On 8/28/20 3:59 PM, Kathleen Wilson wrote:
On 8/26/20 1:41 PM, Kathleen Wilson wrote:
The 5 CABs that I haven't been able to complete the Standard Check for
are:
- Bureau Veritas Italia S.p.A. - NAB is Accredia
- CSQA - NAB is Accredia
- KIWA - NAB is Accredia
- QMSCERT - NAB is Accredia
- QSCert - NAB is CAI
Update: I received email from Accredia declaring the ETSI EN standards
that the KIWA CAB is accredited for. I think it is reasonable to accept
that for this auditor's re-verification. And I have asked that KIWA
request Accredia to provide this information directly on their website
for future reference.
Updates:
1) I received email from Accredia declaring the ETSI EN standards that
the QMSCERT CAB is accredited for, and I will accept that for now.
2) The email from Accredia also said "We are working to provide this
information directly on our website for future references."
3)
https://ec.europa.eu/futurium/en/content/list-conformity-assessment-bodies-cabs-accredited-against-requirements-eidas-regulation
was updated to provide the updated
list_of_eidas_accredited_cabs-2020-08-28.pdf
Note: The
https://ec.europa.eu/futurium/en/content/list-conformity-assessment-bodies-cabs-accredited-against-requirements-eidas-regulation
site says:
"Please note that the list is an informative tool."
So, the list_of_eidas_accredited_cabs-2020-08-28.pdf is not in itself
sufficient proof of a CAB's qualifications. It is very helpful in making
it easy to find the NAB and CAB accreditation information, but we must
still check the NAB and CAB accreditation information and make sure the
CAB accreditation document lists the ETSI EN 319 403, ETSI EN 319 401,
ETSI EN 319 411-1, and ETSI EN 319 411-2 standards as per
https://wiki.mozilla.org/CA/Audit_Statements#Standard_Check
Thanks to all of you who have been helping with this!
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
