there was no and is no on-going financial relationship between KISA and all the Sub-CAs. (and of course there will be no)
2014-03-11 11:04 GMT+09:00 Al Billings <abilli...@mozilla.com>: > On 3/10/14, 6:58 PM, spark0...@gmail.com wrote: > > This might be a normal case for CA and Sub-CA in the business and that's > why I am mentioning Korea Electronic Signature Act. > > I do understand why BR is requesting for 'independency' of the auditor, > but because KISA is designated by law to audit the accredited CAs, our > relationship is clear(no corruption or mis-audit can happen). It is between > the auditor and auditee. We also do not have any conflict of interest > between KISA and Sub-CAs because we do not make any profit from the sub-CAs. > > The reasoning here is that there should be no ongoing financial > relationship causing a conflict of interest, I believe. > > Al > > -- > Program Manager > Firefox Platform Security Team > > > -- 한국인터넷진흥원 전자인증팀 박순태 선임연구원(G-ISMS, K-ISMS, ISO-27001) 138-950 서울시 송파구 중대로 135 IT벤처타워 Phone: (02)405-5434 Fax: (02)405-5249 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
