn’t make the public list. He saw the public list in the address
> field
>
> 3.   Gordon, as the sender of the message, would also be unaware that
> he did not have posting privs to the public list (unless the listserv
> notified him afterwards-Wayne-does our list serv do this?)
>
> 4.   Kirk counted the vote, unaware that the message never made it to
> the list but seeing it addressed to the list, assumed it did.
>
> 5.   I assume Gordon voted because Jody was away and unable to vote.
> (Suggestion for MSFT-Good idea to have a backup with posting privs ;-))
>
> 6.   In my opinion, Microsoft did nothing wrong and was following our
> bylaws in placing their vote in good faith
>

I agree with you on all of these points, and do not want any of the
concerns with Kirk's proposed resolution to be discounted on that, until
this point, there was a good faith engagement on both Microsoft and Kirk's
part, even if flawed.


> 7.   Would it have made a difference if they did not cc Kirk, not get
> their vote counted and then come out with a note saying, “Hey I voted,
> Here’s the email”? Maybe. Someone could claim that it was a fake email and
> there might be a whole other set of circumstances we’d have to deal with.
> But since Kirk was cc’d (and presumably the chair is not complicit with
> Microsoft) then it’s reasonable to say the vote is valid.
>
Under what basis with our Bylaws?

> 8.   The bylaws state that “votes not submitted to the public list
> will not be counted”. However, this vote was submitted to the public list.
> But the public list rejected the email. The bylaws are silent in this case.
>
If that was all the Bylaws stated, this would be a reasonable, if
undesirable, conclusion. However, they state more:

(d) Upon completion of the discussion period, Members shall have exactly
seven calendar days for voting, with the deadline clearly communicated in
the ballot and sent via the Public Mail List. All voting will take place
via the Public Mail List. Votes not submitted to the Public Mail List will
not be considered valid, and will not be counted for any purpose.

Further, this interpretation that "sending to public@cabforum.org is
posting" is not consistent with the rest of the Bylaws. If it was, then it
would mean that anyone can "post to the Public Mail List" by sending to
public@cabforum.org. However, we know that is not the case, because our
Bylaws specifically govern who can post to the public list (3.2(b), 3.3,
5.2)

I want to highlight Section 5.2 for you:
"Anyone else is allowed to subscribe to and receive messages posted to the
Public Mail List, which may be crawled and indexed by Internet search
engines"

Unless it can be demonstrated that this message was received by all
participants subscribed, and was able to be crawled and index by an
Internet search engine, I do not believe you can argue that the "posting"
requirement has been met. We must look at the entirity of the Bylaws, and
choosing this particular interpretation is not consistent.

> 9.   I believe the case Ryan referenced where an IPR exclusion notice
> was sent to the chair was a different circumstance. If memory serves, in
> that situation, the IPR policy specified that the sender only deliver to
> the Chair, not the public list.
>
There were two matters worth highlighting.

One, we had the situation where you were the only one to receive the
notice. In that situation, we accepted that the reading and interpretation
was correct - that was all that was required - and subsequently worked to
resolve that during the PAG process to ensure that notices are sent to the
public mail list as part of the IP review.

Two, we had the situation where you weren't immediately sending Review
Notices following Ballots, or aggregating them, as Ben had done. In this
scenario, we identified several possible resolutions, all of them
consistent with the letter of the Bylaws, which would have included you
sending a 'retroactive' notice that covered all such Ballots. This had
ample precedent, as it was what Ben had done regularly. However, for the
avoidance of doubt and conflict, instead a Ballot was proposed to resolve
this uncertainty and ambiguity, the full documents were readopted, and we
had a process where, despite Kirk's method of Ballots 180 - 182 (and his
similar disregard to comity by his approach of "If you don't like what I'm
doing by fiat, start your own Ballot"), we were able to successfully
resolve any ambiguity.

It does not seem unreasonable, or unprecedented, to highlight that in
matters of conflict, we have a defined

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Dean Coclin via Public]

Speaking as former chair, I would like to offer my observations on this:


1.   I think everyone was unaware and surprised to see that a vote was 
counted from Microsoft since it did not appear on the public list

2.   Kirk, being cc’d on the message, would have no idea that the message 
didn’t make the public list. He saw the public list in the address field

3.   Gordon, as the sender of the message, would also be unaware that he 
did not have posting privs to the public list (unless the listserv notified him 
afterwards-Wayne-does our list serv do this?)

4.   Kirk counted the vote, unaware that the message never made it to the 
list but seeing it addressed to the list, assumed it did.

5.   I assume Gordon voted because Jody was away and unable to vote. 
(Suggestion for MSFT-Good idea to have a backup with posting privs ;-))

6.   In my opinion, Microsoft did nothing wrong and was following our 
bylaws in placing their vote in good faith

7.   Would it have made a difference if they did not cc Kirk, not get their 
vote counted and then come out with a note saying, “Hey I voted, Here’s the 
email”? Maybe. Someone could claim that it was a fake email and there might be 
a whole other set of circumstances we’d have to deal with. But since Kirk was 
cc’d (and presumably the chair is not complicit with Microsoft) then it’s 
reasonable to say the vote is valid.

8.   The bylaws state that “votes not submitted to the public list will not 
be counted”. However, this vote was submitted to the public list. But the 
public list rejected the email. The bylaws are silent in this case.

9.   I believe the case Ryan referenced where an IPR exclusion notice was 
sent to the chair was a different circumstance. If memory serves, in that 
situation, the IPR policy specified that the sender only deliver to the Chair, 
not the public list.

10.   Straw opinion polls, while interesting, can’t be used to determine the 
outcome



Dean

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley 
via Public
Sent: Sunday, April 16, 2017 11:59 PM
To: CA/Browser Forum Public Discussion List ; Kirk Hall 

Cc: Jeremy Rowley 
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

Is there an easy way to tell who in our organization has read or write access 
to the mailing list? If not, and Jody is the primary contributor, how would 
Gordan have known that he couldn’t place the vote? I don’t think the fact 
Microsoft is a member is telling considering that I’m not sure which employees 
have read or write access, despite the fact we have far fewer employees.



From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Eric Mill via 
Public
Sent: Sunday, April 16, 2017 8:17 PM
To: Kirk Hall 
mailto:kirk.h...@entrustdatacard.com>>
Cc: Eric Mill mailto:e...@konklone.com>>; CA/Browser Forum 
Public Discussion List mailto:public@cabforum.org>>
Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)



On Sun, Apr 16, 2017 at 9:40 PM, Kirk Hall 
mailto:kirk.h...@entrustdatacard.com>> wrote:
Eric, look again at the rule:

*** All voting will take place via the Public Mail List. Votes not submitted to 
the Public Mail List will not be considered valid, and will not be counted for 
any purpose.

In this case, Microsoft’s vote did take place “via the Public Mail List”.  It’s 
vote was submitted “to the Public Mail List”.

While maybe you could say it was "submitted to" the list (though I think that 
is questionable), it didn't take place "via" it. It took place via Kirk's 
inbox, which eventually then made it to the public list.

To be hyper technical, the Bylaw does not say the vote must APPEAR on the list 
during the voting period (just that the vote must occur), and any number of 
things can prevent a message to the Public list from being forwarded – I have 
had my messages trapped or even disappear before.

If the mailing list software was screwing up, that'd be a bit different. 
However, this was straightforward user error on a significant vote by a 
long-time member.


I think it’s unfortunate that we are parsing the Bylaws so closely as this – 
this has always been an informal organization, and getting hung up on 
interpretations is a waste of time.

I understand and agree that it's unfortunate. I am just sharing my personal 
opinion as a non-voting member, but I think given all the effort that was just 
put into ensuring that the Bylaws describe a defensible and precise voting 
process, and given the clear plain language intent of the Bylaws, it's worth 
being a stickler and enforcing member discipline on something as fundamental as 
publicly attributable voting.

-- Eric


From: Eric Mill [mailto:e...@konklone.com<mailto:e...@konklone.com>]

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 17/04/17 06:29, Kirk Hall via Public wrote:
> OK, to move this along (and avoid endless back and forth that won’t
> resolve anything), I have created a Doodle poll on whether or not
> Microsoft’s vote on Ballot 194 should be counted.  One vote per member
> please, only members to vote. 

Hi Kirk,

While I appreciate your desire to resolve this situation, it seems that
we have now moved way beyond our bylaws. Nowhere does it say that
disputes over the meaning of the bylaws shall be resolved by a straw poll.

If we are unable to reach agreement on what our bylaws mean, we need to
amend the bylaws and retry the controversial action. There is precedent
for this - it's what we did when there were bylaw-related queries as
part of the big IPR policy reset (which is why it took even longer than
expected). We fixed the bylaws, then we used the fixed bylaws to
re-conduct our IPR process under the IPR policy.

The fact that ballot 194 is time-sensitive is unfortunate, but is not a
relevant fact in determining how we proceed from here.

There is no need to amend the bylaws to fix the problem before any
revote on ballot 194 (under a new ballot number) because we hit an edge
case this time which we are unlikely to hit again now everyone is aware
of it. So I propose we do two things in parallel:

1) Restart the voting process for ballot 194 under a different number

2) Draft a ballot to fix the Bylaws to be clear that only votes made
public via the Public Mailing list are counted. (I would say "appears in
the public archives" is a good proxy for "made public" while being
objectively measurable.)

Gerv

___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Gervase Markham via Public]

On 17/04/17 02:40, Kirk Hall via Public wrote:
> List”.  It’s vote was submitted “to the Public Mail List”.  To be hyper
> technical, the Bylaw does not say the vote must APPEAR on the list
> during the voting period (just that the vote must occur), and any number
> of things can prevent a message to the Public list from being forwarded
> – I have had my messages trapped or even disappear before.

If Gordon had not CCed you on his email, no-one would know about
Microsoft's vote attempt, and this issue would not have arisen. If MS
had then later said "oh, but we tried to vote", you would doubtless have
said "sorry, it's too late". You have certainly done this on previous
occasions, ruling out of court votes that hit the Public Mailing List
after the deadline.

And If I had been the one CCed (if, for example, he had hit Reply to my
vote email to generate his own, as people sometimes do), and _I_ had
later said "Oh, I got a copy of Microsoft's vote, here it is", I'm also
fairly sure you would have ruled it as invalid. Just because Gervase
Markham got a copy makes no difference. The vote didn't end up in the
right place.

But the chair is no different from an ordinary member in this respect -
he does not have the power to vote on behalf of a member. Just because
he happens to be the person counting the votes doesn't mean votes sent
only to him are different to votes sent only to another member such as me.

I can understand that you might not have realised that Microsoft's vote
came only to you, and that the original tabulation of votes was a
genuine mistake. That's not a problem; it's an unusual situation. But
the fix is not to stick to your guns, the fix is to re-tabulate the
votes which were validly posted.

I realise this is irritating, and I realise that a re-vote may well
result in the motion passing, but it is not a good precedent for the
chair to be able to rule that irregular votes are valid, particularly
when they make the difference between pass and fail.

Gerv
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Kirk Hall via Public]

OK, to move this along (and avoid endless back and forth that won’t resolve 
anything), I have created a Doodle poll on whether or not Microsoft’s vote on 
Ballot 194 should be counted.  One vote per member please, only members to 
vote.  I will send the Doodle poll out by separate email to the Management 
list.  We will hold the poll open for seven days.  I will report the final 
result (with names of which members voted, and how they voted) by the Public 
list.

If the majority vote on the Doodle poll is that Microsoft’s vote SHOULD be 
counted, then Ballot 194 will be considered to have been approved by the 
Members.  Those Members who disagree can start a new ballot to the effect that 
Ballot 194 should not be considered to have been approved by the members.  
Because this will not be an amendment to the BRs or the EVGL, it will only be a 
14 day vote (7 days discussion, 7 days voting.), with no Review Period.  The 
result on that new vote will be binding on the Ballot 194 result.

If the majority vote on the Doodle poll is that Microsoft’s vote SHOULD NOT be 
counted, then we will start a new ballot identical to Ballot 194, including the 
retroactivity clause back to the effective date for Ballot 193, which again 
will take 14 days (7 days discussion, 7 days voting), plus a new 30 day Review 
Period under our IPR Policy Agreement.

ALSO, I would ask the Governance Working Group to come up with a procedure to 
be added to our Bylaws that we will follow when there is a dispute by multiple 
members on how to interpret our Bylaws, a Ballot, or a voting result.  I have 
seen a procedure like this in other groups where the Chair makes an initial 
ruling or determination when there is a dispute, and then any Member can 
challenge the ruling and call for a vote of all members.  Looks like we need 
something like that in our Bylaws.

Members – the link to the Doodle poll on this issue will follow shortly.

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Jeremy Rowley 
via Public
Sent: Sunday, April 16, 2017 8:51 PM
To: CA/Browser Forum Public Discussion List 
Cc: Jeremy Rowley 
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

Yes – this is a conundrum that should be fixed. Issues with the mailing list 
could completely screw up a vote. Anyone controlling the mailing list could 
they effectively prevent voting if they decided to manage the mailing list in a 
way to prevent member messages from reaching the mailing list.

I don’t think the public archive should be/is controlling. None of the members 
check the archive to ensure their vote shows up on the list and the archives 
aren’t mentioned in the bylaws.

I’m not sure what happens in the current situation.  As Peter points, the 
bylaws say “Votes not submitted to the mailing list are not considered valid.” 
As this one was submitted to the mailing list, but rejected, it is valid?  
However, as Ryan pointed out “All votes take place via the Public Mail List”, 
which clearly did not happen. The penalty for votes that don’t take place via 
the public mailing list but are submitted to the public mailing list is not 
specified in the bylaws.

What do other groups do in this circumstance?

Jeremy




From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Peter Bowen via 
Public
Sent: Sunday, April 16, 2017 7:17 PM
To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Cc: Peter Bowen mailto:p...@amzn.com>>
Subject: Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

Regardless of this outcome, I think it makes sense to clarify that only votes 
recorded in archives of the public mailing list are counted in the future.  We 
have open voting, so it is unfair to a proposition proponent or opponent if one 
side has information the other does not.  Alternatively we could look into a 
sealed vote system to avoid this in the future.

On Apr 16, 2017, at 6:07 PM, Kirk Hall via Public 
mailto:public@cabforum.org>> wrote:

Ryan, it’s kind of unseemly for one browser to try to block the vote of another 
browser.  Google were the only Forum member to vote no on this ballot – 20 CAs 
and 2 browsers voted yes. Clearly the consensus of the members is in favor of 
this ballot, and technically Microsoft cast its vote correctly, even if it was 
not forwarded by our server.  I would suggest you reconsider following this 
line.

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Ryan Sleevi via 
Public
Sent: Sunday, April 16, 2017 6:03 PM
To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Cc: Ryan Sleevi mailto:sle...@google.com>>
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

To that end, this was a concern raised nearly a year ago when discussing what 
would become Ballot 174, wi

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Jeremy Rowley via Public]

Is there an easy way to tell who in our organization has read or write access 
to the mailing list? If not, and Jody is the primary contributor, how would 
Gordan have known that he couldn’t place the vote? I don’t think the fact 
Microsoft is a member is telling considering that I’m not sure which employees 
have read or write access, despite the fact we have far fewer employees. 

 

 

 

From: Public [mailto:public-boun...@cabforum.org] On Behalf Of Eric Mill via 
Public
Sent: Sunday, April 16, 2017 8:17 PM
To: Kirk Hall 
Cc: Eric Mill ; CA/Browser Forum Public Discussion List 

Subject: Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 
193 Provisions is in the VOTING period (ends April 16)

 

 

 

On Sun, Apr 16, 2017 at 9:40 PM, Kirk Hall mailto:kirk.h...@entrustdatacard.com> > wrote:

Eric, look again at the rule:

 

*** All voting will take place via the Public Mail List. Votes not submitted to 
the Public Mail List will not be considered valid, and will not be counted for 
any purpose.

 

In this case, Microsoft’s vote did take place “via the Public Mail List”.  It’s 
vote was submitted “to the Public Mail List”.  

 

While maybe you could say it was "submitted to" the list (though I think that 
is questionable), it didn't take place "via" it. It took place via Kirk's 
inbox, which eventually then made it to the public list. 

 

To be hyper technical, the Bylaw does not say the vote must APPEAR on the list 
during the voting period (just that the vote must occur), and any number of 
things can prevent a message to the Public list from being forwarded – I have 
had my messages trapped or even disappear before.

 

If the mailing list software was screwing up, that'd be a bit different. 
However, this was straightforward user error on a significant vote by a 
long-time member.

 

 

I think it’s unfortunate that we are parsing the Bylaws so closely as this – 
this has always been an informal organization, and getting hung up on 
interpretations is a waste of time.

 

I understand and agree that it's unfortunate. I am just sharing my personal 
opinion as a non-voting member, but I think given all the effort that was just 
put into ensuring that the Bylaws describe a defensible and precise voting 
process, and given the clear plain language intent of the Bylaws, it's worth 
being a stickler and enforcing member discipline on something as fundamental as 
publicly attributable voting.

 

-- Eric

 

 

From: Eric Mill [mailto:e...@konklone.com <mailto:e...@konklone.com> ] 
Sent: Sunday, April 16, 2017 6:17 PM
To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >
Cc: Kirk Hall mailto:kirk.h...@entrustdatacard.com> >


Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

 

I don't think Microsoft cast its vote correctly. Microsoft is aware of how the 
CA/Browser Forum list works, and should have been able to cast a vote from a 
subscribed member address before the deadline. I think this obligation is 
especially apparent when their vote is likely to be a tiebreaker.

 

Peter's right that there's some greyness to the Bylaws, but I think a plain 
reading of the text, and its clear intent to have votes be cast where it is 
publicly attributable to the voter, supports this vote not being validly cast. 

 

I'm sure it was a good faith error, but it would not be a good precedent for 
votes to be counted which were only distributed to and reforwarded by the Chair 
(or any other member). Unfortunately, since 1 browser vote is the difference 
between success and failure, this probably points to needing a revote.

 

-- Eric

 

On Sun, Apr 16, 2017 at 9:07 PM, Kirk Hall via Public mailto:public@cabforum.org> > wrote:

Ryan, it’s kind of unseemly for one browser to try to block the vote of another 
browser.  Google were the only Forum member to vote no on this ballot – 20 CAs 
and 2 browsers voted yes. Clearly the consensus of the members is in favor of 
this ballot, and technically Microsoft cast its vote correctly, even if it was 
not forwarded by our server.  I would suggest you reconsider following this 
line.

 

From: Public [mailto:public-boun...@cabforum.org 
<mailto:public-boun...@cabforum.org> ] On Behalf Of Ryan Sleevi via Public
Sent: Sunday, April 16, 2017 6:03 PM
To: CA/Browser Forum Public Discussion List mailto:public@cabforum.org> >
Cc: Ryan Sleevi mailto:sle...@google.com> >
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

 

To that end, this was a concern raised nearly a year ago when discussing what 
would become Ballot 174, with respect to Section 9.16.3

 

https://cabforum.org/pipermail/public/2016-April/007468.html and 
https://cabforum.org/pipermail/public/2016-A

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Eric Mill via Public]

On Sun, Apr 16, 2017 at 9:40 PM, Kirk Hall 
wrote:

> Eric, look again at the rule:
>
>
>
> *** All voting will take place via the Public Mail List. Votes not
> submitted to the Public Mail List will not be considered valid, and will
> not be counted for any purpose.
>
>
>
> In this case, Microsoft’s vote did take place “via the Public Mail List”.
> It’s vote was submitted “to the Public Mail List”.
>

While maybe you could say it was "submitted to" the list (though I think
that is questionable), it didn't take place "via" it. It took place via
Kirk's inbox, which eventually then made it to the public list.


> To be hyper technical, the Bylaw does not say the vote must APPEAR on the
> list during the voting period (just that the vote must occur), and any
> number of things can prevent a message to the Public list from being
> forwarded – I have had my messages trapped or even disappear before.
>

If the mailing list software was screwing up, that'd be a bit different.
However, this was straightforward user error on a significant vote by a
long-time member.



> I think it’s unfortunate that we are parsing the Bylaws so closely as this
> – this has always been an informal organization, and getting hung up on
> interpretations is a waste of time.
>

I understand and agree that it's unfortunate. I am just sharing my personal
opinion as a non-voting member, but I think given all the effort that was
just put into ensuring that the Bylaws describe a defensible and precise
voting process, and given the clear plain language intent of the Bylaws,
it's worth being a stickler and enforcing member discipline on something as
fundamental as publicly attributable voting.

-- Eric


>
>
> *From:* Eric Mill [mailto:e...@konklone.com]
> *Sent:* Sunday, April 16, 2017 6:17 PM
> *To:* CA/Browser Forum Public Discussion List 
> *Cc:* Kirk Hall 
>
> *Subject:* [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of
> Ballot 193 Provisions is in the VOTING period (ends April 16)
>
>
>
> I don't think Microsoft cast its vote correctly. Microsoft is aware of how
> the CA/Browser Forum list works, and should have been able to cast a vote
> from a subscribed member address before the deadline. I think this
> obligation is especially apparent when their vote is likely to be a
> tiebreaker.
>
>
>
> Peter's right that there's some greyness to the Bylaws, but I think a
> plain reading of the text, and its clear intent to have votes be cast where
> it is publicly attributable to the voter, supports this vote not being
> validly cast.
>
>
>
> I'm sure it was a good faith error, but it would not be a good precedent
> for votes to be counted which were only distributed to and reforwarded by
> the Chair (or any other member). Unfortunately, since 1 browser vote is the
> difference between success and failure, this probably points to needing a
> revote.
>
>
>
> -- Eric
>
>
>
> On Sun, Apr 16, 2017 at 9:07 PM, Kirk Hall via Public 
> wrote:
>
> Ryan, it’s kind of unseemly for one browser to try to block the vote of
> another browser.  Google were the only Forum member to vote no on this
> ballot – 20 CAs and 2 browsers voted yes. Clearly the consensus of the
> members is in favor of this ballot, and technically Microsoft cast its vote
> correctly, even if it was not forwarded by our server.  I would suggest you
> reconsider following this line.
>
>
>
> *From:* Public [mailto:public-boun...@cabforum.org] *On Behalf Of *Ryan
> Sleevi via Public
> *Sent:* Sunday, April 16, 2017 6:03 PM
> *To:* CA/Browser Forum Public Discussion List 
> *Cc:* Ryan Sleevi 
> *Subject:* [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of
> Ballot 193 Provisions is in the VOTING period (ends April 16)
>
>
>
> To that end, this was a concern raised nearly a year ago when discussing
> what would become Ballot 174, with respect to Section 9.16.3
>
>
>
> https://cabforum.org/pipermail/public/2016-April/007468.html and
> https://cabforum.org/pipermail/public/2016-April/007480.html
>
>
>
> There is certainly precedent within the Forum that "posted" shall mean
> available for access via the archives, as that can be objectively measured
> and quantified. I do not believe we can reasonably argue that "posted"
> shall mean sent to this address. It cannot be shown, for example, that
> Microsoft did not block the posting on their end, thereby preventing proper
> disclosure by preventing egress from their network.
>
>
>
> This is also not the first time in which the Chair has been the only
> recipient of a message, and which the interpretation has resulted in some
> concern. I will note Symantec's previous exclusions, posted only to Dean
> (in his role as the previous chair), created uncertainty and ambiguity with
> respect to whether they abided by the Bylaws.
>
>
>
> I would encourage you, for the avoidance of doubt and conflict, to
> reconsider your position, as I do not believe it is supported by the
> precedent, intent, or bylaws of the Forum.
>
>
>
> On Sun, Ap

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Ryan Sleevi via Public]

On Sun, Apr 16, 2017 at 9:40 PM, Kirk Hall via Public 
wrote:

> Eric, look again at the rule:
>
>
>
> *** All voting will take place via the Public Mail List. Votes not
> submitted to the Public Mail List will not be considered valid, and will
> not be counted for any purpose.
>
>
>
> In this case, Microsoft’s vote did take place “via the Public Mail List”.
> It’s vote was submitted “to the Public Mail List”.  To be hyper technical,
> the Bylaw does not say the vote must APPEAR on the list during the voting
> period (just that the vote must occur), and any number of things can
> prevent a message to the Public list from being forwarded – I have had my
> messages trapped or even disappear before.
>

Kirk,

It is not factually correct that Microsoft's vote occurred via the Public
Mail List. As Peter has pointed out, Microsoft's vote happened via direct
mail to you. It was not received because it was posted to the public mail
list by you, or by any other member.

Do you dispute this simple conclusion? If so, can you provide support and
details as to how the vote occurred?


> I think it’s unfortunate that we are parsing the Bylaws so closely as this
> – this has always been an informal organization, and getting hung up on
> interpretations is a waste of time.
>

As Chair, I would have hoped you would have been more considerate to the
legitimate and reasonable concerns being raised here. Even if you feel it
is a waste of time, it seems wholly inappropriate, in such a role, as to
dismiss legitimate concerns like this.


> In any case this seems pretty silly, as a repeat vote, with the same
> retroactive clause, would end up with the same result.
>

That is not something you can demonstrate, nor have you allowed for any
feedback from any of the abstaining or non-voting members to consider that.

I believe it is highly inappropriate for you to make this statement.
___
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Kirk Hall via Public]

Eric, look again at the rule:

*** All voting will take place via the Public Mail List. Votes not submitted to 
the Public Mail List will not be considered valid, and will not be counted for 
any purpose.

In this case, Microsoft’s vote did take place “via the Public Mail List”.  It’s 
vote was submitted “to the Public Mail List”.  To be hyper technical, the Bylaw 
does not say the vote must APPEAR on the list during the voting period (just 
that the vote must occur), and any number of things can prevent a message to 
the Public list from being forwarded – I have had my messages trapped or even 
disappear before.

I think it’s unfortunate that we are parsing the Bylaws so closely as this – 
this has always been an informal organization, and getting hung up on 
interpretations is a waste of time.

In any case this seems pretty silly, as a repeat vote, with the same 
retroactive clause, would end up with the same result.

From: Eric Mill [mailto:e...@konklone.com]
Sent: Sunday, April 16, 2017 6:17 PM
To: CA/Browser Forum Public Discussion List 
Cc: Kirk Hall 
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

I don't think Microsoft cast its vote correctly. Microsoft is aware of how the 
CA/Browser Forum list works, and should have been able to cast a vote from a 
subscribed member address before the deadline. I think this obligation is 
especially apparent when their vote is likely to be a tiebreaker.

Peter's right that there's some greyness to the Bylaws, but I think a plain 
reading of the text, and its clear intent to have votes be cast where it is 
publicly attributable to the voter, supports this vote not being validly cast.

I'm sure it was a good faith error, but it would not be a good precedent for 
votes to be counted which were only distributed to and reforwarded by the Chair 
(or any other member). Unfortunately, since 1 browser vote is the difference 
between success and failure, this probably points to needing a revote.

-- Eric

On Sun, Apr 16, 2017 at 9:07 PM, Kirk Hall via Public 
mailto:public@cabforum.org>> wrote:
Ryan, it’s kind of unseemly for one browser to try to block the vote of another 
browser.  Google were the only Forum member to vote no on this ballot – 20 CAs 
and 2 browsers voted yes. Clearly the consensus of the members is in favor of 
this ballot, and technically Microsoft cast its vote correctly, even if it was 
not forwarded by our server.  I would suggest you reconsider following this 
line.

From: Public 
[mailto:public-boun...@cabforum.org] On 
Behalf Of Ryan Sleevi via Public
Sent: Sunday, April 16, 2017 6:03 PM
To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Cc: Ryan Sleevi mailto:sle...@google.com>>
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

To that end, this was a concern raised nearly a year ago when discussing what 
would become Ballot 174, with respect to Section 9.16.3

https://cabforum.org/pipermail/public/2016-April/007468.html and 
https://cabforum.org/pipermail/public/2016-April/007480.html

There is certainly precedent within the Forum that "posted" shall mean 
available for access via the archives, as that can be objectively measured and 
quantified. I do not believe we can reasonably argue that "posted" shall mean 
sent to this address. It cannot be shown, for example, that Microsoft did not 
block the posting on their end, thereby preventing proper disclosure by 
preventing egress from their network.

This is also not the first time in which the Chair has been the only recipient 
of a message, and which the interpretation has resulted in some concern. I will 
note Symantec's previous exclusions, posted only to Dean (in his role as the 
previous chair), created uncertainty and ambiguity with respect to whether they 
abided by the Bylaws.

I would encourage you, for the avoidance of doubt and conflict, to reconsider 
your position, as I do not believe it is supported by the precedent, intent, or 
bylaws of the Forum.

On Sun, Apr 16, 2017 at 8:57 PM, Peter Bowen via Public 
mailto:public@cabforum.org>> wrote:
Kirk,

I suspect that the mailing list system rejected this email as Gordon is not 
subscribed to the public mailing list.  The bylaws say: "Votes not submitted to 
the Public Mail List will not be considered valid, and will not be counted for 
any purpose.”

The bylaws do not appear to contemplate what happens if the vote is _submitted_ 
to the mailing list but not accepted.  In this case it was copied to the chair, 
so you alone saw it.  If Gordon had not explicitly copied you, then it would 
not have been counted.  As you were explicitly copied, you received it.

Given that the bylaws say "All voting will take place via the Public Mail 
List”, and the mailing list archives allow verification of whether the email 
was 

Re: [cabfpub] [EXTERNAL]Re: ]RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING period (ends April 16)

[Kirk Hall via Public]

Bylaw 2.2(d) provides as follows:

(d) Upon completion of the discussion period, Members shall have exactly seven 
calendar days for voting, with the deadline clearly communicated in the ballot 
and sent via the Public Mail List. All voting will take place via the Public 
Mail List. Votes not submitted to the Public Mail List will not be considered 
valid, and will not be counted for any purpose.

I don’t know if Gordon has or has not been given permission to use the public 
mailing list, but he did send Microsoft’s vote to the correct address and 
within the deadline.

From: Peter Bowen [mailto:p...@amzn.com]
Sent: Sunday, April 16, 2017 5:57 PM
To: CA/Browser Forum Public Discussion List 
Cc: Kirk Hall 
Subject: [EXTERNAL]Re: [cabfpub] ]RE: Ballot 194 - Effective Date of Ballot 193 
Provisions is in the VOTING period (ends April 16)

Kirk,

I suspect that the mailing list system rejected this email as Gordon is not 
subscribed to the public mailing list.  The bylaws say: "Votes not submitted to 
the Public Mail List will not be considered valid, and will not be counted for 
any purpose.”


The bylaws do not appear to contemplate what happens if the vote is _submitted_ 
to the mailing list but not accepted.  In this case it was copied to the chair, 
so you alone saw it.  If Gordon had not explicitly copied you, then it would 
not have been counted.  As you were explicitly copied, you received it.

Given that the bylaws say "All voting will take place via the Public Mail 
List”, and the mailing list archives allow verification of whether the email 
was posted, I am leaning towards the view that this is not a valid vote.  
However I can see how it is a grey area.

Thanks,
Peter



On Apr 16, 2017, at 5:36 PM, Kirk Hall via Public 
mailto:public@cabforum.org>> wrote:

This is the vote from Microsoft.

From: Gordon Bock [mailto:gb...@microsoft.com]
Sent: Thursday, April 13, 2017 8:46 AM
To: Kirk Hall 
mailto:kirk.h...@entrustdatacard.com>>; 
CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Subject: RE: Ballot 194 - Effective Date of Ballot 193 Provisions is in the 
VOTING period (ends April 16)

Microsoft votes ‘Yes’.

Thanks,
-Gordon

From: Kirk Hall [mailto:kirk.h...@entrustdatacard.com]
Sent: Sunday, April 9, 2017 4:30 PM
To: CA/Browser Forum Public Discussion List 
mailto:public@cabforum.org>>
Subject: Ballot 194 - Effective Date of Ballot 193 Provisions is in the VOTING 
period (ends April 16)

Reminder: Ballot 194 -  Effective Date of Ballot 193 Provisions is in the 
voting period (ends April 16)

Ballot 194 – Effective Date of Ballot 193 Provisions

Purpose of Ballot: Recent Ballot 193 reduced the maximum period for 
certificates and for reuse of vetting data for DV and OV certificates from 39 
months to 825 days.  The effective date for reducing the maximum validity 
period of certificates was specified as March 1, 2018, but no effective date 
was specified for when the reduction of the maximum period for reuse of vetting 
data becomes effective.

It was the intention of the authors of Ballot 193 that the effective date for 
reducing the maximum period for reuse of vetting data under BR 4.2.1 would also 
be March 1, 2018.  This ballot is intended to clarify that intention.  The 
ballot also makes these changes retroactive to the effective date of Ballot 193 
so there is no gap period.

Ballot 193 is in the Review Period (which will end on April 22, 2017), and has 
not yet taken effect.  Bylaw 2.3 states that Ballots should include a “redline 
or comparison showing the set of changes from the Final Guideline section(s) 
intended to become a Final Maintenance Guideline” and that “[s]uch redline or 
comparison shall be made against the Final Guideline section(s) as they exist 
at the time a ballot is proposed”.

To avoid confusion, this Ballot will show the proposed changes to BR 4.2.1 will 
be presented two ways: (1) a comparison of the changes to BR 4.2.1 as it 
existed before Ballot 193 (which is as BR 4.2.1 exists at this time this ballot 
is proposed), and also (2) a comparison of the changes to BR 4.2.1 as it will 
exist after the Review Period for Ballot 193 is completed (assuming no 
Exclusion Notices are filed).

The following motion has been proposed by Chris Bailey of Entrust Datacard and 
endorsed by Ben Wilson of DigiCert, and Wayne Thayer of GoDaddy to introduce 
new Final Maintenance Guidelines for the "Baseline Requirements Certificate 
Policy for the Issuance and Management of Publicly-Trusted Certificates" 
(Baseline Requirements) and the "Guidelines for the Issuance and Management of 
Extended Validation Certificates" (EV Guidelines).

-- MOTION BEGINS --

Ballot Section 1

BR 4.2.1 is amended to read as follows:

[Ballot amendments shown against BR 4.2.1 as it currently exists without the 
changes adopted in Ballot 193]

BR 4.2.1. Performing Identification and Authentication Functions

The certificate request MAY include all factual information about the Applicant