Thursday, November 17, 2011

CA/Browser Forum - Certificate Baseline Requirements

Here: http://www.gerv.net/temp/Baseline_Requirements_Draft_50.pdf

Focused for now on certificate policies for issuing certificates used to trust publicly-available servers, this document (draft 50) represents lots of hard work and expertise and provides a good stake post for practioners.

We need equally comprehensive work on application and service design, deployment, and management for relying parties so that the trust inherent in the certificate issuance process is not squandered in error-prone implementation "in the wild."

No comments: