[cabfpub] Recent ITU-T meeting

Phillip philliph at comodo.com
Fri Apr 26 09:42:31 MST 2013


On Apr 26, 2013, at 12:35 PM, tScheme Technical Manager wrote:

> Hi Ben,
> 
> I have already been involved in some discussions on what has become TD 131
> and I'm not sure that it's useful to think of the auditors as fulfilling the
> role of "juridical experts" (although they could also decide to offer that
> service). My simplistic understanding is that I as a relying party would
> formally contract with a JE service and then, whenever I receive a
> Certificate (e.g. an SSL certificate when I log on to an e-Commerce site), I
> would send a copy of the certificate to my JE service and ask them whether I
> should trust it or not - i.e. I do not rely on the Browser making that
> decision for me.

That is the omnibroker model.

It makes great sense, unless of course you choose the wrong juridical expert.

Is the document C0010 Rev.1 'Generic Tools to support secure applications' available? Given the source of the proposal it would seem useful to take a look.




> At least that's how I read it!
> 
> Regards
> Richard
> ------------------------------------
> Richard Trevorah
> Technical Manager
> tScheme Limited
> 
> M: +44 (0) 781 809 4728
> F: +44 (0) 870 005 6311
> 
> http://www.tscheme.org
> ------------------------------------
> 
> The information in this message and, if present, any attachments are
> intended solely for the attention and use of the named addressee(s). The
> content of this e-mail and its attachments is confidential and may be
> legally privileged. Unless otherwise stated, any use or disclosure is
> unauthorised and may be unlawful. 
> 
> If you are not the intended recipient, please delete the message and any
> attachments and notify the sender as soon as practicable
> 
> 
> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
> Behalf Of Ben Wilson
> Sent: 26 April 2013 16:59
> To: public at cabforum.org
> Subject: [cabfpub] Recent ITU-T meeting
> 
> All,
> 
> These are from Tony Rutkowski.  Let's discuss them on the list and then
> during next week's telephone call.  
> 
> TD 131 seems to add a new PKI "juridical expert", which might already exist
> in the form of WebTrust/ETSI auditors.  However, I'm not sure, and there may
> be other changes that have not had full peer review.  
> 
> Also attached is the Q11/17 Report with some actions highlighted in yellow,
> as well as proposed changes to X.509.  See TDs 43 and 241.
> 
> Please review and let's discuss.
> 
> Thanks,
> 
> Ben
> 
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public



More information about the Public mailing list