[cabfpub] Teleconference agenda - CA/B Forum - 2 May 2013
kirk_hall at trendmicro.com
kirk_hall at trendmicro.com
Tue Apr 30 14:58:35 MST 2013
Ben - thanks for sending out the link to the NIST document. I will miss the first 30 minutes of our call, so let me offer my thoughts on the NIST Reference Certificate Policy, http://csrc.nist.gov/publications/drafts/nistir-7924/draft_nistir_7924.pdf
I think it would be a mistake for the Forum to require members to edit their CPs/CPSs to match a NIST template. I would say that none of the CA breaches to date are the result of inadequate CPs/CPSs as documents, and the more complex a CA's CPS becomes, the greater chance that it simply becomes wallpaper and won't be followed with any real fidelity.
On the other hand, I DO think it would be very valuable to analyze the NIST CP document for its substantive requirements, especially in security areas, and where appropriate strengthen the existing BRs and our draft Security Guidelines for later incorporation in updated the WebTrust / ETSI audit requirements.
Put another way, so long as we extract the best practices from the NIST document and put them in our CA requirements that are annually audited, I don't think there's any real need to include them in our CPSs (which are already dense enough and hard for the public to read).
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Tuesday, April 30, 2013 2:41 PM
To: public at cabforum.org
Subject: [cabfpub] Teleconference agenda - CA/B Forum - 2 May 2013
Here is draft 1 of Thursday's agenda. For approximately 20 minutes at the start of the meeting we will have a guest speaker presentation NIST/NSA on the NIST Reference CP. It is available for review and comment here -- http://csrc.nist.gov/publications/PubsDrafts.html#NIST-IR-7924.
I will send this agenda out again tomorrow to the management list with any revisions and the dial-in information. Thanks.
Notes / Presenters
(Thur) 2 May 2013
Review Reference CP (NIST IR 7294)
Guest speakers from NIST/NSA will review and explain NIST IR 7294
Approve Minutes of 18 April 2013
Ben's Email on 23 April
Ballots - Ballot 99 - Add DSA Keys closes on 3 May 2013 at 21UTC; follow-up on Ballot 89 - Guidelines for Processing EV; proposed Ballot ___ re: OCSP responders that respond "good" to non-issued certificates
Other Announcements - Date Change for Ankara F2F (September 24-26); recent ITU Actions
NFC Forum proposal to revise "Signature Record Type Definition - Technical Specification" (NFCForum-TS-Signature_RTD-1.0)
Continued discussion of audit requirements / technical constraints for external subCAs
Mozilla Inclusion Policy and Suspension/CRLReason=certificateHold
Clarification needed - see email from Gerv on Mozilla dev security policy list 30 Apr. "Re: Update Mozilla policy regarding version 1.1.3 of the BRs?"
Any Other Business
Next call -- Thurs. May 16th
Additional Potential Topics to Discuss
Updating the CAB Forum Web Site
Collaborative work with other groups - IETF, etc.
Coordinating schedules for updates to Audit Criteria
OCSP Stapling and Must-Staple Efforts
Short-Form IPR Agreement
Code Signing Update
Baseline Requirement audit issues
Fixes and updates to BRs or EV Guidelines
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential
and may be subject to copyright or other intellectual property protection.
If you are not the intended recipient, you are not authorized to use or
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public