CA/Required or Recommended Practices: Difference between revisions

CA/Required or Recommended Practices (view source)

60 bytes added , 21 October 2022

m

Confirmed users

377

edits

@@ Line 145: / Line 145: @@
 === Network Security Controls ===
-CAs must maintain current best practices for network security, and have qualified network security audits performed on a regular basis. The [https://www.cabforum.org/ CA/Browser Forum] has published a document called [https://cabforum.org/network-security-requirements/ Network and Certificate System Security Requirements] which should be used as guidance for protecting network and supporting systems.
+CAs must maintain current best practices for network security, and have qualified network security audits performed on a regular basis. The [https://www.cabforum.org/ CA/Browser Forum] has published a document called the [https://cabforum.org/network-security-requirements/ Network and Certificate System Security Requirements] (NetSec Requirements) which should be used as guidance for protecting network and supporting systems. CAs should incorporate the NetSec Requirements by reference in either section 5 or section 6.7 of their CP/CPS.
 It is expected that CAs do the following on a regular basis:
 * Maintain network security controls that meet the [https://cabforum.org/network-security-requirements/ Network and Certificate System Security Requirements.]
-* Check for mis-issuance of certificates, especially for high-profile domains.
 * Review network infrastructure, monitoring, passwords, etc. for signs of intrusion or weakness.
 * Ensure Intrusion Detection System and other monitoring software is up-to-date.