On 10/11/20 11:06 PM, Nikolaos Soumelidis wrote:
Dear Kathleen,
We have been informed by ACCREDIA that the accreditation pages have now been
updated to include ETSI EN 319 403. This removes any ambiguity.
URLs remain the same; for example, QMSCERT's accreditation:
ent: Tuesday, September 1, 2020 9:47 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Verifying Auditor Qualifications
On 8/31/20 11:07 AM, Kathleen Wilson wrote:
> On 8/28/20 3:59 PM, Kathleen Wilson wrote:
>> On 8/26/20 1:41 PM, Kathleen Wilson wrote:
>>> The
On 8/31/20 11:07 AM, Kathleen Wilson wrote:
On 8/28/20 3:59 PM, Kathleen Wilson wrote:
On 8/26/20 1:41 PM, Kathleen Wilson wrote:
The 5 CABs that I haven't been able to complete the Standard Check
for are:
- Bureau Veritas Italia S.p.A. - NAB is Accredia
- CSQA - NAB is Accredia
- KIWA - NAB
On 8/28/20 3:59 PM, Kathleen Wilson wrote:
On 8/26/20 1:41 PM, Kathleen Wilson wrote:
The 5 CABs that I haven't been able to complete the Standard Check for
are:
- Bureau Veritas Italia S.p.A. - NAB is Accredia
- CSQA - NAB is Accredia
- KIWA - NAB is Accredia
- QMSCERT - NAB is Accredia
-
On 8/26/20 1:41 PM, Kathleen Wilson wrote:
The 5 CABs that I haven't been able to complete the Standard Check for are:
- Bureau Veritas Italia S.p.A. - NAB is Accredia
- CSQA - NAB is Accredia
- KIWA - NAB is Accredia
- QMSCERT - NAB is Accredia
- QSCert - NAB is CAI
Update: I received
On 8/26/20 2:01 PM, Nikolaos Soumelidis wrote:
I will greatly appreciate it if you can reach out to them again. Please
let me know what information you would need.
Will definitely do. Probably no other information will be needed by you, but
I do appreciate the offer.
Thanks!
Please note
>> I will greatly appreciate it if you can reach out to them again. Please
let me know what information you would need.
Will definitely do. Probably no other information will be needed by you, but
I do appreciate the offer.
>> Note that with the exception of 4 CABs accredited by Accredia and 1
On 8/26/20 12:35 PM, Nikolaos Soumelidis wrote:
One would expect that they would put that in the accreditation documents or references,
That helps answer part of my question -- that it is reasonable to expect
the NAB's accreditation document to specifically list these ETSI EN
standards.
Auditor Qualifications
On 6/3/20 4:20 PM, Kathleen Wilson wrote:
> It recently came to my attention that I need to be more diligent in
> verifying auditor qualifications.
>
> https://wiki.mozilla.org/CA/Audit_Statements#Auditor_Qualifications
All,
While re-verifying auditor qualifica
On 8/26/20 12:29 PM, Ben Wilson wrote:
This raises the
question of whether NABs typically include ETSI EN 319 401, ETSI EN 319
411-1 and ETSI EN 319 411-2 in such CAB certification records.
The answer to that question is yes, the other NABs typically do list
that information directly in the
> On 6/3/20 4:20 PM, Kathleen Wilson wrote:
> > It recently came to my attention that I need to be more diligent in
> > verifying auditor qualifications.
> >
> > https://wiki.mozilla.org/CA/Audit_Statements#Auditor_Qualifications
>
> All,
>
> While re-verifyi
On 6/3/20 4:20 PM, Kathleen Wilson wrote:
It recently came to my attention that I need to be more diligent in
verifying auditor qualifications.
https://wiki.mozilla.org/CA/Audit_Statements#Auditor_Qualifications
All,
While re-verifying auditor qualifications I have run into the following
On Mon, Jul 20, 2020 at 10:27 AM Arvid Vermote via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> ACAB'c is a group of a few eIDAS CABs working together for reasons, they
> do not represent all eIDAS CABs neither do they have any recognized or
> official function within the
urity-policy
> Sent: maandag 13 juli 2020 15:31
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Re: Verifying Auditor Qualifications
>
> It seems exceptionally strange to me that what, from all appearances, is a 4
> year
> old advocacy body for auditors could be cons
It seems exceptionally strange to me that what, from all appearances, is a 4
year old advocacy body for auditors could be considered an authoritative
source. ACAB’c does not seem to have done anything at all to acquire the
extremely high level of credibility such a source needs.
The idea that
Hi Ryan,
thanks for your post. And certainly yes: it’s our first goal to serve the needs
of our actual consumers. The browsers belong to those in the front row. We are
aware of that as we are aware that there is space for improvement for the
council.
With regard to your statement to our
On Fri, Jul 3, 2020 at 6:14 AM clemens.wanko--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> All,
> on behalf of the Accredited Conformity Assessment Bodies council we would
> like to provide the following background information to the guideline
> “Verifying ETSI
All,
on behalf of the Accredited Conformity Assessment Bodies council we would like
to provide the following background information to the guideline “Verifying
ETSI Auditor Qualification” as stated here:
https://wiki.mozilla.org/CA/Audit_Statements#Verifying_ETSI_Auditor_Qualifications
The
On 6/24/20 8:48 PM, Ryan Sleevi wrote:
On Wed, Jun 24, 2020 at 3:08 PM Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
I have updated the following section of the wiki page to incorporate
feedback that I received from representatives of ACAB'c.
On Wed, Jun 24, 2020 at 3:08 PM Kathleen Wilson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> I have updated the following section of the wiki page to incorporate
> feedback that I received from representatives of ACAB'c.
>
>
>
I have updated the following section of the wiki page to incorporate
feedback that I received from representatives of ACAB'c.
https://wiki.mozilla.org/CA/Audit_Statements#Verifying_ETSI_Auditor_Qualifications
I will greatly appreciate it if those of you familiar with ETSI audits
will review
On 6/4/20 1:25 AM, Arvid Vermote wrote:
Hi Kathleen
Related to the below it would be helpful if the WebTrust organization would
disclose additional details on the licensed WebTrust practitioners: right now
there is no data publicly available on historical WebTrust auditor licensing.
We don't
m: dev-security-policy On
> Behalf Of Kathleen Wilson via dev-security-policy
> Sent: donderdag 4 juni 2020 1:21
> To: mozilla-dev-security-pol...@lists.mozilla.org
> Subject: Verifying Auditor Qualifications
>
> All,
>
> It recently came to my attention that I need to be more di
All,
It recently came to my attention that I need to be more diligent in
verifying auditor qualifications. Therefore, we have added a field in
the CCADB called “Date Qualifications Verified” (on Auditor Location
objects), which will be used to remind root store operators to check
each
24 matches
Mail list logo
