Hi Kathleen,
We are contacting you as we are facing the following question:
As internal consultancy service of FNMT we are surprised that besides
the accreditation “SSL Baseline Requirements Audit Criteria”, FNMT was
asked for "Principles and Criteria for Certification Authorities 2.0”.
As far as we know the principles of both standards are identical, except
for technical network security specifications “SSL Requirements Baseline
Audit Criteria” as shown in the following matrix::
WT CA 2.0 WT BR SSL 2.0
CA Principles Principles
P1. CA Business Practices Disclosure P1. Baseline Requirements Business
Practices Disclosure
P2. CA Environmental Controls P3. CA Environmental Security
P3. Service Integrity P2. Service Integrity
P4. Network and Certificate
Systems Security Requirements
We consider that is enough to comply with “SSL Baseline Requirements
Audit Criteria” for the certifications under the scope. Would you be so
kind to let us know the reason to ask for both standards? Based on our
understanding, this situation increases the costs of accreditation for
quality, security and reliability of WebTrust, ... in addition to cause
confusion.
Please, we would like to clarify this issue.
Best regards
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1271513
Title:
www.cert.fnmt.es certificates are not included in Mozilla products
To manage notifications about this bug go to:
https://bugs.launchpad.net/firefox/+bug/1271513/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
