Proposed changes for Mozilla CA-related activity modules
Frank Hecker
A while back Kathleen Wilson was appointed a peer for Mozilla activities
related to approval of CA root certificates to be included in
Mozilla-based products. Since then Kathleen has been doing a great job
of that (as noted in a recent blog post by Johnathan Nightingale), and
it's also become clear that I will never again have time to be actively
engaged in Mozilla CA stuff on a regular basis. I'm therefore making the
following two governance proposals:
1. For the CA certificates module
https://wiki.mozilla.org/Module_Owners_Activities_Modules#CA_Certificates_Module
I propose promoting Kathleen from a peer to being the new module owner,
and move me to being a peer. (I've told Kathleen I'd be happy to provide
advice as needed upon request, even though I can't be regularly involved.)
2. For the CA certificate policy module
I propose appointing Kathleen as a peer, with the expectation of her
moving to module owner in the future. (I'd actually be OK with her being
module owner for this starting now, but I figured the more conservative
approach was as proposed, since technically Kathleen's not even a peer
for this module at the moment.)
I've discussed this with Kathleen and with the group that oversees
module ownership of various Mozilla activities. Reactions thus far have
been positive, but we wanted to open this up to public discussion before
we make these changes official.
Frank
--
Frank Hecker
hec...@hecker.org
Gen Kanai
Gen Kanai
On 8/10/10 12:05 PM, Frank Hecker wrote:
> 1. For the CA certificates module
>
> https://wiki.mozilla.org/Module_Owners_Activities_Modules#CA_Certificates_Module
>
> I propose promoting Kathleen from a peer to being the new module owner,
> and move me to being a peer. (I've told Kathleen I'd be happy to provide
> advice as needed upon request, even though I can't be regularly involved.)
>
> 2. For the CA certificate policy module
>
> https://wiki.mozilla.org/Module_Owners_Activities_Modules#Governance_Submodule:_Mozilla_CA_Certificate_Policy
>
> I propose appointing Kathleen as a peer, with the expectation of her
> moving to module owner in the future. (I'd actually be OK with her being
> module owner for this starting now, but I figured the more conservative
> approach was as proposed, since technically Kathleen's not even a peer
> for this module at the moment.)
--
Gen Kanai
Eddy Nigg
> I've discussed this with Kathleen and with the group that oversees
> module ownership of various Mozilla activities. Reactions thus far
> have been positive, but we wanted to open this up to public discussion
> before we make these changes official.
Kathleen was standing her man very well. ;-)
+1 from me.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: star...@startcom.org
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
Mitchell Baker
Thanks Kathleen, for expanding your role
And many, many thanks Frank for your work in creating these modules,
providing leadership over the years, and for implementing such a
successful transition.
I'm thinking it might be worthwhile to create a mozilla group, or status
of people who have not only created and led modules, but have
successfully mentored new leaders and transitioned leadership to them.
It's an important skill and I'd like to strengthen it within the project.
mitchell
David Ascher
> I'm thinking it might be worthwhile to create a mozilla group, or
> status of people who have not only created and led modules, but have
> successfully mentored new leaders and transitioned leadership to them.
> It's an important skill and I'd like to strengthen it within the project.
Agreed. Figuring out how to gracefully exit a project or sub-project
when life takes you somewhere new is an exceedingly important skill in
any contributor in an open source project. It allows the project to
keep moving as people's relationship with the project changes, allows
new people to take on greater responsibility and thus bring new DNA into
a project, and makes the project bigger than the individuals involved at
any one time.
Someone, maybe Guido van Rossum, taught me that over a decade ago, and
it's a lesson I try to pass on. I don't know how to create the positive
social recognition for that, but I agree it's a worthy goal.
If we have a large enough supply of irony, we could do Mozilla gold
watches, except I think it's a very north-american tradition, in
addition to being anachronistic!
--david
Ben Bucksch
> 2. For the CA certificate policy module
>
> https://wiki.mozilla.org/Module_Owners_Activities_Modules#Governance_Submodule:_Mozilla_CA_Certificate_Policy
>
>
> I propose appointing Kathleen as a peer, with the expectation of her
> moving to module owner in the future. (I'd actually be OK with her
> being module owner for this starting now, but I figured the more
> conservative approach was as proposed, since technically Kathleen's
> not even a peer for this module at the moment.)
I'd like to nominate Johnathan Nightingale as potential owner of this
"policy module" as well.
Ben
Eddy Nigg
>
> I'd like to nominate Johnathan Nightingale as potential owner of this
> "policy module" as well.
>
Ah, Johnath is the Uber-Guru. But I don't think he's going to work on it
on a daily basis or so...Not sure what makes a module owner, but
Kathleen seems to me the logical choice.
Ben Bucksch
> On 08/15/2010 09:48 AM, From Ben Bucksch:
>>
>> I'd like to nominate Johnathan Nightingale as potential owner of this
>> "policy module" as well.
>>
>
> Ah, Johnath is the Uber-Guru.
I don't know Johnathan's current role in the project, I thought he was
the "security/crypto usability/direction guy", and he's done great work
in that respect esp. wrt *use* of crypto in our products.
And for setting policy, you should be "Über-guy", because a policy is
"Über" by nature. :)
Johnathan replied to me by email that he's confident with Kathleen and
will keep tabs on it anyway, so I'll rest this. I hope Johnathan will
keep bringing his input to "how do we use SSL in Mozilla, in practice"
questions.
Eddy Nigg
> I hope Johnathan will keep bringing his input to "how do we use SSL in
> Mozilla, in practice" questions.
+1
Johnathan Nightingale
Yeah, thanks for all the love, Eddy and Ben, but Kathleen's the right
one for this job.
I have strong opinions on much of this, and Kathleen and I talk often
about how to approach things, but she is the one, every day, devoted
to getting our root program as healthy as possible and her record of
ownership over the last few years has been outstanding. Wait times are
down, we finally have up to date audit reports for every CA, we've
removed a significant batch of dormant CAs, we have a retirement plan
for MD5, and we have live points of contact at each CA whenever
problems come up. All of that, all of it, is a credit to Kathleen's
work. In the upcoming months, she'll be starting the discussion about
a rewriting/updating of our CA policy, and so I think this move comes
at a great time.
Of course, I'm not going anywhere, either. :)
J
---
Johnathan Nightingale
Director of Firefox Development
joh...@mozilla.com