[cabfpub] Potential Discussion Item for Thursday's Call
Ben Wilson
ben.wilson at digicert.com
Tue May 12 22:00:40 UTC 2015
Last week the Policy Review Working Group reviewed version 1.3 of the
Baseline Requirements (BRs) and compared it with version 1.2.5 of the BRs
and RFC 3647. We only got through section 6--we didn't get to Sections 7,
8 or 9. We identified gaps and labelled them as "No Stipulation/Not
Applicable" (Yellow), "Important to Address" (Magenta), "Potential Content"
(Light Blue) (for sections where we thought something should/could go), and
we identified a few places where a cross-reference would avoid redundancy
(Red). See below.
I'll circulate our review of sections 7, 8 and 9 after the next working
group meeting, but I'm sending this out just in case anyone wants to discuss
this on Thursday's call.
BR v.1.3
Title
Title in BR v. 1.2.5 / Proposed Resolution of Gap
1
Introduction
Intro
1.1.
Overview
Scope
1.2.
Document name and Identification
Reserved Certificate Policy Identifiers
1.2.1.
Revisions
Document History
1.2.2.
Relevant Dates
Relevant Compliance Dates
1.3.
PKI Participants
1.3.1.
Certification Authorities
Intro
1.3.2.
Registration Authorities
1.3.3.
Subscribers
1.3.4.
Relying Parties
Intro
1.3.5.
Other Participants
Intro
1.4.
Certificate Usage
Purpose
1.4.1.
Appropriate Certificate Uses
1.4.2.
Prohibited Certificate Uses
No Stipulation
1.5.
Policy administration
Notice to Readers
1.5.1
Organization administering the document
Notice to Readers
1.5.2
Contact Person
Potential content
1.5.3
Person determining CPS suitability for the policy
No Stipulation
1.5.4
CPS approval procedures
No Stipulation
1.6.
Definitions and acronyms
1.6.1.
Definitions
Definitions
1.6.2.
Acronyms
Abbreviations and Acronyms
1.6.3.
References
References
1.6.4.
Conventions
Conventions
2
PUBLICATION AND REPOSITORY RESPONSIBILITIES
Implementation
2.1.
Repositories
Mechanisms
2.2.
Publication of information
Disclosure, Commitment to Comply
2.3.
Time or frequency of publication
Potential content
2.4.
Access controls on repositories
Potential content
3
IDENTIFICATION AND AUTHENTICATION
3.1.
Naming
3.1.1
Types of names
Potential content
3.1.2
Need for names to be meaningful
Important to address
3.1.3
Anonymity or pseudonymity of subscribers
No Stipulation
3.1.4
Rules for interpreting various name forms
Potential content
3.1.5
Uniqueness of names
Important to address
3.1.6
Recognition, authentication, and role of trademarks
Potential content
3.2.
Initial identity validation
3.2.1.
Method to Prove Possession of Private Key
Important to address
3.2.2.
Authentication of Organization and Domain Identity
Verification of Subject Identity Information
3.2.2.1
Identity
Identity
3.2.2.2
DBA/Tradename
DBA/Tradename
3.2.2.3
Verification of Country
Verification of Country
3.2.2.4
Authorization by Domain Name Registrant
Authorization by Domain Name Registrant
3.2.2.5
Authentication for an IP Address
Authentication for an IP Address
3.2.2.6
Wildcard Domain Validation
Wildcard Domain Validation
3.2.2.7
Data Source Accuracy
Data Source Accuracy
3.2.3.
Authentication of Individual Identity
Verification of Individual Applicant
3.2.4.
Non-verified Subscriber Information
Potential content
3.2.5.
Validation of Authority
Authenticity of Certificate Request
3.2.6.
Criteria for Interoperation or Certification
Trust Model
3.3.
Identification and authentication for re-key requests
3.3.1.
Identification and Authentication for Routine Re-key
Age of Certificate Data
3.3.2.
Identification and Authentication for Re-key After Revocation
No Stipulation
3.4.
Identification and authentication for revocation request
Important to address
4
CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS
4.1.
Certificate Application
4.1.1.
Who Can Submit a Certificate Application
Denied List
4.1.2.
Enrollment Process and Responsibilities
Documentation Requirements, Certificate Request
4.2.
Certificate application processing
4.2.1.
Performing Identification and Authentication Functions
Information Requirements, High Risk Requests,
4.2.2.
Approval or Rejection of Certificate Applications
New gTLD Domains
4.2.3.
Time to Process Certificate Applications
No Stipulation
4.3.
Certificate issuance
4.3.1.
CA Actions during Certificate Issuance
Certificate Issuance by a Root CA
4.3.2.
Notification of Certificate Issuance
Potential content
4.4.
Certificate acceptance
No Stipulation
4.5.
Key pair and certificate usage
4.5.1
Subscriber private key and certificate usage
Potential content
4.5.2
Relying party public key and certificate usage
No Stipulation
4.6.
Certificate renewal
Potential content
4.7.
Certificate re-key
Potential content
4.8.
Certificate modification
Potential content
4.9.
Certificate revocation and suspension
4.9.1.
Circumstances for Revocation
4.9.1.1
Reasons for Revoking a Subscriber Certificate
Reasons for Revoking a Subscriber Certificate
4.9.1.2
Reasons for Revoking a Subordinate CA Certificate
Reasons for Revoking a Subordinate CA Certificate
4.9.2.
Who Can Request Revocation
See Section 3.4
4.9.3.
Procedure for Revocation Request
revocation Request, Certificate Problem Reporting
4.9.4.
Revocation Request Grace Period
No Stipulation
4.9.5.
Time within which CA Must Process the Revocation Request
Investigation
4.9.6.
Revocation Checking Requirement for Relying Parties
Potential content
4.9.7.
CRL Issuance Frequency
Repository
4.9.8.
Maximum Latency for CRLs
No Stipulation
4.9.9.
On-line Revocation/Status Checking Availability
OCSP Signing
4.9.10.
On-line Revocation Checking Requirements
Repository, Response for non-issued certificates
4.9.11.
Other Forms of Revocation Advertisements Available
4.9.12.
Special Requirements Related to Key Compromise
4.9.13.
Circumstances for Suspension
Certificate Suspension
4.9.14.
Who Can Request Suspension
Not applicable
4.9.15.
Procedure for Suspension Request
Not applicable
4.9.16.
Limits on Suspension Period
Not applicable
4.10.
Certificate status services
4.10.1.
Operational Characteristics
Deletion of Entries
4.10.2.
Service Availability
Repository, Response, Response Time
4.10.3.
Optional Features
No Stipulation
4.11.
End of subscription
No Stipulation
4.12.
Key escrow and recovery
No Stipulation
5
MANAGEMENT, OPERATIONAL, AND PHYSICAL CONTROLS
Data Security, Objectives, Risk Assessment, Security Plan, System Security
5.1.
Physical security Controls
Important to address
5.2.
Procedural controls
5.2.1.
Trusted Roles
Important to address
5.2.2.
Number of Individuals Required per Task
Private Key Protection
5.2.3.
Identification and Authentication for Trusted Roles
Important to address
5.2.4.
Roles Requiring Separation of Duties
Important to address
5.3.
Personnel controls
5.3.1.
Qualifications, Experience, and Clearance Requirements
Identity and Background Verification
5.3.2.
Background Check Procedures
Important to address
5.3.3.
Training Requirements and Procedures
Training and Skill Level
5.3.4.
Retraining Frequency and Requirements
Training and Skill Level
5.3.5.
Job Rotation Frequency and Sequence
No Stipulation
5.3.6.
Sanctions for Unauthorized Actions
Important to address
5.3.7.
Independent Contractor Controls
Delegation of Functions, General
5.3.8.
Documentation Supplied to Personnel
Important to address
5.4.
Audit logging procedures
5.4.1.
Types of Events Recorded
Documentation, Event Logging, Events, Actions
5.4.2.
Frequency for Processing and Archiving Audit Logs
Important to address
5.4.3.
Retention Period for Audit Logs
Events and Actions
5.4.4.
Protection of Audit Log
Important to address
5.4.5.
Audit Log Backup Procedures
No Stipulation
5.4.6.
Audit Log Accumulation System (internal vs. external)
No Stipulation
5.4.7.
Notification to Event-Causing Subject
No Stipulation
5.4.8.
Vulnerability Assessments
Risk Assessment
5.5.
Records archival
5.5.1.
Types of Records Archived
Important to address
5.5.2.
Retention Period for Archive
Documentation Retention
5.5.3.
Protection of Archive
Important to address
5.5.4.
Archive Backup Procedures
No Stipulation
5.5.5.
Requirements for Time-stamping of Records
No Stipulation
5.5.6.
Archive Collection System (internal or external)
No Stipulation
5.5.7.
Procedures to Obtain and Verify Archive Information
No Stipulation
5.6.
Key changeover
No Stipulation
5.7.
Compromise and disaster recovery
5.7.1.
Incident and Compromise Handling Procedures
Business Continuity
5.7.2.
Recovery Procedures if Computing Resources, ... Are Corrupted
Important to address
5.7.3.
Recovery Procedures After Key Compromise
Important to address
5.7.4.
Business Continuity Capabilities after a Disaster
See Section 5.7.1.
5.8.
CA or RA termination
Important to address
6
TECHNICAL SECURITY CONTROLS
6.1.
Key pair generation and installation
6.1.1.
Key Pair Generation
6.1.1.1
CA Key Pair Generation
Key Generation Ceremony
6.1.1.2
RA Key Pair Generation
Important to address
6.1.1.3
Subscriber Key Pair Generation
Public Key
6.1.2.
Private Key Delivery to Subscriber
Subscriber Privvate Key
6.1.3.
Public Key Delivery to Certificate Issuer
Potential content
6.1.4.
CA Public Key Delivery to Relying Parties
Potential content
6.1.5.
Key Sizes
Cryptographic Algorithm and Key Requirements
6.1.6.
Public Key Parameters Generation and Quality Checking
Cryptographic Algorithm and Key Requirements
6.1.7.
Key Usage Purposes
Certificate Issuance by a Root CA
6.2.
Private Key Protection and Cryptographic Module Engineering Controls
Private Key Protection
6.2.1.
Cryptographic Module Standards and Controls
Potential content
6.2.2.
Private Key (n out of m) Multi-person Control
No Stipulation
6.2.3.
Private Key Escrow
No Stipulation
6.2.4.
Private Key Backup
6.2.5.
See Section 5.2.2.Private Key Archival
Subordinate CA Private Key
6.2.6.
Private Key Transfer into or from a Cryptographic Module
Subordinate CA Private Key
6.2.7.
Private Key Storage on Cryptographic Module
Private Key Protection
6.2.8.
Activating Private Keys
Important to address
6.2.9.
Deactivating Private Keys
Important to address
6.2.10.
Destroying Private Keys
Important to address
6.2.11.
Cryptographic Module Capabilities
No Stipulation
6.3.
Other aspects of key pair management
No Stipulation
6.3.1.
Public Key Archival
No Stipulation
6.3.2.
Certificate Operational Periods and Key Pair Usage Periods
Subscriber Certificates, Validity Period
6.4.
Activation data
Potential content
6.5.
Computer security controls
6.5.1.
Specific Computer Security Technical Requirements
System Security
6.5.2.
Computer Security Rating
No Stipulation
6.6.
Life cycle technical controls
Important to address
6.7.
Network security controls
Important to address
6.8.
Time-stamping
Potential content
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150512/a66c4a5f/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4954 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150512/a66c4a5f/attachment.p7s>
More information about the Public
mailing list