On 03/11/2009 05:51 PM, michal...@gmail.com:
In Addition Comsign is being criticize by accountant that specialize
in Information Security.
And operate according the European Telecommunications Standards
Institute (ETSI).
Since I have the intention to deal with the Israel signature law
myself once again within a short time I can offer to give some better
estimates about eventual published audit criteria and their compliance
or similarity to the various ETSI standards. It won't be within days
rather a few weeks, but not months. I'll leave a similar message at
the bug too.
During the last two weeks I tried to contact the relevant person at the
registry for the Israeli Signature Law. Unfortunately I wasn't able to
reach anybody neither by email nor phone.
Luckily I was however able to have an interesting conversation with Erez
Shefler, the auditor of ComSign. He pointed me to the most current
"audit criteria", I'll post a copy and short translation of it to the
bug later today.
I understood from Mr. Shefler that he is currently performing an audit
according to ETSI TS 101 456 upon request by ComSign and expects to
complete the audit within the next few weeks. Mozilla will receive a
copy of the audit report and statement once this is available.
Due to the information I received today I recommend to (review the
current criteria and) wait for the expected statements from Mr. Shefler
which should be compliant to an acceptable audit criteria for Mozilla
(ETSI). I recommend after reviewing the new report to perform a second
public comments period and schedule their inclusion in case no further
issues are raised and the audit and auditor are acceptable to Mozilla.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
