[SSL Observatory] Mozilla survey complete?
Tom Ritter
tom at ritter.vg
Mon Sep 19 08:03:09 PDT 2011
On one hand, I would be upset if information I expected to remain
private was published without my opportunity to redact it. On the
other hand, the CAB Forum Baseline Requirements will require public
audit reports. If a CA is concerned about their responses being made
public, they should really clean up shop in advance of the Baseline
Requirements... which as far as I can tell is behind schedule:
> The CAB Forum also intends that the ETSI ESI Committee and AICPA/CICA Task Force on the WebTrust Program for CAs will coordinate revisions to their respective audit standards such that the Baseline Requirements will become auditable requirements starting in June 2011.
-tom
More information about the Observatory
mailing list