CAB Forum Voting is being held up as a small vote turns into a big issue.
A recent Ballot from the CAB Forum is under contention due to procedural errors made by Microsoft, whose vote was a tie-breaker.
The CAB Forum is an organization of Certificate Authorities (CAs) and Browsers who work together to form guidelines and practices for public certificate issuance.
Ballot 194 is attempting to correct unintentional consequences of the previous ballot. Due to wording errors, Ballot 193 will cause a large amount of ‘validation data’ to expire in just a few days. This will be a hassle for CAs and their customers who would need to wait for their information to be re-validated if they wanted to reissue or replace existing certificates.
The voting period for Ballot 194 closed on April 16th. Shortly after, Kirk Hall, the Chair of the CAB Forum, sent an email to the group informing them that the ballot had passed. Within the CAB Forum, each group (the CAs and the Browsers) have to approve a Ballot for it to pass.
The CAs were overwhelmingly in favor of Ballot 194 – all 24 votes cast were in favor of the ballot. But for the browsers, it was a different story. 50% of votes from Browsers needed to be in favor, and as the voting period was ending, it looked like that requirement had not been met.
But Microsoft had voted in favor of the Ballot three days earlier, pushing the Ballot past the 50% mark.
Because Microsoft’s vote was cast by an employee that is not a member of the CAB Forum’s mailing list, his email was rejected and no members of the Forum knew the vote had been made. Only Kirk Hall had seen the vote because he had been CC’d on the email.
Ryan Sleevi of Google pointed out that Microsoft did not follow the proper voting procedures and their vote could not be counted. Without Microsoft’s vote, there would have been only one “Yes” vote from a Browser and the ballot would have failed.
If the vote passes, the CAs will be free of an unintentionally inflected headache. If the vote fails they will need to quickly act to deal with rule changes related to previously validated information.
What makes this even more inane is that even if Microsoft’s vote is invalid, the Ballot can just be re-proposed and this time, assuming everyone votes properly and no votes change, the Ballot will pass.
To outsiders this may seem like pointless pedantry over rules and procedures. If Microsoft’s intention was to vote yet, shouldn’t that be enough? While there is not much at stake in this situation, what about the next time the rules are stretched?
The CAB Forum Bylaws state:
2.2 (d) “Upon completion of the discussion period, Members shall have exactly seven calendar days for voting, with the deadline clearly communicated in the ballot and sent via the Public Mail List. All voting will take place via the Public Mail List. Votes not submitted to the Public Mail List will not be considered valid, and will not be counted for any purpose.”
The debate is over the meaning of the word “submitted.” Does simply sending an email to that address count as a submission, even if the email is never accepted and posted to the list? Or must the email be accepted and archived? In this specific (likely foreseen) scenario, the requirement that “voting will take place via the Public Mail List” also suggests Microsoft’s vote was not properly cast.
However, Hall said that Microsoft’s vote had been sent “to the correct address and within the deadline,” and therefore was counting the vote. After Sleevi upheld his objection, Hall wrote “it’s kind of unseemly for one browser to try to block the vote of another browser. Google were the only Forum member to vote no on this ballot – 20 CAs and 2 browsers voted yes. Clearly the consensus of the members is in favor of this ballot, and technically Microsoft cast its vote correctly, even if it was not forwarded by our server.”
After more emails between members, Hall suggested a straw poll be conducted to determine the fate of the Ballot. This garnered more objections for being an unacceptable way to resolve the issue.
This belabored debate is emblematic of the bigger problems at play.
The CAB Forum has become increasingly divided and contentious. There are persistant disagreements over the future of the Web PKI – specifically issues like revocation checking, the automation of certificate issuance, and certificate validity. The Forum has also had recent issues with governance and intellectual property rights, which stalled many other initiatives and improvements.
Ballot 194 itself is relatively unimportant, but the outcome of this dispute decides more than a ballot. It will set the tone for the Forum. Are we heading towards discord or cooperation?
The fate of the Ballot is currently undecided and both sides are holding their ground.
Personally, I think Microsoft’s vote must not be counted. While it was a simple mistake, and re-doing this process will cause quite a headache for CAs (because the re-vote will not be possible before the very event this Ballot was designed to avoid comes into effect), there is simply too much risk that skirting procedures in this case will be used as precedent in the future.