[Servercert-wg] Renumbering of the NetSec Requirements

Ryan Sleevi sleevi at google.com
Mon Jan 13 13:51:49 MST 2020


Removing the cross-post, so folks don't get mail bounces or only see half
the discussion, with replies inline.

On Mon, Jan 13, 2020 at 1:56 PM Ben Wilson via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> In order to move forward with an overhaul of the Network and Certificate
> System Security Requirements, the Document Organization subgroup has
> determined it best to break up the transitions into discrete
> tasks/ballots.
>

Do you have a link to that discussion/minutes? Is there an overview? It's
useful to have a 'big picture' view to understand where things are proposed
for going, if only to help contextualize the smaller changes.

Attached is a pdf that shows the first step in a proposed
> restructuring/renumbering of the NetSet requirements -- strictly
> renumbering.
>

This doesn't seem  to be purely renumbering. For example, each of the
section headers were renamed with statements, which are unclear if they're
meant to be normative or informative, along with an orientation around
principles. That seems to harken back to WebTrust/ISO 21188's approach to
auditing, but it's unclear why this change. Is there more context for those
renamings? Is this part of a broader effort, and if so, do you have a
pointer to those past discussions?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/servercert-wg/attachments/20200113/6f178e48/attachment.html>


More information about the Servercert-wg mailing list