Please see page 7 of ETSI 102 042: ETSI - Electronic Signature and Infrastructure (ESI) includes in the present document provisions consistent with the requirements for issuing Extended Validation Certificates (EVC), as specified in the above mentioned CAB Forum EVC Guidelines (EVCG [16]) as well as Publicly trusted TLS/SSL certificates, as specified in the mentioned CAB Forum PTC guidelines (BRG [19]) As a consequence, EVC and PTC issued by CAs operating in compliance with the EVC and PTC related provisions as indicated in the present document can be assessed as meeting the requirements specified by the CAB Forum in their EVCG [16] and BRG [19] plus recognised good practice for CA's issuing certificates.
Thanks, M.D. Matt Palmer <[email protected]> wrote: >On Thu, Aug 28, 2014 at 02:40:08PM +0800, Man Ho (Certizen) wrote: >> On 8/28/2014 9:42 AM, Man Ho (Certizen) wrote: >> > I think some CAs don't >> > even want to claim they are CAB/Forum BR compliant, but just want to be >> > included in all root certificate programs. >> >> What I mean is that some CAs don't want to claim they are CAB/Forum BR >> compliant, but committed to conform to it in order to be included in all >> root certificate programs. They just don't bother to publicly claim that >> they have any connection with CAB/Forum. > >I don't believe a CA has to claim any connection with the CA/B Forum. They >merely have to assert (and have that assertion supported by an audit >finding) that they're compliant with either the WebTrust criteria (which are >based off the CA/B Forum requirements), or one of a couple of ETSI standards >(which, I believe, aren't). > >- Matt > >-- >"I invented the term object-oriented, and I can tell you I did not have C++ >in mind." -- Alan Kay > >_______________________________________________ >dev-security-policy mailing list >[email protected] >https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
