[cabfpub] Ballot 171 - Updating the CABF documents with the new ETSI standards

Barreira Iglesias, Iñigo i-barreira at izenpe.eus
Fri Jun 17 09:19:46 UTC 2016


Well, until july 1st, the first sentence applies, but starting july 1st only the second. I suggested not to include the first one because it was going to be obsolete due the dates we´re doing this, so IMO I wouldn´t include it, but that´s a minor correction that can be done after the ballot has passed or not, and then apply the changes. I would have no meaning that If the documents are updated on july 5th for example, include something that is referring to the past.


Iñigo Barreira
Responsable del Área técnica
i-barreira at izenpe.eus<mailto:i-barreira at izenpe.eus>
945067705

[Descripción: firma_email_Izenpe_eus]

ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.

De: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] En nombre de Adriano Santoni
Enviado el: viernes, 17 de junio de 2016 10:18
Para: public at cabforum.org
Asunto: Re: [cabfpub] Ballot 171 - Updating the CABF documents with the new ETSI standards


I agree that references to ETSI TS 102 042 should be changed to ETSI EN 319 411-1, because I understand that the latter norm repeals the former one, so this seems just natural to me.

However, I am personally not knowledgeable enough on requirements for qualified auditors... I am still studying the matter, and at this time I am not sure that the proposed changes to §8.2 are okay "as is".

Adriano



Il 17/06/2016 09:05, Barreira Iglesias, Iñigo ha scritto:
Is there any other endorser? I can´t believe none has answered, especially the Europeans.


Iñigo Barreira
Responsable del Área técnica
i-barreira at izenpe.eus<mailto:i-barreira at izenpe.eus>
945067705

[Descripción: firma_email_Izenpe_eus]

ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.

De: Mads Egil Henriksveen [mailto:Mads.Henriksveen at buypass.no]
Enviado el: jueves, 16 de junio de 2016 11:07
Para: Barreira Iglesias, Iñigo; 'public at cabforum.org<mailto:public at cabforum.org>'
Asunto: RE: [cabfpub] Ballot 171 - Updating the CABF documents with the new ETSI standards

Hi Inigo

I will endorse.

Regards
Mads

From: public-bounces at cabforum.org<mailto:public-bounces at cabforum.org> [mailto:public-bounces at cabforum.org] On Behalf Of Barreira Iglesias, Iñigo
Sent: 16. juni 2016 10:19
To: 'public at cabforum.org<mailto:public at cabforum.org>'
Subject: [cabfpub] Ballot 171 - Updating the CABF documents with the new ETSI standards


Hi,

This is the new version of the ballot 171 not including any reference to EN 319 411-2. Still looking for 2 endorsers. Mads do you still want to endorse?

I haven´t included in the ballot the update in 8.4 as in Github because it´s not part of the ETSI standards, but have no problem on adapting it, in the ballot or/and in Github.

Regarding the effective date and taking into account in the date we are, don´t know if that helps or just include a text which will become obsolete when the document is published.

Regards



Ballot 171 – Updating the ETSI standards in the CABF documents

The following motion has been proposed by Iñigo Barreira of Izenpe and endorsed by XXX and XXX:

-- MOTION BEGINS –

In the BRs,

In section 1.6.3 References, change:
ETSI TS 119 403, Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment ‐ General Requirements and Guidance.
ETSI TS 102 042, Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing public key certificates.

With
ETSI EN 319 403, Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment - Requirements for conformity assessment bodies assessing Trust Service Providers

ETSI EN 319 411-1, Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates;
Part 1: General requirements


In section 8.2 Identity/qualification of assessor, point 4, change:
4. (For audits conducted in accordance with any one of the ETSI standards) accredited in accordance with ETSI TS 119 403, or accredited to conduct such audits under an equivalent national scheme, or accredited by a national accreditation body in line with ISO 27006 to carry out ISO 27001 audits;

With

4. (For audits conducted in accordance with any one of the ETSI standards)  accredited in accordance with ETSI TS 119 403, or accredited to conduct such audits under an equivalent national scheme, or accredited by a national accreditation body in line with ISO 27006 to carry out ISO 27001 audits. Effective July 1st 2016, a Qualified Auditor MUST be accredited in accordance with ISO 17065 applying the requirements specified in EN 319 403;



In section 8.4 Topics covered by assessment, point 2, change:

2. A national scheme that audits conformance to ETSI TS 102 042;

With

2. A national scheme that audits conformance to ETSI TS 102 042/ ETSI EN 319 411-1; Effective July 1st 2016, only the ETSI EN 319 411-1 criteria shall be accepted. Audit reports following the ETSI TS 102 042 criteria shall be accepted until July 1st 2017;
In the EV guidelines,

In section 8.2.1 Implementation, point (B), change:

(B) Implement the requirements of (i) the then-current WebTrust Program for CAs, and (ii) the then-current WebTrust
EV Program or ETSI TS 102 042; and

With

(B) Implement the requirements of (i) the then-current WebTrust Program for CAs, and (ii) the then-current WebTrust
EV Program or ETSI EN 319 411-1 for EVCP policy; and


In section 8.2.2 Disclosure, change:

The CA is also REQUIRED to publicly disclose its CA business practices as required by both WebTrust for CAs and ETSI TS 102 042.

With

The CA is also REQUIRED to publicly disclose its CA business practices as required by both WebTrust for CAs and ETSI EN 319 411-1.


In section 17.1 Eligible audit schemes, point (ii), change:

(ii) ETSI TS 102 042 audit

With

(ii) ETSI EN 319 411-1 audit for EVCP policy


In section 17.4 pre-issuance readiness audit, point (2), change:

(2) If the CA has a currently valid ETSI 102 042 audit, then, before issuing EV Certificates, the CA and its Root CA MUST
successfully complete a point-in-time readiness assessment audit against ETSI TS 102 042.

With

(2) If the CA has a currently valid ETSI EN 319 411-1 audit for EVCP policy, then, before issuing EV Certificates, the CA and its Root CA MUST successfully complete a point-in-time readiness assessment audit against these ETSI standards.


In section 17.4 pre-issuance readiness audit, point (3), change:

(3) If the CA does not have a currently valid WebTrust Seal of Assurance for CAs or an ETSI 102 042 audit, then, before
issuing EV Certificates, the CA and its Root CA MUST successfully complete either: (i) a point-in-time readiness
assessment audit against the WebTrust for CA Program, or (ii) a point-in-time readiness assessment audit against the
WebTrust EV Program, or an ETSI TS 102 042 audit.

With

(3) If the CA does not have a currently valid WebTrust Seal of Assurance for CAs or an ETSI EN 319 411-1 audit for EVCP policy, then, before issuing EV Certificates, the CA and its Root CA MUST successfully complete either: (i) a point-in-time readiness assessment audit against the WebTrust for CA Program, or (ii) a point-in-time readiness assessment audit against the WebTrust EV Program, or an ETSI EN 319 411-1 for EVCP policy.

-- MOTION ENDS --

The review period for this ballot shall commence at 2200 UTC on 13 June 2016, and will close at 2200 UTC on 20 June 2016. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 2200 UTC on 26 June 2016. Votes must be cast by posting an on-list reply to this thread.

A vote in favor of the motion must indicate a clear 'yes' in the response. A vote against must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted. Voting members are listed here: https://cabforum.org/members/

In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and greater than 50% of the votes cast by members in the browser category must be in favor. Quorum is currently ten (10) members– at least ten members must participate in the ballot, either by voting in favor, voting against, or abstaining.



Iñigo Barreira
Responsable del Área técnica
i-barreira at izenpe.eus<mailto:i-barreira at izenpe.eus>
945067705

[Descripción: firma_email_Izenpe_eus]

ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.





_______________________________________________

Public mailing list

Public at cabforum.org<mailto:Public at cabforum.org>

https://cabforum.org/mailman/listinfo/public

--

Cordiali saluti,

Adriano Santoni
ACTALIS S.p.A.
(Aruba Group)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160617/bcdaecff/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 9540 bytes
Desc: image001.jpg
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160617/bcdaecff/attachment-0003.jpg>


More information about the Public mailing list