On 6/01/13 09:48 AM, Ryan Sleevi wrote:
Perhaps it's this kind of thinking that leads to failed audits :)
It will, it does, and the information is readily available from the
https://www.cabforum.org/Baseline_Requirements_V1_1.pdf Sections 14
describes a series of controls jointly developed by the browsers and CAs.
Ryan, that's not true. I know it is easy to market the organsation as
being open and friendly, but some of us weren't born last night.
I think the truth is that it was developed by CABForum participants. In
private. Right? And then announced it to the world here:
12 - June -2012 -- Today, the CA/Browser Forum released a
draft "Network and Certificate System Security Requirements"
for public review, comment, and discussion. Comments may be
submitted through Friday, 22 June 2012
Right? Truth is important, right? So faith in the product has a
CABForum participants are on record on that date to push a new
unreleased standard onto the world through Mozilla's public theater with:
10 days of public comment?
For the record: when was that document first worked on in CABForum?
cryptography mailing list