Following on from Waynes earlier positive statement: "I look forward to more open and constructive discussions aimed at improving the quality and transparency of CA audits, regardless of the audit scheme."
I believe centring discussion on one particular auditor is not progressing things with regards generally improving audits. I understood from my EU colleagues that Ryan and Wayne had undertaken to produce a "wish list" covering requirements that they had on audits. We can then we can then discuss this with the European stakeholders and see how we could best answer the wish list. This wish list would be most helpful if it builds on the measures already proposed in TS 119 403-2 and its parent standards which provide specific requirements on all European audits for PTC. I understand also that we undertook to meet with WebTrust in December to get an understand of each other schemes which could lead to resolution of any alignment issues. I kindly request that we progress the earlier plan by identifying your full list of requirements related to the current European audit scheme. Nick _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
