Confirmed users, Administrators
5,526
edits
CA/BR Audit Guidance: Difference between revisions
m
→BR Audits
m (→BR Audits) |
m (→BR Audits) |
||
| Line 17: | Line 17: | ||
* BR 9.5 (section 6.1.5 in BR version 1.3) – 1024-bit certs with validity beyond 2013 (in order to support legacy customer apps) | * BR 9.5 (section 6.1.5 in BR version 1.3) – 1024-bit certs with validity beyond 2013 (in order to support legacy customer apps) | ||
* BR 13.2.6 (section 4.9.10 in BR version 1.3) - OCSP giving status “good” for unknown serial numbers. | * BR 13.2.6 (section 4.9.10 in BR version 1.3) - OCSP giving status “good” for unknown serial numbers. | ||
* BR 16.5 (section 5 in BR version 1.3) - multi-factor authentication for '''all''' accounts capable of directly causing certificate issuance | * BR 16.5 (section 6.5.1 in BR version 1.3) - multi-factor authentication for '''all''' accounts capable of directly causing certificate issuance | ||
* BR 17.5 (section 8.4 in BR version 1.3) - The audit period for the Delegated Third Party SHALL NOT exceed one year | * BR 17.5 (section 8.4 in BR version 1.3) - The audit period for the Delegated Third Party SHALL NOT exceed one year | ||
* BR 17.8 (section 8.7 in BR version 1.3) – audits on at least a quarterly basis against a randomly selected sample of the greater of one certificate or '''at least three percent''' of the Certificates issued by it during the period commencing immediately after the previous self-audit sample was taken | * BR 17.8 (section 8.7 in BR version 1.3) – audits on at least a quarterly basis against a randomly selected sample of the greater of one certificate or '''at least three percent''' of the Certificates issued by it during the period commencing immediately after the previous self-audit sample was taken | ||