[cabfpub] Send us you list of current problems with the Network Security Guidelines

Kirk Hall Kirk.Hall at entrustdatacard.com
Fri Jun 9 21:29:05 UTC 2017


Yes, we have also noticed “90 days” versus quarterly – Most quarters have more than 90 days.

Thanks.

From: Dean Coclin [mailto:Dean_Coclin at symantec.com]
Sent: Friday, June 9, 2017 2:09 PM
To: CA/Browser Forum Public Discussion List <public at cabforum.org>
Cc: Kirk Hall <Kirk.Hall at entrustdatacard.com>
Subject: [EXTERNAL]Re: [cabfpub] Send us you list of current problems with the Network Security Guidelines

One specific complaint from the auditors I believe was the specific time requirements in the document. For example, if it said you have to change the password at 90 days, and you did it on day 91, it would be an audit failure. I think Don has better examples but that's one I recall.

Sent from my iPhone

On Jun 9, 2017, at 4:35 PM, Kirk Hall via Public <public at cabforum.org<mailto:public at cabforum.org>> wrote:
Bruce and I want to collect a preliminary list of current problems with the Network Security Guidelines (technically, the Network and Certificate System Security Requirements), so we can have a good discussion of possible new directions at the upcoming F2F.

To that end – please send Bruce and me a list of the specific requirements (and/or definitions) in the NetSec requirements that you think are most problematic and which should be changed or dropped.  If possible, give us the following data for each problematic issue:


1.       Section or definition of the NetSec Requirements that creates the problem

2.       What is the problem?

3.       What is a possible solution (drop, amend, supplement), with suggested language.

Bruce and I will combine all suggestions received and report anonymously to the whole group for a discussion in Berlin.  That may give the new Working Group some useful guidance for its ongoing work after that.

Thanks.
<Network_Security_Controls_V1.pdf>
_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://clicktime.symantec.com/a/1/f8a6ATZl_MnLwe29_m42V-mYnSdtACxRZX0POAv19Vo=?d=Yz3SpbucMfHwCGRoOuzLmlu9Wpr_caTWy3ILlB_IoLHc8KA0wZ9ZIIE0tt6_40GuyUeYNqwIwidNiKaKMu-5OhJUpI-0YmfQlXF6WVerqU-ErugytgRRUvyO4rzY8NCkhG397tCFH2roGFp5G4M7Xr7HurgCIsLKvk_CMVy_W33a8G7xs-zP44TZmNNnklelkmp9rYeMxGizl_l43PaLWEPq3okEBqK1ZLhxicxRW5Q-DJpP7uamThvBEDxql9A4GfwEQidWB4-Z4LlFYTHzdzZ1KHdONbJspvsEhltqHQiSSKHqcjPVfopD6S_b1Il_kJ7UeffHCM2fbGuZM3-ATtW4erUTkCsgco80th_9K1GTEs0Ligy4OOIZyCqOKL88l3ZOGCvzMBdsibgW7vTwBA2LhcZdTn_Nqiq7Lfh2iJXO2hDVk8yYzplKWu7J_J7XdsTZJuufN_61qCXKBjZC5VS3fw%3D%3D&u=https%3A%2F%2Fcabforum.org%2Fmailman%2Flistinfo%2Fpublic
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170609/b7eeba57/attachment-0003.html>


More information about the Public mailing list