[cabfpub] Is the PITRA requirement applicable to DTPs

Adriano Santoni adriano.santoni at staff.aruba.it
Mon Nov 4 00:46:16 MST 2019


All,

this is probably an old question, but I could not find the answer in the 
mailing list archives, so please bear with me.

In reading the BR, it is not clear to me whether a DTP is allowed to 
start "issuing" certificates (i.e. start requesting the CA to issue 
certificates based on their vetting) before having ever been audited. 
CAs are required to pass a PITRA, before issuing their first 
Publicly-Trusted Certificates, but I am not sure if the same holds for 
DTPs. It seems to me that this aspect is not very clear in the BR.

Adriano


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20191104/1dc3bcca/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4105 bytes
Desc: Firma crittografica S/MIME
URL: <http://cabforum.org/pipermail/public/attachments/20191104/1dc3bcca/attachment.p7s>


More information about the Public mailing list