European Conformity Assessment Bodies are nowadays issuing Audit Certificates aligned with EN 319 401, EN 319-411-1 and EN 319 411-2 standards.
There is no need to explicitly deny validity to previous standars, because as Jakob states, they can reflect the chain of audits. In fact, TS 102 042 and TS 101 456 are basically the same standards, but instead of changing only the version number, ETSI opted to renew the full reference code, more in the approach of IETF for RFCs. The Mozilla rule also is aligned with CAB Forum Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates and Extended Validation SSL Certificate Guidelines, and any change to those documents would need a ballot. Regards, Julian Inza El martes, 27 de marzo de 2018, 8:43:31 (UTC+2), Jakob Bohm escribió: > On 26/03/2018 22:41, Wayne Thayer wrote: > > Mozilla policy section 3.1.2.2 states: > > > > ETSI TS 102 042 and TS 101 456 audits are only acceptable for audit periods > >> ending in July 2017 or earlier. > >> > > > > Now that we are past this deadline, I propose that we remove all references > > to ETSI TS 102 042 and 101 456 from the policy. > > > > This is: https://github.com/mozilla/pkipolicy/issues/108 > > > > ------- > > > > This is a proposed update to Mozilla's root store policy for version > > 2.6. Please keep discussion in this group rather than on GitHub. Silence > > is consent. > > > > Policy 2.5 (current version): > > https://github.com/mozilla/pkipolicy/blob/2.5/rootstore/policy.md > > > > Will that make such audits (prior to the deadline) unacceptable as part > of the unbroken audit chain back to first issuance for new roots? > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com > Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
