Confirm, administrator
5,526
edits
Changes
m
→Network Security Controls
CAs must maintain current best practices regarding network security, and have qualified network security audits performed on a regular basis. The [https://www.cabforum.org/ CA/Browser Forum] has published a document called [https://www.cabforum.org/documents.html Network and Certificate System Security Requirements] which should be used a set of recommendations for protecting network and supporting systems.
It is expected that CAs shall do the following on a regular basis:
* Check for mis-issuance of certificates, especially high-profile domains.
* Review network infrastructure, monitoring, passwords, etc. for signs of intrusion or weakness.
