[Servercert-wg] Potential addition to Cleanups and Clarifications Ballot about Section 5.4.1
Wayne Thayer
wthayer at gmail.com
Thu May 14 17:23:38 MST 2020
On Thu, May 14, 2020 at 4:17 PM Ponds-White, Trevoli via Servercert-wg <
servercert-wg at cabforum.org> wrote:
> As a part of the network security meetings we’ve been looking a lot at the
> requirements related to logging procedures. One question that came up is
> whether or not the last 4 lines of section 5.4.1 are a subset of 3.f or
> part of section 5.4.1 as a whole. Because of the tabbing the format of the
> last 4 lines looks like it’s part of section 5.4.1 as a whole but when you
> read it it doesn’t seem consistent with that section and makes more sense
> as being specifically a part of 5.4.1.3.f.
>
>
>
> If it’s supposed to be part of 3.f can it be reformatted in the cleanup
> ballot? If there is consensus that it’s not a part of 3.f the net sec group
> can include an edit to the language in an upcoming ballot. We have a draft
> ballot with a relevant reason to edit the list IF it’s not a subset of 3.f.
>
>
>
> To give you an idea here are the last 11 lines of section 5.4.1.
>
>
>
> Security events, including:
>
> a. Successful and unsuccessful PKI system access attempts;
>
> b. PKI and security system actions performed;
>
> c. Security profile changes;
>
> d. System crashes, hardware failures, and other anomalies;
>
> e. Firewall and router activities; and
>
> f. Entries to and exits from the CA facility.
>
>
>
> Log entries MUST include the following elements:
>
> 1. Date and time of entry;
>
> 2. Identity of the person making the journal entry; and
>
> 3. Description of the entry.
>
>
>
> Thoughts?
>
>
I can see the potential for confusion over the contet of "entry", but I'm
almost certain that those last 4 lines apply to the entire section, not
just 3(f). It's perhaps a bit clearer back in V1 (section 15.2):
https://cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf
- Wayne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200514/adf68415/attachment.html>
More information about the Servercert-wg
mailing list