[cabfpub] Public Exposure Draft of WebTrust for CAs Based on the Baseline Requirements

Ben Wilson ben at digicert.com
Thu Oct 11 14:21:25 UTC 2012


All,

Attached is the Public Exposure Draft of WebTrust for CAs Based on the
Baseline Requirements.  

For CA/B Forum members it is also located here:

https://www.cabforum.org/wiki/Audit?action=AttachFile
<https://www.cabforum.org/wiki/Audit?action=AttachFile&do=get&target=WTCA+-+
SSL+Baseline+Requirements+v1_0_Draft_20120228_clean_exposure.doc>
&do=get&target=WTCA+-+SSL+Baseline+Requirements+v1_0_Draft_20120228_clean_ex
posure.doc .

As you know, version 1.0 of the Baseline Requirements became effective on
July 1, 2012, subject to the adoption of audit criteria by the Web Trust
Task Force and ETSI.  ETSI and WebTrust are working on a date on which the
Baseline Requirements will begin to be auditable.  The CABF will provide
notice of that date.    (Just for clarification, an auditor cannot apply
audit criteria retroactively, and even though CA members of the CA / Browser
Forum have implemented migration plans in order to comply with the BRs as of
July 1, 2012 (to demonstrate compliance if needed), compliance is not
otherwise mandated by Web Trust / ETSI for purposes of the Forum or Browsers
until the audit guidance is effective.  So as a practical matter the BRs do
not come into effect until there is auditability / audit guidance, and then
compliance can only be looked at prospectively, unless of course a Browser
mandates it or otherwise determines they are ready to enforce it before the
stated date by ETSI / WebTrust.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121011/9decb3aa/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: WTCA - SSL Baseline Requirements	v1_0_Draft_20120228_clean_exposure.pdf
Type: application/pdf
Size: 142071 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121011/9decb3aa/attachment-0003.pdf>


More information about the Public mailing list