[Smcwg-public] Bridge CA
Stephen Davidson
Stephen.Davidson at digicert.com
Wed Aug 3 22:09:49 UTC 2022
Hi Wendy – thank you for the suggestion.
I’d like to stick with the original simpler text because the SBR doesn’t address “how a Bridge CA operates” apart from adopting some CABF-wide standards covering Cross Certificate profiles.
Bridge CAs fall outside of mandatory adoption of the SBR unless the Bridge CA itself is Publicly-Trusted. If a CA that is crossed with the Bridge CA is itself Publicly-Trusted then it must adopt but it does not drag other nonPublicly-Trusted CAs in the Bridge ecosystem into scope.
Best, Stephen
From: Wendy Brown - QT3LB-C <wendy.brown at gsa.gov>
Sent: Wednesday, August 3, 2022 3:00 PM
To: Stephen Davidson <Stephen.Davidson at digicert.com>; SMIME Certificate Working Group <smcwg-public at cabforum.org>
Subject: Re: [Smcwg-public] Bridge CA
Stephen - suggested rewording of the Bridge CA definition
Bridge CA – A CA that facilitates interoperability between different enterprises or communities that operate their own PKIs, by issuing and receiving Cross Certificates which map the peer PKI certificate policies to the certificate policies of the Bridge CP.
Wendy
Wendy Brown
Supporting GSA
FPKIMA Technical Liaison
Protiviti Government Services
703-965-2990 (cell)
On Wed, Aug 3, 2022 at 12:39 PM Stephen Davidson via Smcwg-public <smcwg-public at cabforum.org <mailto:smcwg-public at cabforum.org> > wrote:
Hello:
Following our discussion, I have merged the PR relating to Bridge CAs https://github.com/cabforum/smime/commit/50093055e1a2db9822cc68f90f503b48210f576a
As discussed we will want to add a definition for a Bridge CA. I propose the following:
Bridge CA – A CA that facilitates interoperability between different enterprises or communities that operate their own PKIs, by issuing Cross Certificates to participating CAs.
Feedback welcomed.
Regards, Stephen
_______________________________________________
Smcwg-public mailing list
Smcwg-public at cabforum.org <mailto:Smcwg-public at cabforum.org>
https://lists.cabforum.org/mailman/listinfo/smcwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220803/96578bc0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4999 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220803/96578bc0/attachment-0001.p7s>
More information about the Smcwg-public
mailing list