> 2017 assessment report > LSTI didn't issue to Certinomis any "audit attestation" for the browsers in > 2017. The document Wayne references is a "Conformity Assessment Report" for > the eIDAS regulation.
I had a look at the 2017 report, and unless I misread, it implies conformity to ETSI EN 319 401 (Est vérifiée également la conformité aux normes: EN 319 401), whereas EN 319 401 states, "The present document is aiming to meet the general requirements to provide trust and confidence in electronic transactions including, amongst others, applicable requirements from Regulation (EU) No 910/2014 [i.2] and those from CA/Browser Forum [i.4].", so I'm not sure how that squares with saying it wasn't an audit taking CA/BF regulations into account? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
