[cabf_netsec] Draft Final Report of the NetSec WG

Neil Dunbar ndunbar at trustcorsystems.com
Thu Jun 14 07:42:12 MST 2018


Colleagues,

Following on from the London discussion, I’ve prepared a skeleton document to serve as the basis of the final report, which is attached within. The key takeaways are:

The existing NetSec requirements stink
The other security standards don’t stink, but don’t really fit either
We should keep the NSSRs as the base document, but heavily update them.
We should try to charter a new WG to continue to work on that updating process, but continue as a subcommittee of the SCWG post July 3, until this is done.

What’s missing from the document (apart from common sense, clarity of text and purpose)? The external standards which were considered, but rejected as not particularly good fit. The other members of the WG will be able to fill in those details with better memory than I can. Hopefully we can discuss this at the next meeting. I don’t think that we need be exhaustive in picking out every fault. It’s enough to say “Standard X was considered, but it doesn’t really speak to delegated third party deployments”, or “doesn’t mention multi-party access”, that sort of thing.

Regards,

Neil

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/netsec/attachments/20180614/1dcc183b/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Draft-NetSec-Report.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 132056 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/netsec/attachments/20180614/1dcc183b/attachment-0001.docx>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/netsec/attachments/20180614/1dcc183b/attachment-0003.html>


More information about the Netsec mailing list