[cabfpub] Clarification - Self Assessments

Jeremy Rowley jeremy.rowley at digicert.com
Wed Jan 16 21:40:07 UTC 2013

Since the document’s scope is limited to publicly trusted SSL certificates,
I think it’s a sample of all publicly trusted SSL certificates issued by the




From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Sheehy, Don (CA - Toronto)
Sent: Wednesday, January 16, 2013 2:36 PM
To: ben at digicert.com; public at cabforum.org
Subject: [cabfpub] Clarification - Self Assessments


In section 17.8 of baseline 1.1 “Regular Quality Assessment Self Audits” it


“During the period in which the CA issues Certificates, the CA SHALL monitor
adherence to its Certificate Policy, Certification Practice Statement and
these Requirements and strictly control its service quality by performing
self-audits on at least a quarterly basis against a randomly selected sample
of the greater of one certificate or at least three percent of the
Certificates issued by it during the period commencing immediately after the
previous self-audit sample was taken 



Just to clarify for our audits - Is this a sample of all certificates issued
by the CA ( SSL, EV, OV, DV) or are there any exclusions from the







Donald E. Sheehy, CPA, CA·CISA, CRISC, CIPP/C

Partner | Enterprise Risk 


30 Wellington St Wt, PO Box 400, Stn Commerce Crt, Toronto, ON M5L 1B1

Direct: 416-601-5863 | Main: 416-601-6500

Fax: 416-601-6400 | Mobile: 416-301-2350

 <mailto:name at deloitte.ca> dosheehy at deloitte.ca |  <http://www.deloitte.ca/>


Deloitte is proud to be an Official Supplier 

of the Canadian Olympic team  


Please consider the environment before printing. 





Confidentiality Warning: This message and any attachments are intended only
for the use of the intended recipient(s), are confidential, and may be
privileged. If you are not the intended recipient, you are hereby notified
that any review, retransmission, conversion to hard copy, copying,
circulation or other use of this message and any attachments is strictly
prohibited. If you are not the intended recipient, please notify the sender
immediately by return e-mail, and delete this message and any attachments
from your system. Thank you. 
Information confidentielle: Le présent message, ainsi que tout fichier qui y
est joint, est envoyé à l'intention exclusive de son ou de ses
destinataires; il est de nature confidentielle et peut constituer une
information privilégiée. Nous avertissons toute personne autre que le
destinataire prévu que tout examen, réacheminement, impression, copie,
distribution ou autre utilisation de ce message et de tout fichier qui y est
joint est strictement interdit. Si vous n'êtes pas le destinataire prévu,
veuillez en aviser immédiatement l'expéditeur par retour de courriel et
supprimer ce message et tout document joint de votre système. Merci. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130116/995a394f/attachment-0004.html>

More information about the Public mailing list