[cabfpub] When to stop accepting old ETSI audits?
Moudrick M. Dadashov
md at ssc.lt
Mon Nov 28 23:32:56 UTC 2016
Indeed, Richard, but unfortunately what used to be a single step (audit)
now needs two steps - the TSPs need to meet also the [non-existing]
supervisor requirements.
Thanks,
M.D.
On 11/29/2016 1:05 AM, tScheme Technical Manager wrote:
>
> Technically, eIDAS gave July 2016 as the cutoff but allowed one year
> for transition. However, it states that any audits after July 2016
> must use new requirements.
>
> Cheers
>
> Richard
>
> ------------------------------------
> Richard Trevorah
> Technical Manager
> tScheme Limited
>
> M: +44 (0) 781 809 4728
> F: +44 (0) 870 005 6311
>
> http://www.tscheme.org
> ------------------------------------
>
> The information in this message and, if present, any attachments are
> intended solely for the attention and use of the named addressee(s).
> The content of this e-mail and its attachments is confidential and may
> be legally privileged. Unless otherwise stated, any use or disclosure
> is unauthorised and may be unlawful.
>
> If you are not the intended recipient, please delete the message and
> any attachments and notify the sender as soon as practicable
>
> *From:*Public [mailto:public-bounces at cabforum.org] *On Behalf Of
> *Moudrick M. Dadashov via Public
> *Sent:* 28 November 2016 22:59
> *To:* CA/Browser Forum Public Discussion List
> *Cc:* Moudrick M. Dadashov
> *Subject:* Re: [cabfpub] When to stop accepting old ETSI audits?
>
> Yes, July 2017 is reasonable - the new ones require extra bureaucracy
> with the supervisors.
>
> Thanks,
> M.D.
>
> On 11/28/2016 3:44 PM, Gervase Markham via Public wrote:
>
> Dear CAB Forum members,
>
> Ballot 171, passed on 1st July 2016, updated the BRs to remove the old
>
> ETSI criteria (ETSI TS 101 456 V1.4.3 or ETSI TS 102 042 V2.3.1) and add
>
> the new ones (ETSI EN 319 411-1 v1.1.1 or ETSI EN 319 411-2 v2.1.1).
>
> This change was made in BRs v.1.3.6. However, no dates were associated
>
> with the change.
>
> Mozilla CA Policy 2.3 (about to be published) permits either set of
>
> criteria to be used.
>
> By what date would it be reasonable for Mozilla to require that all new
>
> ETSI audits use the new criteria?
>
> Inigo says that eIDAS (which, of course, refers only to the issuance of
>
> Qualified certificates) have specified July 2017 as the end date for the
>
> old criteria. Would that be a reasonable choice?
>
> Gerv
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://cabforum.org/mailman/listinfo/public
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20161129/98e84964/attachment-0002.html>
More information about the Public
mailing list