On 3/10/14, 6:58 PM, [email protected] wrote: > This might be a normal case for CA and Sub-CA in the business and that's why > I am mentioning Korea Electronic Signature Act. > I do understand why BR is requesting for 'independency' of the auditor, but > because KISA is designated by law to audit the accredited CAs, our > relationship is clear(no corruption or mis-audit can happen). It is between > the auditor and auditee. We also do not have any conflict of interest between > KISA and Sub-CAs because we do not make any profit from the sub-CAs.
The reasoning here is that there should be no ongoing financial relationship causing a conflict of interest, I believe. Al -- Program Manager Firefox Platform Security Team
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
