[Crm-sig] How to certify CRM compatibility, URGENT PLEASE VOTE

Bernhard Schiemann Bernhard.Schiemann at informatik.uni-erlangen.de
Wed Nov 5 11:19:16 EET 2008


martin wrote:
> Dear All,
> 
> The current, well received text about CRM compatibility we are preparing to propose as ISO
> amendment, contains the following last phrase, which caused comments on what the certification procedure will be:
> 
> A) The provider should be able to demonstrate the claim with suitable test data. A third party should be able to verify the claim with 
> suitable test data.
> 
> One alternative is this:
> B)
> The provider should be able to demonstrate the claim with suitable test data and the grant of a certificate by a certification authority
>   (CA). A trusted third party recognised as a CA in this practice area, should be able to verify the credentials of the provider applying
>   for such certificate and thus, of its claim with suitable test data,before issuing the certificate so that the users can trust the
> information in the CA certificates.
> 
>   In any case, the provider should be able to demonstrate its claim according to certain procedures included in any applicable certificate
>   practice related statement and must also comply with any applicable certification policies of the respective CA.
> 
> Second alternative:
> C)
> The provider should be able to demonstrate the claim with suitable test data. The provider should be able to demonstrate its claim according 
> to certain procedures included in any applicable certificate practice related statement.
> The provider should either make evidence of these procedures publicly available, so that any third party should be able to verify the claim 
> with suitable test data, or acquire a certificate by a certification authority (CA). A trusted third party recognised as a CA in this 
> practice area, should be able to verify the credentials of the provider applying for such certificate and thus, of its claim with suitable 
> test data, before issuing the certificate so that the users can trust the information in the CA certificates.
May I add an alternative?: (It is a variant of C)
D)
The provider is able to demonstrate the claim with suitable test data.
The test data consist either of a controlled vocabulary as a subset of
the text specification ISO 21127:2006 (:2008/9) or in a formal language
. A  set of test data is provided by the CRM SIG.

The provider should either make evidence of these procedures publicly
available, so that any third party is able to verify the claim
with suitable test data, or acquire a certificate by a CRM certification
authority (CA). A trusted third party recognized as a CRM CA in this
practice area, is able to verify the credentials of the provider
applying for a CRM certificate and thus, of its claim with suitable
test data, before issuing the CRM certificate so that users can trust
the information in the CA CRM certificates. Any company or group who
wishes to be recognized as CRM CA request this status at the CRM SIG.



Best
Bernhard


> 
> Please vote on these alternatives until Thursday morning. Reply either to crm-sig or to martin at ics.forth.gr, in case you would not like your 
> vote to become public.
> 
> Best,
> 
> Martin
> 


-- 
*************************************************************
Bernhard Schiemann, Dipl. Ing.
Artificial Intelligence Division
Department of Computer Science
University of Erlangen-Nuremberg
Haberstr. 2, D-91058 Erlangen, Germany

Tel.:  +49-9131-85-28984
Fax :  +49-9131-85-28986
Email: schiemann at informatik.uni-erlangen.de
http://www8.informatik.uni-erlangen.de/inf8/en/schiemann.html
To verify my keys, please use gpg keyserver:
pgp.mit.edu
*************************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: schiemann.vcf
Type: text/x-vcard
Size: 380 bytes
Desc: not available
Url : http://lists.ics.forth.gr/pipermail/crm-sig/attachments/20081105/a6327934/attachment.vcf 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 257 bytes
Desc: OpenPGP digital signature
Url : http://lists.ics.forth.gr/pipermail/crm-sig/attachments/20081105/a6327934/attachment.bin 


More information about the Crm-sig mailing list