UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ETSI - TR 103 123

Electronic Signatures and Infrastructures (ESI); Guidance for Auditors and CSPs on ETSI TS 102 042 for Issuing Publicly-Trusted TLS/SSL Certificates

active, Most Current
Organization: ETSI
Publication Date: 1 November 2012
Status: active
Page Count: 29
scope:

The present document provides guidance on the assessment of Certification Authorities issuing Certificates primarily for use with Transport Layer Security (TLS) protocol [i.8] or the earlier equivalent Secure Socket Layer (SSL) protocol based on TS 102 042 [i.1] and the CA/Browser Forum Baseline Requirements for the issuance and the management of publicly-trusted certificates, (BRG) [i.2]. The present document is aimed at providing guidance to Certification Authorities issuing Publicly trusted TLS/SSL certificates to be aware of how they may be assessed and for auditors in carrying out assessment of the conformance of such certification authorities according to TS 102 042 [i.1].

Annex A provides a checklist that may be used by auditors in carrying out an audit based on these guidelines.

Annex B provides a suggested framework for the final audit report.

Document History

TR 103 123
November 1, 2012
Electronic Signatures and Infrastructures (ESI); Guidance for Auditors and CSPs on ETSI TS 102 042 for Issuing Publicly-Trusted TLS/SSL Certificates
The present document provides guidance on the assessment of Certification Authorities issuing Certificates primarily for use with Transport Layer Security (TLS) protocol [i.8] or the earlier...

References

This document references:
TS 102 042 - Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing public key certificates
Published by ETSI on February 1, 2013
The present document specifies policy requirements relating to Certification Authorities (CAs) issuing public key certificates, including Extended Validation Certificates (EVC) and Publicly trusted...
This document references:
TS 103 090 - Electronic Signatures and Infrastructures (ESI); Conformity Assessment for Trust Service Providers issuing Extended Validation Certificates
Published by ETSI on April 1, 2012
The present document specifies requirements and provides guidance for the supervision and assessment of a Trust Service Provider (TSP) issuing Extended Validation Certificates (EVC) through the use...
This document references:
TS 119 403 - Electronic Signatures and Infrastructures (ESI); Trust Service Provider Conformity Assessment - Requirements for conformity assessment bodies assessing Trust Service Providers
Published by ETSI on August 1, 2015
The present document contains requirements for the competence, consistent operation and impartiality of conformity assessment bodies assessing and certifying conformity of trust service providers...
This document references:
TS 101 456 - Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing qualified certificates
Published by ETSI on December 1, 2006
A description is not available for this item.
This document references:
TS 102 176-1 - Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms
Published by ETSI on July 1, 2011
The present document is targeted to support advanced electronic signatures and the related infrastructure. The present document defines a list of hash functions and a list of signature schemes, as...
This document references:
ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements
Published by ISO on October 1, 2013
This International Standard specifies the requirements for establishing, implementing, maintain and continually improving an information security management system within the context of the...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document is referenced by:
SR 003 091 - Electronic Signatures and Infrastructures (ESI); Recommendations on Governance and Audit Regime for CAB Forum Extended Validation and Baseline Certificates
Published by ETSI on March 1, 2013
The present document describes a recommended Governance and Audit Regime for the CAB Forum Extended Validation and Baseline certificates based on the application of ETSI Specifications (see...
View Less
View All
Advertisement