[ Pobierz całość w formacie PDF ]

Certificates it has issued in the period beginning immediately after the last sample was taken .
The audit covers all of a CA s obligations under the EV Guidelines, regardless of whether the
obligation was performed by the CA or a subordinate.
The CA/Browser Forum is currently working towards establishing minimum requirements for
all SSL certificates. The minimum requirements will set a baseline requirement for all
certificates, antiquating many of the complaints regarding CAs. For example, one of the goals
behind the minimum guidelines is to eliminate any non-verified subject information from a
certificate, including non-verified subject information asserted through an OU field. Similar to
EV, all CAs (including subordinates) will have to undergo annual audits and supervision to
ensure compliance with the minimum requirements.
The CA/Browser Forum looks forward to future SSL Observatory data and projects. A publicly
available, decentralized observatory and revised datasets will greatly help improve audits and
increase security for consumers. The SSL Observatory s work is of great benefit to consumers
and businesses worldwide, and we appreciate and welcome their input on any matter.
Sincerely,
The CA/Browser Forum [ Pobierz całość w formacie PDF ]