Some of this overlaps with work being currently done in the NetSec working group, which has discussed threat modeling for CAs. IIRC, in the past, we've discussed SDLC-related issues and deployment practices within that WG as well.
-Tim From: Public <[email protected]> On Behalf Of Jeremy Rowley via Public Sent: Thursday, January 23, 2020 8:10 PM To: CA/Browser Forum Public Discussion List <[email protected]> Subject: [cabfpub] Development and deployment working group Hey Dimitris, Can you add a spot during the face to face to talk about software deployment and development? I thought a working group on that topic may be beneficial given the number of software issues reported on Mozilla. I can present on what I'm thinking there, but the goal would be to talk about best practices in development and deployment of pki software and some of the unique challenges associated with doing so as a CA. Thanks, Jeremy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
