[cabfpub] Breach Insurance
Moudrick M. Dadashov
md at ssc.lt
Mon Dec 22 17:16:25 UTC 2014
FYI:
6.4 Liability
Auditors should verify the procedures to provide assurance of minimum
levels of liability, insurance coverage, etc.
according to section 7.1.3 of EVCG [i.2] regarding the minimum assets
covered for liability insurance and section 15.2
of EVCG [i.2] related to EV certificates limitations liability. For the
purpose of insurance cover the auditor may
consider equivalent minimum liability cover in the local currency.
Source:
ETSI TR 101 564 V1.1.1 (2011-09)
Electronic Signatures and Infrastructures (ESI);
Guidance on ETSI TS 102 042 for Issuing Extended Validation
Certificates for Auditors and CSPs
Thanks,
M.D.
On 12/22/2014 6:34 PM, Stephen Davidson wrote:
> An observation that may or may not sway your opinion: the goal of EV was to create uniform requirements across CAs, and this proposal will introduce variation.
> As I understand it, the "qualified SSL" under eIDAS are likely to be based on EV. Thus, a "qualified EV" would have an insurance level that "normal EV" may not have.
>
> Best, Stephen
>
>
> -----Original Message-----
> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
> Sent: Monday, December 22, 2014 12:09 PM
> To: Gervase Markham; i-barreira at izenpe.net; Dean_Coclin at symantec.com; public at cabforum.org
> Subject: Re: [cabfpub] Breach Insurance
>
> Understood. I just need to talk with Iñigo and any other European CAs to understand better about their concerns.
>
> -----Original Message-----
> From: Gervase Markham [mailto:gerv at mozilla.org]
> Sent: Monday, December 22, 2014 8:37 AM
> To: Ben Wilson; i-barreira at izenpe.net; Dean_Coclin at symantec.com; public at cabforum.org
> Subject: Re: [cabfpub] Breach Insurance
>
> On 22/12/14 15:24, Ben Wilson wrote:
>> My proposal is all about making more information publicly available.
> Right. That wasn't a dig at your proposal. I don't think a disclosure requirement is particularly onerous (open to arguments...), so I'm OK with that.
>
> Gerv
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141222/20779892/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3653 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141222/20779892/attachment-0001.p7s>
More information about the Public
mailing list