[Cscwg-public] Subscriber Private Key Verification - internal or external IT audit
Adriano Santoni
adriano.santoni at staff.aruba.it
Tue May 10 07:42:55 UTC 2022
All,
with reference to method no. 4 of section 16.3.2 ...
> The Subscriber provides an internal or external IT audit indicating
> that it is only using a suitable Hardware Crypto Module to generate
> Key Pairs to be associated with Code Signing Certificates;
>
... I would like to ask if anyone can share a real world example of such
an audit or at least a template thereof.
Adriano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220510/69cc0761/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20220510/69cc0761/attachment.p7s>
More information about the Cscwg-public
mailing list