Public discussion (?) conducted on the SCWG GitHub repository

[Dimitris Zacharopoulos (HARICA)]

Dear SCWG Members,

I would like to bring to everyone's attention what seems like an ongoing public discussion on the CA/B Forum SCWG GitHub repository, regarding the draft ballot SC-081.

IMHO, according to the CA/B Forum rules, each CWG should only accept contributions by parties that have signed the IPR Agreement. This has always been a strong position of the Forum for years. IMNAL and would welcome more public participation because not everything posted contains IP risks, just like a large portion of the CABF ballots. For better or worse, some Members have a strong opinion about the IP protections and reviews that are necessary for every ballot. Therefore, the Forum and each WG must be sensitive to contributions that come from non-Members.

Some people in various comments [1] [2], are asking which place would be more "appropriate" for having a public discussion on this -and possibly- other proposals.

My suggestion would be to discuss and agree on some language that can be posted on behalf of the SCWG (by Inigo?) to this particular PR that explains the situation with the IPR Policy and CABF Bylaws, and proposes that this public discussion is conducted either in m.d.s.p. or in CCADB public mailing lists that have specific rules and etiquette, where the CA/B Forum GitHub repositories have none. For Member contributions on GitHub, one could point to the Forum's Code of Conduct, but that applies only to Members that have agreed to abide with them, not everyone else.

I'd be interested to hear other opinions on this matter, especially from the ballot author about how the SCWG should handle this particular case. Let's first check if there are objections to this proposal, or if there are alternative suggestions, before we start drafting something up.


Best regards,
Dimitris.

PS: Clint, you reserved a ballot number but I don't think you have two endorsers as expected to reserve a ballot number. This is not a requirement in the Bylaws or the SCWG Charter but more of an internal agreement. Just noting for future ballot proposers :)

[Mike Shaver]

Hi Dimitris,

I think that a post encouraging people to post to the CCADB list would be a good idea. mdsp doesn't seem like as appropriate a place for this draft ballot, at least to me.

That said, I would recommend leaving that issue in place now that it is the widely-linked location, and letting it "soak up" the more emotionally motivated commentary. (I say this as someone who feels that emotions are a part of reality that should be recognized and respected.) The slight friction of joining the CCADB public list will be a help here.

I recognize that I am not a Member, but I do have pretty extensive experience with publicly-accessible feedback surfaces!

(If someone newly joining the CCADB public list adds another Basecamp forward, though, then I think we should burn the whole thing down and start over using postcards and carbon paper.)

Mike

--
You received this message because you are subscribed to the Google Groups "Server Certificate WG (CA/B Forum)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to servercert-w...@groups.cabforum.org.
To view this discussion on the web visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/7fae8f82-84b7-4066-b05c-48ed034338db%40harica.gr.

[Dimitris Zacharopoulos]

Thanks Mike,

You are not a Voting Member but as an Interested Party who have signed the IPR agreement, you are a CA/B Forum Member.

I'm worried that the lack of posting rules on GitHub may lead to some emotional commentary that we would have no way of handling.

Regarding MDSP not being appropriate, can you please share some more thoughts? Historically these discussions took place in MDSP, which has a much larger audience than CCADB or the CABF.

It's been a while since I subscribed to the CCADB mailing list. Do people know if the list is moderated for subscriptions and if so, how long it takes for subscription requests to be approved?

I guess the same question applies to MDSP


Thanks,

DZ.

Oct 17, 2024 14:10:45 Mike Shaver <mike....@gmail.com>:

To view this discussion on the web visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CADQzZqtPS3%3Dq3YKKoebdc_vpZSPxUBepTkoDicgqyB%2BmGdAkmg%40mail.gmail.com.

[Mike Shaver]

As of relatively recently, at least, CCADB and MDSP are both moderated for first post from a given address (authenticated only by the From: header, heh), and they are approved within a day or so. Of course, that might change if the moderators were inundated with new posters!

Emotional commentary can be handled by ignoring it, I think, unless it rises to the point of things like slurs or meaningful threats. Outright offensive comments can be hidden by someone who is assigned the right privileges, if we are OK with the precedent of policing such things. Alternatively, the issue can be closed to all but organization members, but I worry a bit that it would simply result in other issues being created to complain about it. Closing with a message to point to public@CCADB might well work, though; I could be overthinking it.

As for MDSP, I have had feedback in the past that some participants were less comfortable discussing matters in MDSP, which is “one vendor’s space” under their rules, rather than on a public CCADB list managed by that group’s principles. I of course am happy to post to either, but I don’t have a corporate affiliation of any kind especially neither legal nor PR staff to contend with.

Mike

On Thu, Oct 17, 2024 at 9:06 AM 'Dimitris Zacharopoulos' via Server Certificate WG (CA/B Forum) <server...@groups.cabforum.org> wrote:

Thanks Mike,

You are not a Voting Member but as an Interested Party who have signed the IPR agreement, you are a CA/B Forum Member.

I'm worried that the lack of posting rules on GitHub may lead to some emotional commentary that we would have no way of handling.

Regarding MDSP not being appropriate, can you please share some more thoughts? Historically these discussions took place in MDSP, which has a much larger audience than CCADB or the CABF.

It's been a while since I subscribed to the CCADB mailing list. Do people know if the list is moderated for subscriptions and if so, how long it takes for subscription requests to be approved?

I guess the same question applies to MDSP.

[Rob Stradling]

> Regarding MDSP not being appropriate, can you please share some more thoughts?

Hi Dmitris.  My understanding is that MDSP is intended for topics specific to Mozilla's security policy, whereas the CCADB Public list is for "topics related to CAs and Root Store Programs who use the Common CA Database (CCADB)" (quoting https://groups.google.com/a/ccadb.org/g/public).

Draft ballot SC-081 was not proposed by Mozilla, but it was proposed by another "Root Store Program who uses the CCADB".

> Historically these discussions took place in MDSP

I don't dispute that MDSP was (ab?)used for other topics in the past, but now that the CCADB Public list exists we should use it for its intended purpose.

> , which has a much larger audience than CCADB or the CABF.

Can you provide evidence for that claim?

I don't have visibility into how many members each of those lists has.  Both lists have participant directories, but these are opt-in and so not suitable for sizing the audience.

> It's been a while since I subscribed to the CCADB mailing list. Do people know if the list is moderated for subscriptions and if so, how long it takes for subscription requests to be approved?

https://groups.google.com/a/ccadb.org/g/public says:

'Subscribe by sending email to: public+s...@ccadb.org. Membership requests must provide context for your interest in joining the group. Requests without this information may not be approved.'

> I guess the same question applies to MDSP

https://groups.google.com/a/mozilla.org/g/dev-security-policy says:

'Subscribe by using the button "Ask to join group" and complete the box "Reason for joining". Membership requests must provide context for your interest in joining the group. Requests without this information will be rejected.'

---

From: 'Dimitris Zacharopoulos' via Server Certificate WG (CA/B Forum) <server...@groups.cabforum.org>
Sent: 17 October 2024 14:06
To: server...@groups.cabforum.org <server...@groups.cabforum.org>
Subject: Re: [Servercert-wg] Public discussion (?) conducted on the SCWG GitHub repository

 

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

To view this discussion on the web visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/ed32a08f-4e12-4288-9a7b-9d62a36acfd1%40harica.gr.

[Tim Hollebeek]

Based on current active ballots, the Forum is currently pretty hostile to postcards, so you might have an uphill struggle with that 😊

 

-Tim

 

From: Mike Shaver <mike....@gmail.com>
Sent: Thursday, October 17, 2024 7:10 AM
To: server...@groups.cabforum.org
Subject: Re: [Servercert-wg] Public discussion (?) conducted on the SCWG GitHub repository

 

Hi Dimitris,

To view this discussion on the web visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CADQzZqtPS3%3Dq3YKKoebdc_vpZSPxUBepTkoDicgqyB%2BmGdAkmg%40mail.gmail.com.

[Dimitris Zacharopoulos (HARICA)]

Thanks Rob,

It appears that the majority prefers to redirect the non-Members to the CCADB public list. I see that Clint provided a comment explaining the process for formal participation in the CA/B Forum. Should the group prepare a statement using some elements from Clint's comment an past reactions, and then submit to that PR and every other PR with similar participation? Do people have objections to this approach?

At the same time, the IPR subcommittee is working through a proposal to address the IPR issues with contributions coming from non-Members.


Thank you,
Dimitris.

To view this discussion on the web visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/MW4PR17MB4729AA159DA55E36D5D44E42AA472%40MW4PR17MB4729.namprd17.prod.outlook.com.

[Aaron Gable]

I don't think that any amount of asking or telling people to discuss elsewhere will actually have that effect. The GitHub issue is a convenient place where discussion is already occurring; any serious attempt to shut down discussion there that isn't enforced by software will simply result in outrage and protest -- the Barbara Streisand effect, on a small scale.

Aaron

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/4292ac97-4978-44eb-9fbe-98253913938d%40harica.gr.

[Dimitris Zacharopoulos (HARICA)]

Aaron,

We already see comments that seem to violate the CA/B Forum's CoC. If we have to shut down a discussion where participants have not agreed to the CA/B Forum's Bylaws and disregard the CoC, so be it. The Forum never planned for this type of engagement, but Forums such as CCADB and MDSP have rules and etiquette for participation.

IMO, the CA/B Forum should either prepare something similar or block non-members from posting without rules.


Thanks,
Dimitris.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAEmnErcVEz6ujZCf0i06bd%2BvKwYsi3eCY2WSG245o-3ZaD81ug%40mail.gmail.com.

[Amir Omidi]

> IMO, the CA/B Forum should either prepare something similar or block non-members from posting without rules.

Taking the public out of Public PKI. This would be highly inappropriate and just smells to me of rules/process making when there's really not a need for one. It sucks that the GitHub issue got so much attention, but at the same time I'm glad there is a diversity of voices in the WebPKI community.

CABF has been able to operate for years without a heavy handed process. I don't think one incident creates the necessity to really lock it down. There are periods where stricter participation rules can (and probably should) be implemented. However, having to jump through many hoops to participate during ordinary times seems overkill to me.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/a6cc7209-91a9-4905-a333-003e2fbf6b0f%40harica.gr.

[Aaron Gable]

Sorry Dimitris, we spoke past each other. While I have opinions on whether or not we should shut down discussion, that's not the opinion I'm attempting to express here. What I'm trying to say is that, if we do attempt to shut down discussion on the GitHub repo, then I believe that we must do so using a software enforcement mechanism such as a CLA bot. Simply posting comments that ask people to move discussion elsewhere will result in more protest and outcry on the GitHub PR itself, having the opposite of the intended effect.

Aaron

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAOG%3DJU%2BRet0Sc5atfbUz_EBtL_1ZQF41rPJxPZmpO1AD16WLsw%40mail.gmail.com.

[Dimitris Zacharopoulos (HARICA)]

On 24/10/2024 6:00 μ.μ., 'Amir Omidi' via Server Certificate WG (CA/B Forum) wrote:

> IMO, the CA/B Forum should either prepare something similar or block non-members from posting without rules.

Taking the public out of Public PKI. This would be highly inappropriate and just smells to me of rules/process making when there's really not a need for one. It sucks that the GitHub issue got so much attention, but at the same time I'm glad there is a diversity of voices in the WebPKI community.

There are always rules/processes when there is public discussion involved. CCADB and MDSP have such rules. The CA/B Forum didn't plan for such engagement so there are no specific rules.

All these diverse voices will continue to be heard, but under public forums which have planned for such public discussions and have specific rules already in place.

I wish the Forum could move very quickly and establish a process where non-Members accept and adhere to the same rules as the Members (in regards to the Bylaws, CoC, IPR Agreement).

CABF has been able to operate for years without a heavy handed process. I don't think one incident creates the necessity to really lock it down. There are periods where stricter participation rules can (and probably should) be implemented. However, having to jump through many hoops to participate during ordinary times seems overkill to me.

Amir, having participated in various groups, I must admit that the CA/B Forum is very-very strict in terms of following the Bylaws and rules. For years, even with all Members present, before switching to a different WG meeting, we had to read the entire Antitrust statement multiple times :) IMO the Forum has also maintained very strict interpretations of its Bylaws.

For better or worse, public discussions without rules tend to derail, depending on how controversial a topic is. We want to allow feedback for any topic, regardless if it is controversial or not. We do need to maintain the same level or rules for Members and non-Members, I guess that is my main issue.


Thanks,
Dimitris.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAOG%3DJU%2BRet0Sc5atfbUz_EBtL_1ZQF41rPJxPZmpO1AD16WLsw%40mail.gmail.com.

[Wayne Thayer]

I am in support of trying to redirect the discussion from GitHub to the CCADB list. Aside from the IPR issues, a mailing list is IMO a better medium for this. I think that we can redirect without "shutting down" discussion by simply asking folks who are posting to the PR to repost their comments on the CCADB list, and only responding there. While I realize that this discussion has been going on for a while on the PR, I suspect there's still a lot more to go and it is still worthwhile to make this change.

I would further suggest that we ask for more specific feedback that could help us to refine the implementation timeline (e.g. 'we use vendor X's system, here is why we must use publicly-trusted certs, here are the steps required to automate cert provisioning for this system, and here is a realistic timeline').

Thanks,

Wayne

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/897ced22-b4dc-4d7e-aea3-3b6c70e465aa%40harica.gr.

[Mike Shaver]

Yes, a sort of template for feedback and details on what kinds of feedback we want (yes: regulatory constraints; no: speculation about Clint’s heritage) could be quite useful here, I think.

Mike

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAPh8bk-vDczYy2AhZPysBDm3suioF9fLRq-GUYU%2B3sHskFMAJw%40mail.gmail.com.

[Dimitris Zacharopoulos (HARICA)]

On 31/10/2024 10:59 μ.μ., Wayne Thayer wrote:

I am in support of trying to redirect the discussion from GitHub to the CCADB list. Aside from the IPR issues, a mailing list is IMO a better medium for this. I think that we can redirect without "shutting down" discussion by simply asking folks who are posting to the PR to repost their comments on the CCADB list, and only responding there. While I realize that this discussion has been going on for a while on the PR, I suspect there's still a lot more to go and it is still worthwhile to make this change.

I would further suggest that we ask for more specific feedback that could help us to refine the implementation timeline (e.g. 'we use vendor X's system, here is why we must use publicly-trusted certs, here are the steps required to automate cert provisioning for this system, and here is a realistic timeline').

Thanks,

Wayne

Thanks for the support Wayne.

I drafted something up, re-using some elements from various comments on GitHub, emails from Rob, and Wayne's latest post.

--- BEGIN DRAFT NOTICE ---
This is a notice approved by the CA/B Forum Server Certificate Working Group.

• Formal participation in the CA/Browser Forum, including the Forum's GitHub repositories, is limited to its Members, which include Interested Parties: https://cabforum.org/about/membership/interested-parties/.
• Participation is governed by the Forum's Bylaws (https://cabforum.org/about/bylaws/) which also includes a Code of Conduct (https://cabforum.org/about/bylaws/#exhibit-b-cab-forum-code-of-conduct-the-code).

The CA/B Forum advises individuals that do not wish to formally participate as Members in the CA/B Forum and do not plan to agree to the Forum's Bylaws, Code of Conduct or sign the IPR Agreement, to subscribe and engage to the CCADB Public list which is for "topics related to CAs and Root Store Programs who use the Common CA Database (CCADB)" (quoting https://groups.google.com/a/ccadb.org/g/public).

The Server Certificate Working Group would like to thank the people who took the time to engage in this discussion, and suggests that comments are re-posted on the CCADB list.

The Server Certificate Working Group would also welcome more specific feedback on the CCADB list from the wider community, for example "we use vendor X's system, here is why we must use publicly-trusted certificates, here are the steps required to automate certificate provisioning for this system, and here is a realistic timeline".


Thank you,

CA/B Forum Officer (on behalf of the CA/B Forum Server Certificate WG)

--- END DRAFT NOTICE ---

Suggestions and edits are very much welcome.

Dimitris.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAPh8bk-vDczYy2AhZPysBDm3suioF9fLRq-GUYU%2B3sHskFMAJw%40mail.gmail.com.

[Kenyon A]



Hi All!

First post, hopefully this works..

Currently the only way the public can participate is by emailing the questions mailing list, "Questions from the public may be submitted by email to the Questions list at ques...@cabforum.org" per cabforum.org and the bylaws,

"3.4 Other Parties 

The public may follow the Forum’s activities by reading all postings on the Public Mail List and the Public Web Site. Questions or comments to the Forum may be sent to the Questions Mail List."

Is this still a valid path or do you remove the questions and comments to the questions mailing list and have the public participate in the CCADB Public list only?

Also does this consider other WG's and how the public can participate there?

Kenyon Abbott 

On Oct 31, 2024, at 10:07 PM, 'Dimitris Zacharopoulos (HARICA)' via Server Certificate WG (CA/B Forum) <server...@groups.cabforum.org> wrote:



To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/8870a096-1639-4906-ae0e-5c7829ff45d6%40harica.gr.

[Dimitris Zacharopoulos (HARICA)]

Hi Kenyon,

On 1/11/2024 7:18 π.μ., Kenyon A wrote:



Hi All!

First post, hopefully this works..

Hopefully not the last :-)

Currently the only way the public can participate is by emailing the questions mailing list, "Questions from the public may be submitted by email to the Questions list at ques...@cabforum.org" per cabforum.org and the bylaws,

"3.4 Other Parties 

The public may follow the Forum’s activities by reading all postings on the Public Mail List and the Public Web Site. Questions or comments to the Forum may be sent to the Questions Mail List."

Is this still a valid path or do you remove the questions and comments to the questions mailing list and have the public participate in the CCADB Public list only?

According to the Bylaws, it is the only "official" path for non-Members to ask questions to the Forum and any Working Group.

The "Questions Mail List" is not public. Nothing is deleted from those non-public archives.

Also does this consider other WG's and how the public can participate there?

Yes, when a question arrives at ques...@cabforum.org, it is processed and forwarded to the appropriate WG Chair and Vice-Chair. For example, if a question is related to code signing, it will be forwarded to the Chair and Vice-Chair of the Code Signing Working Group.

Hopefully I covered your questions but if something is still unclear, please let me know.


Thanks,
Dimitris.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/488D1235-2742-46E9-9237-B0B57E532E20%40gmail.com.

[Wayne Thayer]

Thanks Dimitris - I'm satisfied with this notice. I suggest that we also start a thread on the CCADB list when we post this (I'm happy to do that).

- Wayne

[Ben Wilson]

FWIW and for your consideration - this is a draft/example of what maybe should be the CLA and/or Read.me for GitHub:

Contributors License Agreement

By submitting comments, feedback, issues, pull requests, or any other type of contribution ("Contributions") to a CA/B Forum repository, you agree to the CA/B Forum’s Code of Conduct and its Intellectual Property Rights Policy. Please review the terms of those policies carefully.

1. Code of Conduct

Your participation in any CA/B Forum repository implies your acknowledgment and acceptance of the CA/B Forum’s Code of Conduct.  This includes:

* Conducting oneself in a professional, courteous, and respectful manner, ensuring a collaborative and inclusive environment where differing opinions are valued.

* Harassment, bullying, threats, and inflammatory language are strictly prohibited. This includes behavior that could be perceived as intimidating, aggressive, or dismissive toward any individual or group.

* Comments should remain constructive and focused on advancing discussion. Snark, sarcasm, and personal insults directed at individuals or groups are not permitted, as they disrupt constructive dialogue.

* Contributions should add to the intellectual and factual discourse. Content intended solely to provoke, criticize without basis, or derail discussions is unwelcome, as the CA/B Forum aims to foster a productive and solution-oriented atmosphere.

Violations of the Code of Conduct may result in actions ranging from warnings to a permanent ban from participation.

2. Intellectual Property

Your Contributions to any CA/B Forum repository may be considered as royalty-free contributions under the CA/Browser Forum’s Intellectual Property Rights (IPR) Policy, which governs the licensing of intellectual property created or shared during Forum activities.

By making a Contribution, you:

* Grant the CA/Browser Forum and all participants a non-exclusive, perpetual, royalty-free, worldwide license to use, reproduce, modify, display, and distribute your Contribution in any form or medium, as part of the Forum’s work.

* Acknowledge that your Contributions are submitted on a royalty-free basis under the Forum's IPR Policy, and you agree not to assert any patent or other intellectual property claims related to these Contributions.

Please ensure that your Contributions do not contain any third-party proprietary information unless you have obtained all necessary permissions to include such information under these terms.

3. Acknowledgment and Agreement

By making any Contribution to any CA/B Forum repository:

* You acknowledge that you have read and understood the CA/Browser Forum’s Code of Conduct and IPR Policy.

* You agree to abide by the terms of this Contributor License Agreement.

* You confirm that your Contributions are original or that you have the right to submit them under these terms.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CADQzZqvQwtWmoSjR3F%3Dg_YrFucW_Rw8e6%2By3pYuhdfzUbSaFQw%40mail.gmail.com.

[Chris Clements]

Hi Dimitris, Wayne, 

IIRC a majority of the conversation in the October 24, 2024 SCWG was dedicated to the topic of GitHub comments on SC-081, and I understood the general consensus to be:

1. So far, there appears to be only a few good faith comments, but no clear violations of the CoC.

2. Attempting to redirect the ballot conversation, regardless of timing, messaging, or location, creates the opportunity for adverse effect.

3. The IPR Subcommittee agreed that the Forum could implement some type of “lightweight” solution for GitHub comments.

Would it be better to use this as an opportunity to prioritize and deploy the “lightweight” solution across the Forum?

Ben, is the example CLA text you provided considered part of the solution proposed by the IPR Subcommittee?

Thank you

-Chris

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CA%2B1gtaZpemCgf-Y-JsLLeoNSFeu_KHZF3DAn0%2B95zsz04S1Kmg%40mail.gmail.com.

[Ben Wilson]

Hi Chris,

The example CLA text I provided has not been presented yet to the IPR Subcommittee. I posted that language here to get suggestions and feedback.

(One of the issues I have encountered is that the Code of Conduct is not a standalone document anymore - it is now in the Bylaws as Exhibit B without any bookmark to it.)

On a previous call, we discussed whether a CLA bot could help, and I think we concluded that it will not work for comments. Nonetheless, I think that having "something" in place will help address concerns about conduct and IPR issues when they do arise.

How the CLA/Readme is incorporprated into the GitHub remains to be resolved -- however, I do anticipate that the IPR Subcommittee will recommend that we configure a CLA bot -- and so we need language to serve up from that CLA bot. (I have been experimenting with CLA Assistant.)

Ben

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAAbw9mDSZ%2BxndPNiAr9TqJVFzZD_S7y4jM2uw-usYxPq06L3Yw%40mail.gmail.com.

[Dimitris Zacharopoulos (HARICA)]

On 1/11/2024 6:26 μ.μ., 'Chris Clements' via Server Certificate WG (CA/B Forum) wrote:

Hi Dimitris, Wayne, 

IIRC a majority of the conversation in the October 24, 2024 SCWG was dedicated to the topic of GitHub comments on SC-081, and I understood the general consensus to be:

1. So far, there appears to be only a few good faith comments, but no clear violations of the CoC.

I'm not so sure about that. We can talk offline if you want but I would characterize some comments "inappropriate" and in violation of the CoC.

1. Attempting to redirect the ballot conversation, regardless of timing, messaging, or location, creates the opportunity for adverse effect.

I did not get the same understanding for "redirecting" the conversation but for "shutting down" or blocking posting rights to non-members. The group discussed if there is desire to accept input from the general public, which means the Forum should discuss methods to accomplish that in an efficient manner. Until then, it made sense to redirect such feedback to the CCADB public list.

1. The IPR Subcommittee agreed that the Forum could implement some type of “lightweight” solution for GitHub comments.

Yes, this is a long-term solution for the entire Forum, but it will take time.

In the meantime, we probably want to keep the discussion going but in a more appropriate venue which handles matters like etiquette and moderation (if needed).

What do other people think?


Thanks,
Dimitris.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/servercert-wg/CAAbw9mDSZ%2BxndPNiAr9TqJVFzZD_S7y4jM2uw-usYxPq06L3Yw%40mail.gmail.com.