On 1/1/09 22:34, Gervase Markham wrote:
Ian G wrote:
2. In general, such a group will reject any proposal that appears to
favour one member against another; but they will accept any proposal
that requires the same amount of additional work, and increases the
power of the group. In other words, rejection of internal competition,
promotion of joint franchise power.
Not necessarily. For example, EV could have been said to favour larger
CAs (who are able to offer a global service), and CAs which already had
the infrastructure in place for doing detailed identity vetting. Yet it
was approved.
Well, first point is that it is a model in economics. How each instance
deals with the ramifications of the model does vary.
2nd point would be that, within the model again, the larger players try
and cartelise within the cartel. The study of these groupings is
literally the study for market power, so all sorts of games go on.
Instead they need to find a strategy that provides for joint and
individual benefit, in exchange for the work. Commonly, this is (a)
create a brand, (b) sell the brand, (c) compete against other brands,
and (d) deny the brand to non-members. This achieves both group benefit
and individual membership.
Well, if you are seeing EV as a brand, then in this case there aren't
really other brands to compete against,
Yes, indeed, in this particular case. But, consider the next bunch of
guys who come along and want something like a different colour...
and they can't deny the brand to
non-members, because anyone can take the audits
The key thing here is that the CAB Forum asserts its brand, or can
assert its brand, or can do whatever it likes. This is "business code"
for "its ours" and most serious business people will realise the message
within.
If the CAB Forum were serious about anyone using it, they would have a
regime listed for non-members to use it; and clear and free licences,
like open source. The fact that they don't says "treat as owned."
Also, "anyone can take the audits" is an odd way of looking at an open
process.
and anyway, EV status is
in the gift of the browser manufacturers, not the forum.
Well, unless that is stated in a fairly serious fashion, no serious
business person or lawyer would take that at face value. I'd like to
see the open licence for it!
4. What is notable about the above is that at no time or place is the
user or purchaser necessarily brought into the basic structural
economics. This is why (the theory predicts that) such associations
deliver so little to the *user* in comparison to the relatively large
benefit to the incumbents; the economics doesn't require it, and in
fact the economics fights against it, because to share any bounty with
the users adds more complications for the model. Of course. Hence,
marketing is a strong component of all such associations, because there
is a strong need for perception.
Except that the CAB Forum does no marketing.
Well, all virtual entities do nothing, you can't shake hands with
Mozilla either.
Their members do something on behalf. Some member runs the website and
another member writes the text of the PR, and yet another member writes
emails on lists defending the actions of the group, and absorbing and
neutralising criticisms.
That's marketing!
10. I speak as an interested party of course. My biases are all the
more poignant because the CABForum and its members and criteria directly
and explicitly rule out the activities of myself as an auditor and the
CA I audit. C.f., to join CABForum, you must have a WebTrust audit;
Not so; there is a list of acceptable audit criteria. It includes ETSI.
Right, WebTrust or ETSI. To be clear, I haven't looked at ETSI.
However this does not materially change what I wrote.
But, having commented on those errors of fact, I can't quite see what
you are saying apart from "industry standards bodies are bad". Is that it?
Your question was something like "what is this overwork trap?" I think
To the bare minimum, it would be something like:
Forums that have no buyer representation will naturally tend to increase
the price at the expense of the buyers. This can be shown in various
economic ways as their likely incentives (c.f., game theory, etc). This
goes on until something breaks. E.g., financial markets or meltdown or
a competitive break through like p2p.
So in analysing the CABForum's place in the commercial world, or any
similar organisation, we would have to ask why they don't include buyer
representation. Why they include the vendors is obvious; they need the
"gift" you speak of. But the vendors aren't the buyers.
In analysing CABForum's place in the open source and Internet world, we
would have to ask, why aren't they open? It worked for us, why are they
so different?
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
