Informaciones de las convocatorias de concurso
Estado
Fecha de envío
02/07/2019
Fecha de respuesta
09/07/2019
Idioma
Estado
Respondida
Información relativa a la pregunta
Asunto
Reference standards.
Pregunta
In order to be compliant to point 8 from Annex 3 “Compliance Audit And Other Assessments” and in particular, to point 8.1, “Topics covered by audit and audit basis” [….] The TLM, root CAs, EAs and AAs shall select an independent acting and accredited PKI auditor to audit their CPS […], Considering that the PKI subject is under Regulation (Eu) “No 910/2014 Of The European Parliament And Of The Council Of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC”, can we select an accredited eIDAS auditor as an “indipendent accredited PKI auditor” from the official list of eIDAS accredited cabs to audit our CPS in order to be compliat to point 8 of Annex 3?
Respuesta
09/07/2019
The Certificate Policy, which is [1] of Annex I to the Contract - Part 2: Technical Specifications, defines many provisions on accredited PKI auditors, in particular chapter 8.3., clause (362) defines requirements on the accredited PKI auditor. Only requirements listed in the Certificate Policy apply on the accredited PKI auditor and there is no direct link to eIDAS accredited labs.