Forum Infrastructure Working Group

1. Reading of the Anti-Trust Statement
2. Approval of the Minutes
3. Wiki Management and Migration
4. Website Management
5. Document Management
   1. Automation changes and maintenance
   2. Markdown modifications and content changes

Present: Ben, Jos, Ryan

The minutes of the previous meeting were approved

Jos provided an update as to the current status of the wiki. The wiki has been fully migrated to https://wiki.cabforum.org, and a redirect has been setup to redirect from https://www.cabforum.org/wiki to the new page. He mentioned that the oldwiki is still temporarily available at /oldwiki, for any issues that may arise.

Jos is planning to send an update to the Forum as to the status. Ryan suggested that one activity we should do is make sure that any links to the old wiki on the cabforum.org site should be updated. While it's unlikely that there will be links, as the wiki is members only, Ryan recalled that there were a few pages that had historically linked to it. Jos agreed this was a good idea for someone to do.

Jos mentioned that the new wiki's credentials were based on the canonical spreadsheet of membership [1], rather than based on the old wiki's user list. The spreadsheet reflects declared memberships following the adoption of the revised bylaws.

The new wiki allows each WG to have their own separate areas, allowing read-only access to all members, but write-access based on members with that appropriate tag. Tags have been set up for each of the Forum WGs - the Infrastructure WG (transitioning to a Forum subcommittee), the Code Signing WG, and the Server Cert WG.

Ryan raised a suggestion that we should audit/inventory our existing user credential systems. We have the wiki, and we also have a variety of mailing lists with posting privileges. Now that most of the impact from the Bylaws transition has settled, and the migration has largely settled, we should look to take stock about the existing memberships and make sure that our various access controls are consistent. Right now, there's no visibility into who is participating where, and that carries with it IP risks and uncertainty. The suggestion was having a Web-based dashboard that can at least view the set of participants associated with an organization, on a per-organization basis.

Ben raised the suggestion of a desire to have per-user permissions. During the call, we identified permissions as: posting to the mailing list, access to the wiki, proposing/endorsing ballots, voting on ballots, and joining new WGs as all being distinct activities that may be performed. This seemed to be a common challenge, particularly for large organizations with many teams.

While this is an interesting challenge, it's clear there's a lot of work here, and it impacts the Forum at large. The discussion for next steps was to build a holistic list of all the accounts that exist, for all the mailing lists, and to allow members to go through and examine and figure out what is appropriate for their organization. This will then help inform what sort of capabilities are needed from the Forum and from members, and what sort of participation is desired or needed. The proposal is to send this to the management list.

The discussion did not propose a deadline for harmonizing these lists - the first step is understanding the scope of the problem or delta between the canonical membership and the participants, to determine what sort of changes may be needed or desired. However, this list and understanding the scope may help inform a F2F Topic to discuss the scope of the problem and desired outcomes, many of which may involve a modification to the Bylaws to account for.

Ryan raised a question about gathering some of the history of past mailing lists and wiki. Some of the mailing lists require access to be members, but they may have been historic mailing lists of the Forum - would these be accessible to all members, or would they forever be restricted to the membership at the time?

Ryan also mentioned that some Wiki pages did not appear to contain the complete history. Jos mentioned that the edits should have been carried over and imported successfully. During the discussion, it was discovered that edits before 2017-06-13 may have been lost, during a past migration of the Wiki system by GoDaddy. More investigation is needed to see if these edits and history are maintained.

With respect to the mail lists migration, a number of challenges were encountered that have temporarily delayed the migration. These relate to the sending of outbound mail. With the migration, the IPs assigned to the new system are presently in a variety of mail blackhole lists, related to the infrastructure they're on. The existing system uses GoDaddy's mail servers, and thus doesn't have negative spam reputation. Jos was still investigating various solutions, while attempting to be respectful of the time that members had already committed with donating the resources.

Jos mentioned that he was in the process of documenting, on the Wiki, the various bits of CA/Browser Forum infrastructure as part of this migration, to ensure smooth continuity of operations as people transition roles and responsibilities.

Jos now has access to the S3 buckets currently used for publishing the document artifacts, so that the Forum can change how it publishes documents going forward, as needed.

[1] https://docs.google.com/spreadsheets/d/1LIXw9AAbfGfrJODnRK7tzhsSllVA1G3Rvxwv3Z8Cx4w