[cabfpub] Applicability of BRs to Client Authentication certificates

Jeff Ward jward at bdo.com
Thu Apr 12 18:21:31 UTC 2018


Thanks for the prompt thoughts guys, it’s in good hands!

Jeff Ward, CPA, CGMA, CITP, CISA, CISSP, CEH
Office Managing Partner & National Leader Third Party Attestation (SOC/WebTrust/Cybersecurity)
314-889-1220 (Direct)    347-1220 (Internal)
314-889-1221 (Fax)
jward at bdo.com<mailto:jward at bdo.com>

BDO
101 S Hanley Rd, #800
St. Louis, MO 63105
UNITED STATES
314-889-1100
www.bdo.com<http://www.bdo.com>

Please consider the environment before printing this e-mail
From: Tim Hollebeek [mailto:tim.hollebeek at digicert.com]
Sent: Thursday, April 12, 2018 1:15 PM
To: Ryan Sleevi <sleevi at google.com>; Jeff Ward <jward at bdo.com>
Cc: CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: RE: [cabfpub] Applicability of BRs to Client Authentication certificates

It’s a good time to do it, too, since after governance reform, we want to be able to quickly know which certificates are in scope for which working groups.

We discussed this at a few F2Fs.

-Tim

From: Ryan Sleevi [mailto:sleevi at google.com]
Sent: Thursday, April 12, 2018 1:54 PM
To: Jeff Ward <jward at bdo.com<mailto:jward at bdo.com>>
Cc: Tim Hollebeek <tim.hollebeek at digicert.com<mailto:tim.hollebeek at digicert.com>>; CA/Browser Forum Public Discussion List <public at cabforum.org<mailto:public at cabforum.org>>
Subject: Re: [cabfpub] Applicability of BRs to Client Authentication certificates



On Thu, Apr 12, 2018 at 1:45 PM, Jeff Ward <jward at bdo.com<mailto:jward at bdo.com>> wrote:
If 7.1.2.3.f is ignored, it is less confusing, but there is still potential ambiguity as to what ‘authenticating a server accessible through the Internet’ means. It would be best if the BRs clearly specified the technical characteristics of identifying a certificate that is ‘in-scope’.

In that regard, I think we're in violent agreement. Root Programs have undertaken this to some extent, but it would be good to revisit clarification, hopefully now that more CAs are aware of the problems posed.


BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms.

BDO is the brand name for the BDO network and for each of the BDO Member Firms.

IMPORTANT NOTICES

The contents of this email and any attachments to it may contain privileged and confidential information from BDO USA, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO USA, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies hereof. If you have received this e-mail in error, please notify BDO USA, LLP by e-mail immediately.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180412/d8261886/attachment-0003.html>


More information about the Public mailing list