PSW GROUP (Christian Heutger, Patrycja Tulinska) would like to join as interested party
Mit freundlichen Grüßen, Christian Heutger Chief Technology Officer (CTO) CISSP, CISA, CISM, CIPP/E, CIPM ITIL-Expert, PRINCE2-/COBIT-Practitioner DS-/ISO 9001-/ISO 20000-1-/ISO 27001-Auditor Zusätzliche Prüfverfahrens-Kompetenz für § 8a (3) BSIG sowie gemäß IT-Sicherheitskatalog nach § 11 (1a) EnWG [signature_667973861]<https://www.psw-training.de/> -- PSW GROUP GmbH & Co. KG, Flemingstraße 20-22, 36041 Fulda, Hessen, Deutschland Telefon 0661/480276-10, Telefax 0661/480276-19 Hotline 0800/503750-1, Faxline 0800/503750-9 [email protected], www.psw.net, kb.psw.net Geschäftsführerin Patrycja Tulinska, Amtsgericht Fulda, HRA 5007 Steuernr. 018 357 60369, USt-IdNr. DE243718955, DUNS-Nr. 53-747-3485 Komplementär J.C. Beteiligungsges. mbH, Anschrift w.o., Amtsgericht Fulda, HRB 5474 Diese Information ist vertraulich und ausschließlich für die adressierte Person bestimmt. Personen, für die diese Information nicht bestimmt ist, ist es nicht gestattet, diese zu lesen, erneut zu übertragen, zu verbreiten oder anderweitig zu verwenden. Personen, für die diese Information nicht bestimmt ist, dürfen sich durch diese Mail nicht veranlasst sehen, Maßnahmen irgendeiner Art zu ergreifen. Sollten Sie diese Nachricht irrtümlich erhalten haben, bitten wir Sie, sich mit dem Absender in Verbindung zu setzen und das Material (die Mail nebst etwaigen Anhängen) von Ihrem Computer zu löschen, ohne eine Kopie davon zurückzubehalten. Der Adressat dieser Nachricht hat uns gebeten, mit ihm über das Internet zu korrespondieren. Wir weisen darauf hin, dass mittels E-Mail übermittelte Nachrichten mit und ohne Zutun von Dritten verloren, verändert oder verfälscht werden können. Herkömmliche E-Mails sind nicht gegen den Zugriff von Dritten geschützt und deshalb ist auch die Vertraulichkeit unter Umständen nicht gewahrt. Wir haften deshalb nicht für die Unversehrtheit von E-Mails, nachdem sie unseren Herrschaftsbereich verlassen haben und können Ihnen hieraus entstehende Schäden nicht ersetzen. Sollte trotz der von uns verwendeten Virus-Schutz-Programme durch die Zusendung von E-Mails ein Virus in Ihre Systeme gelangen, haften wir nicht für eventuell hieraus entstehende Schäden. This message is confidential and only intended for the recipient. Should you not be the intended recipient you are kindly asked to advise the sender immediately by reply e-mail and delete this message and all attachments without keeping a copy. Von: Public <[email protected]> im Auftrag von Dean Coclin via Public <[email protected]> Antworten an: Dean Coclin <[email protected]>, CA/Browser Forum Public Discussion List <[email protected]> Datum: Dienstag, 12. März 2019 um 17:46 An: CA/Browser Forum Public Discussion List <[email protected]> Betreff: [cabfpub] Code Signing Working Group - Call for Participants In accordance with the CA/B Forum Bylaws and the Charter of said working group, the Interim Chair announces a call for Participants interested in joining the Code Signing Working Group. Current CA/B Forum members should submit their names and company affiliations, as a formal declaration of their intent (or provide them at the face to face meeting). Interested Parties are eligible to participate once they provide the signed IPR agreement to the Chair. Here is the text from the ballot relevant to membership: The CSCWG SHALL consist of two classes of voting members, Certificate Issuers and Certificate Consumers meeting the eligibility criteria below: (1) A Certificate Issuer eligible for voting membership in the CSCWG MUST have a publicly-available audit report or attestation statement in accordance with one of the following schemes: * WebTrust for CAs v.2.0 or newer; or * ETSI EN 319 411-1, which includes normative references to ETSI EN 319 401 (the latest version of the referenced ETSI documents should be applied); or * If a Government Certificate Issuer is required by its Certificate Policy to use a different internal audit scheme, it MAY use such scheme provided that the audit either (a) encompasses all requirements of one of the above schemes or (b) consists of comparable criteria that are available for public review. These audit reports must also meet the following requirements: * They must report on the operational effectiveness of controls for a historic period of at least 60 days; * No more than 27 months have elapsed since the beginning of the reported-on period and no more than 15 months since the end of the reported-on period; and * The audit report was prepared by a Qualified Auditor. In addition, the Certificate Issuer MUST actively issue code signing certificates that are accepted for use in computing platforms in which the platform supplier accepts code signing certificates issued by such Certificate Issuer. (2) A Certificate Consumer (i.e. a platform supplier) eligible for voting membership in the CSCWG must produce a computing platform that accepts code signing certificates issued by third-party Certificate Issuers who meet criteria set by such Certificate Consumer. 4.2.2 Membership Application/Declaration process A. An Applicant not already a member of the Forum SHALL provide the following information: * Confirmation that the applicant satisfies at least one (1) of the membership eligibility criteria (and if it satisfies more than one (1), indication of the single category under which the applicant wishes to apply). * The organization name, as they wish it to appear on the Forum Web site and in official Forum documents. * URL of the applicant's main Web site. * Names and email addresses of employees who will participate in the Working Group and Forum as Member representatives. * Emergency contact information for security issues related to certificate trust. Applicants that qualify as Certificate Issuers or Root Certificate Issuers must supply the following additional information: * URL of the current qualifying audit report. * The URL of at least one third party website that includes a certificate issued by the Applicant in the certificate chain. * Links or references to issued end-entity certificates that demonstrate them being treated as valid by a Certificate Consumer Member. Such Applicant SHALL become a Member once the CSCWG has determined by consensus among the Members during a CSCWG Meeting or Teleconference that the Applicant meets all of the requirements above or, upon the request of any Member of the CSCWG, by a Ballot among Members of the CSCWG. Acceptance by consensus shall be determined or a Ballot of the Members shall be held as soon as the Applicant indicates that it has presented all information required above and has responded to all follow-up questions from the CSCWG and the Member has complied with the requirements of Bylaw 5.5. Certificate Issuer applicants that are not actively issuing code signing certificates but otherwise meet these membership criteria MAY request to the CSCWG that they be granted an invitation for Associate Member status in accordance with Bylaw 3.1, subject to conditions designated by the CSCWG. The CSCWG SHALL allow participation by Interested Parties, as set forth in the Bylaws. An initial organizational meeting will take place during this week’s face to face meeting followed by the formal kickoff later in the week (see agenda for details). Dean Coclin CA/B Forum Vice Chair
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
