Ernst & Young Virginia: Audit issues
Categories
(CA Program :: CA Certificate Compliance, task)
Tracking
(Not tracked)
People
(Reporter: ryan.sleevi, Assigned: bwilson)
Details
(Whiteboard: [auditor-compliance])
Attachments
(2 files)
Ernst & Young Virginia issued a WebTrust for CAs Assessment Report to the Government Printing Office of the United States, as disclosed at https://www.oversight.gov/node/20242
The first public version of the report used the boiler plate language from the Illustrative Report, stating
"Subscriber information is properly authenticated (for the registration activities performed by ABC-CA); and"
The correct name of the CA within the report is GPO-CA. As such, the above statement provides no assurances about this specific Principle and Criteria for the activities for GPO-CA.
This was confirmed by the WebTrust Task Force as an oversight, and is being corrected. The original report is attached, as well as the information from https://www.oversight.gov/node/20243 , which names the auditors involved in the preparation and approval of this report.
Related past bugs: Bug 1525441, Bug 1525412, Bug 1525423, Bug 1525446, Bug 1525082
|
Reporter | |
Comment 1•5 years ago
|
||
|
|
Reporter | |
Comment 2•5 years ago
|
||
Wayne: I think you're just closing auditor bugs? I wasn't sure if Kathleen tracked these in CCADB.
|
|
Reporter | |
Updated•5 years ago
|
|
||
Comment 3•5 years ago
|
||
(In reply to Ryan Sleevi from comment #2)
I wasn't sure if Kathleen tracked these in CCADB.
Added auditor comment in CCADB. Thanks!
|
||
Comment 4•5 years ago
|
||
(In reply to Ryan Sleevi from comment #2)
Wayne: I think you're just closing auditor bugs?
I've just been leaving them open, but closed if fine as well.
|
|
Reporter | |
Updated•5 years ago
|
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Comment 5•4 years ago
|
||
Based on Comment #4 above, I am closing this bug.
|
||
Updated•2 years ago
|
Description
•