[cabfpub] Audit over CA/B BR and WebTrust needed?

Ryan Sleevi sleevi at google.com
Mon Feb 9 23:11:07 UTC 2015

On Feb 9, 2015 3:05 PM, "Benedikt Heintel" <benedikt at cacert.org> wrote:
> Dear group,
> Planning the next steps forward, getting our root certificates in the
> trust stores, we wonder what are the minimum requirements  certification
> wise.
> Do we need CA/B Baseline Requirements and WebTrust Certification?
> Is it necessary to go for CA/B BR and ETSI TS 102 042? Is CA/B BR enough?
> Best Regards
> Benedikt
> --
> Benedikt Heintel - benedikt at cacert.org
> CAcert Assurer for People & Organizations
> CAcert internal Auditor
> CAcert.org - Secure Together
> http://www.cacert.org
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

That's nominally a question for each root to answer as to what their
individual acceptance policies are.

To be enabled for the SSL trust bits in Mozilla, for example, you must
complete an appropriate audit scheme that incorporates the CA/B Forum
Baseline Requirements, as well as comply with the Mozilla Root Inclusion

The acceptable audit schemes are listed in

For WebTrust, this means Principles and Criteria for CAs 2.0 _and_ SSL BR
audit 1.1.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150209/9d3b0a37/attachment-0003.html>

More information about the Public mailing list