Home » Tag Archives: netsec

Tag Archives: netsec

Ballot SC40 – Security Requirements for Air-Gapped CA Systems

This ballot was withdrawn and/or failed to go to a vote. This is a continuation of discussion on the air-gapped CA ballot. (As noted below, this formally continues the discussion for this ballot, as of 2021-02-08 17:00 UTC. This discussion period will continue until initiation of the Voting Period (TBD) unless extended or as otherwise determined, pursuant to the CA/Browser ... Read More »

Ballot SC38: Alignment of Record Archival

This ballot failed to go to a vote and failed pursuant to the Bylaws. This begins the discussion period for Ballot SC38: Alignment of RecordArchival (which I circulated a little while ago). The following ballot is proposed by Neil Dunbar of TrustCor Systems andendorsed by David Kluge of Google Trust Services and Ben Wilson of Mozilla. Purpose of Ballot: After ... Read More »

Ballot SC32 – NCSSRs Zones

This ballot failed pursuant to the Bylaws. This email begins the discussion period for Ballot SC32. Purpose of Ballot: To remove ambiguity and delineate requirements for physical security and logical security. The Network and Certificate System Security Requirements (NCSSRs) were drafted with the concept of physical and logical “Zones” (Secure Zones, High Security Zones, and everything else outside those zones). ... Read More »

Ballot SC20: System Configuration Management

This ballot failed. Purpose of Ballot: Section 1(h) of the Network and Certification Systems Security Requirements provides that CAs shall: Review configurations of Issuing Systems, Certificate Management Systems, Security Support Systems, and Front-End / Internal-Support Systems on at least a weekly basis to determine whether any changes violated the CA’s security policies; In relation to this requirement the WebTrust/PKI Assurance ... Read More »