[cabfpub] Delegated Third Parties, Network Security Requirements, and Audits

[Benedikt Heintel]

> I'd say that if CAs sharing infrastructure want to take advantage of
> those economies, then they need to synchronise their audit periods and
> all engage the same auditor, who can then do a single inspection of the
> shared infrastructure and use the results to write multiple reports.
> 

Or rely on the audit report of another auditors, as it is practice in
other international standards.

Benedikt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3890 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160517/a2520523/attachment-0001.p7s>