[cabfcert_policy] RFC3647 formatted BRs

Ben Wilson ben.wilson at digicert.com
Thu Sep 25 11:03:23 MST 2014 

Jeremy,



As discussed at the Face-to-Face meeting and during today's call, we decided to make assignments so that different groups can work on different sections of the document.  So, here is the sign-up sheet that we'll review during our next call at which anyone on the list who hasn't signed up will be assigned one of these sections.




Section

Title

WG Member(s) Assigned

2.3-2.4

Time or frequency of publication and Access controls on repositories



3.1

Naming



3.2 - 3.4

Initial identity validation / Identification and authentication



4.2 - 4.4

Certificate application, issuance and acceptance



4.5

Key pair and certificate usage



4.6-4.8

Certificate renewal, re-key, modification



4.9.1-4.9.6

Revocation



4.9.7-4.9.16

CRL Issuance Frequency & OCSP



4.10

Certificate status services



4.11-4.12

Key Escrow and Recovery



5.1

Physical controls



5.2

Procedural Controls



5.3

Personnel controls



5.4

Audit logging procedures



5.5

Records Archival



5.6-5.8

Key changeover, Compromise, Disaster Recovery, CA Termination



6.1

Key pair generation and installation



6.2-6.3

Private Key Protection, Controls and Other Aspects



6.4

Activation data



6.5

Computer security controls



6.6

Life cycle technical controls



6.7.1 to 6.7.4

Isolation of Networked Systems to Communications Security



6.7.5 to 6.7.7

Network Monitoring to Penetration Testing



6.8

Time-stamping



7

CERTIFICATE, CRL, AND OCSP PROFILES



8

COMPLIANCE AUDIT AND OTHER ASSESSMENTS



9

OTHER BUSINESS AND LEGAL MATTERS












-----Original Message-----
From: policyreview-bounces at cabforum.org [mailto:policyreview-bounces at cabforum.org] On Behalf Of Jeremy.Rowley
Sent: September 24, 2014 11:53 PM
To: 'policyreview at cabforum.org'
Subject: [cabfcert_policy] RFC3647 formatted BRs



Attached is a 3647 format of the BRs that includes the network security guidelines.  One convenience of using this format is it better lends itself to having a single document that describes all of the requirements related to SSL certs rather than having them spread across three separate documents.



Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/policyreview/attachments/20140925/3345536d/attachment-0001.html

More information about the Policyreview mailing list