CA/BR Audit Guidance: Difference between revisions

Jump to navigation Jump to search

CA/BR Audit Guidance (view source)

Revision as of 20:52, 16 September 2014

696 bytes added ,  16 September 2014
→‎Whole-Population Audit of Intermediate Certs
Line 50: Line 50:
[[File:BR-Audit-Scope.png | BR Audit Scope]]
[[File:BR-Audit-Scope.png | BR Audit Scope]]


<gallery>
All roots and intermediate CAs must be audited according to the Baseline Requirements, and end entity ceriticates may be audited on a sample basis. For the above diagram:
File:BR-Audit-Scope.png|BR Audit Scope
* Root CA must be audited
</gallery>
* Sub 1 which issues SSL would be subject to audit PLUS it’s end-entity certs on a sample basis
* Sub 2 would be subject to audit, PLUS it’s end entity certs as well to very that no SSL certs have been issued as there are no EKU constraints
* Sub 3, operated by ABC Corp, is subject to audit
* Sub 3a PLUS its end-entity certs subject to audit
* Sub 3b is subject to audit, but not its end entity certs as the EKU restricts to SMIME only
* Sub 4 would be subject to audit, but not its end-entity certs as Sub 4 is technically constrained in line with BRs


== WebTrust BR Audit Statement ==
== WebTrust BR Audit Statement ==
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1015556"

Navigation menu