[cabfcert_policy] Trusted roles include roles that involve the following responsibilities:

Moudrick M. Dadashov md at ssc.lt
Thu Mar 10 08:59:10 MST 2016 

Trusted roles include roles that involve the following responsibilities:

- Security Officers: Overall responsibility for administering the 
implementation of the security practices.
- System Administrators: Authorized to install, configure and maintain 
the TSP trustworthy systems for service management.
- System Operators: Responsible for operating the TSP trustworthy 
systems on a day-to-day basis.
Authorized to perform system backup and recovery.
- System Auditors or evaluators: Authorized to view archives and audit 
logs of the TSP trustworthy systems.


On 3/10/2016 5:49 PM, Moudrick M. Dadashov wrote:
> The service of issuing certificates is broken down in the present 
> document into the following component services for the
> purposes of classifying requirements:
> • Registration service: verifies the identity and, if applicable, any 
> specific attributes of a subject. The results of
> this service are passed to the certificate generation service.
> • Certificate generation service: creates and signs certificates based 
> on the identity and other attributes verified
> by the registration service.
> • Dissemination service: disseminates certificates to subjects, and if 
> the subject consents, makes them available
> to relying parties. This service also makes available the TSP's terms 
> and conditions, and any published policy
> and practice information, to subscribers and relying parties.
> • Revocation management service: processes requests and reports 
> relating to revocation to determine the
> necessary action to be taken. The results of this service are 
> distributed through the revocation status service.
> • Revocation status service: provides certificate revocation status 
> information to relying parties. This may be
> based upon certificate revocation lists or a real time service which 
> provides status information on an individual
> basis. The status information may be updated on a regular basis and 
> hence may not reflect the current status of
> the certificate.
> And optionally:
> • Subject device provision service: prepares, and provides or makes 
> available signature-creation devices, or
> other secure user device, to subjects.
>
> On 3/10/2016 5:02 PM, Ben Wilson wrote:
>>
>> Join me here - https://join.me/402-043-277
>>
>>
>>
>> _______________________________________________
>> Policyreview mailing list
>> Policyreview at cabforum.org
>> https://cabforum.org/mailman/listinfo/policyreview
>
>
>
> _______________________________________________
> Policyreview mailing list
> Policyreview at cabforum.org
> https://cabforum.org/mailman/listinfo/policyreview

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/policyreview/attachments/20160310/3208b724/attachment.html

More information about the Policyreview mailing list