[cabfcert_policy] RFC3647 formatted BRs

Ben Wilson ben.wilson at digicert.com
Wed Oct 22 16:49:17 MST 2014 

Tim,

You've been assigned Bug 6 - 6.5 Computer Security Controls -
https://bugzilla.cabforum.org/show_bug.cgi?id=6 

Ben

 

From: policyreview-bounces at cabforum.org
[mailto:policyreview-bounces at cabforum.org] On Behalf Of Tim Hollebeek
Sent: Thursday, October 2, 2014 10:53 AM
To: 'policyreview at cabforum.org'
Subject: Re: [cabfcert_policy] RFC3647 formatted BRs

 

I'll volunteer for "Computer security controls".

 

-Tim

 

From: policyreview-bounces at cabforum.org
[mailto:policyreview-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Thursday, September 25, 2014 2:03 PM
To: Jeremy Rowley; 'policyreview at cabforum.org'
Subject: Re: [cabfcert_policy] RFC3647 formatted BRs

 

Jeremy,

 

As discussed at the Face-to-Face meeting and during today's call, we decided
to make assignments so that different groups can work on different sections
of the document.  So, here is the sign-up sheet that we'll review during our
next call at which anyone on the list who hasn't signed up will be assigned
one of these sections.

 

 


Section

Title

WG Member(s) Assigned 


2.3-2.4

Time or frequency of publication and Access controls on repositories

 


3.1

Naming

 


3.2 - 3.4

Initial identity validation / Identification and authentication 

 


4.2 - 4.4

Certificate application, issuance and acceptance

 


4.5

Key pair and certificate usage

 


4.6-4.8

Certificate renewal, re-key, modification

 


4.9.1-4.9.6

Revocation

 


4.9.7-4.9.16

CRL Issuance Frequency & OCSP

 


4.10

Certificate status services

 


4.11-4.12

Key Escrow and Recovery

 


5.1

Physical controls

 


5.2

Procedural Controls

 


5.3

Personnel controls

 


5.4

Audit logging procedures

 


5.5

Records Archival

 


5.6-5.8

Key changeover, Compromise, Disaster Recovery, CA Termination

 


6.1

Key pair generation and installation

 


6.2-6.3

Private Key Protection, Controls and Other Aspects

 


6.4

Activation data

 


6.5

Computer security controls

 


6.6

Life cycle technical controls

 


6.7.1 to 6.7.4

Isolation of Networked Systems to Communications Security

 


6.7.5 to 6.7.7

Network Monitoring to Penetration Testing

 


6.8

Time-stamping

 


7

CERTIFICATE, CRL, AND OCSP PROFILES

 


8

COMPLIANCE AUDIT AND OTHER ASSESSMENTS

 


9

OTHER BUSINESS AND LEGAL MATTERS

 

 

 

 

 

-----Original Message-----
From: policyreview-bounces at cabforum.org
[mailto:policyreview-bounces at cabforum.org] On Behalf Of Jeremy.Rowley
Sent: September 24, 2014 11:53 PM
To: 'policyreview at cabforum.org'
Subject: [cabfcert_policy] RFC3647 formatted BRs

 

Attached is a 3647 format of the BRs that includes the network security
guidelines.  One convenience of using this format is it better lends itself
to having a single document that describes all of the requirements related
to SSL certs rather than having them spread across three separate documents.

 

Jeremy

 

  _____  


This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is strictly prohibited. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/policyreview/attachments/20141022/7066a316/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4998 bytes
Desc: not available
Url : https://cabforum.org/pipermail/policyreview/attachments/20141022/7066a316/attachment-0001.bin

More information about the Policyreview mailing list