Comment 153 for bug 1271513

(In reply to Antonio from comment #134)
> Indeed, new version of CPS and PC that are within the scope of the
> certification will comply with the requirement of the “WebTrust SM/TM for
> Certification Authorities WebTrust Principles and Criteria for Certification
> Authorities - SSL Baseline with Network Security”. However, for the sake of
> coherence, it was not possible to consider such statement but after
> finishing the audit.
>
> It will be included the following text:
>
> FNMT-RCM conforms to the current version of the Baseline Requirements for
> the Issuance and Management of Publicly-Trusted Certificates published at
> https://cabforum.org/wp-content/uploads/BRv1.2.3.pdf. In the event of any
> inconsistency between this document and those Requirements, those
> Requirements take precedence over this document.
>
> We remain at your disposal for any further clarification concerning this
> topic.

Please clarify if you intend to add that statement to the CP/CPS, or if you are saying it will be part of the audit statement only.

For reference, I asked in the discussion forum about having the BR commitment to comply in the audit statement only:
https://groups.google.com/d/msg/mozilla.dev.security.policy/wsw2G-PFKiA/akU0bhzN8MMJ
It looks to me like the answer will be that it needs to be in the CP/CPS. You are welcome to participate in that discussion.