[cabfpub] Audit over CA/B BR and WebTrust needed?
Ryan Sleevi
sleevi at google.com
Mon Feb 9 23:11:07 UTC 2015
On Feb 9, 2015 3:05 PM, "Benedikt Heintel" <benedikt at cacert.org> wrote:
>
> Dear group,
>
> Planning the next steps forward, getting our root certificates in the
> trust stores, we wonder what are the minimum requirements certification
> wise.
>
> Do we need CA/B Baseline Requirements and WebTrust Certification?
> Is it necessary to go for CA/B BR and ETSI TS 102 042? Is CA/B BR enough?
>
> Best Regards
> Benedikt
> --
> Benedikt Heintel - benedikt at cacert.org
> CAcert Assurer for People & Organizations
> CAcert internal Auditor
>
> CAcert.org - Secure Together
> http://www.cacert.org
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
That's nominally a question for each root to answer as to what their
individual acceptance policies are.
To be enabled for the SSL trust bits in Mozilla, for example, you must
complete an appropriate audit scheme that incorporates the CA/B Forum
Baseline Requirements, as well as comply with the Mozilla Root Inclusion
policy.
The acceptable audit schemes are listed in
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/
For WebTrust, this means Principles and Criteria for CAs 2.0 _and_ SSL BR
audit 1.1.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150209/9d3b0a37/attachment-0003.html>
More information about the Public
mailing list