[EMAIL PROTECTED] wrote: > Maintenance of the WebTrust seal requires an annual audit.
Obtaining the WebTrust seal is optional. Not to speak about that Mozilla accepts auditors not accredited by the WebTrust organization. Hence there is no re-auditing requirement right now. > The audit > is of compliance with the CPS - so if there are issuing CAs - whether > internal or external - covered by the CPS, then they part of those > procedures. > > The same is not true of ETSI - which is a standard not really an audit > regime. So, if Mozilla is going to rely on "equivalent audits", then > there should also be a requirement for yearly updates. Yes, it has been suggested before, but who would enforce and control it? -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
