[cabfpub] Delegated Third Parties, Network Security Requirements, and Audits

Benedikt Heintel benedikt at cacert.org
Tue May 17 19:59:58 UTC 2016

> I'd say that if CAs sharing infrastructure want to take advantage of
> those economies, then they need to synchronise their audit periods and
> all engage the same auditor, who can then do a single inspection of the
> shared infrastructure and use the results to write multiple reports.

Or rely on the audit report of another auditors, as it is practice in
other international standards.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3890 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160517/a2520523/attachment-0001.p7s>

More information about the Public mailing list