[cabf_netsec] Comments from WebTrust

Moudrick M. Dadashov md at ssc.lt
Thu May 10 10:24:08 MST 2018

Also some other terms for consideration (ETSI EN 319 411-1):

*Registration service*: verifies the identity and if applicable, any 
specific attributes of a subject. The results of this service are passed 
to the certificate generation service.
NOTE 2: This service includes proof of possession of non-CA generated 
subject private keys.

*Certificate generation service*: creates and signs certificates based 
on the identity and other attributes verified by the registration 
service. This can include key generation.

*Dissemination service*: disseminates certificates to subjects, and if 
the subject consents, makes them available to relying parties. This 
service also makes available the TSP's terms and conditions, and any 
published policy and practice information, to subscribers and relying 

*Revocation management service*: processes requests and reports relating 
to revocation to determine the necessary action to be taken. The results 
of this service are distributed through the revocation status service.

*Revocation status service*: provides certificate revocation status 
information to relying parties.

*Subject device provision service* (optional): prepares, and provides or 
makes available secure cryptographic devices, or other secure devices, 
to subjects.


On 5/10/2018 8:05 PM, Ben Wilson via Netsec wrote:
> Here are today’s edits to the attachment sent to us by Tim Crawford a 
> few months ago.
> _______________________________________________
> Netsec mailing list
> Netsec at cabforum.org
> http://cabforum.org/mailman/listinfo/netsec

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/netsec/attachments/20180510/5d13feba/attachment.html>

More information about the Netsec mailing list