[cabf_netsec] Weekly github digest (Network Security Working Group)

Infrastructure Bot infra-bot at cabforum.org
Sun Apr 3 07:35:37 UTC 2022 



Issues
------
* cabforum/netsec (+16/-0/💬8)
  16 issues created:
  - Add requirement that private keys corresponding to publicly trusted CAs shall be physically secured (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/19 
  - Add requirement that CAs implement and maintain a Security Program (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/18 
  - Replace "Zones" with more specific terminology (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/17 
  - Clarify "Cannot be leveraged for a denial of service attack" (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/16 
  - Adopt a High-Level Statement of Objectives  (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/15 
  - Restrict the scope of the NCSSRs (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/14 
  - NCSSRs should address wireless security vulnerabilities  (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/13 
  - NCSSRs should address software development vulnerabilities and processes (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/12 
  - Clarify audit documentation required for system configurations (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/11 
  - Allow CAs to claim mitigating factors and compensating controls (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/10 
  - Provide guidance on penetration tests and vulnerability scans  (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/9 
  - Clarify the 96-hour vulnerability remediation process (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/8 
  - Define "Workstation" (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/7 
  - Define "Account" (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/6 
  - Separate the requirements for offline/air-gapped CAs and online CAs (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/5 
  - Define "air-gapped" and "offline" (by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/4 

  4 issues received 8 new comments:
  - #17 Replace "Zones" with more specific terminology (1 by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/17 
  - #15 Adopt a High-Level Statement of Objectives  (2 by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/15 
  - #10 Allow CAs to claim mitigating factors and compensating controls (2 by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/10 
  - #4 Define "air-gapped" and "offline" (3 by BenWilson-Mozilla)
    https://github.com/cabforum/netsec/issues/4 




Repositories tracked by this digest:
-----------------------------------
* https://github.com/cabforum/netsec
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20220403/b7b3866a/attachment.html>

More information about the Netsec mailing list