SC-077: Update WebTrust Audit name in Section 8.4 and References (cab…

…forum#514) (cabforum#543)

* SC-077: Update WebTrust Audit name in Section 8.4 and References (cabforum#514)

* Add updated WebTrust Audit name

Update 8.4 to reference updated WebTrust document names

* Update BR.md

---------

Co-authored-by: Clint Wilson <[email protected]>

* Update BR.md

New TLS BRs version according to ballot SC77

---------

Co-authored-by: Clint Wilson <[email protected]>
Co-authored-by: Clint Wilson <[email protected]>

docs/BR.md

@@ -1,11 +1,11 @@
 ---
 title: Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates
 
-subtitle: Version 2.0.7
+subtitle: Version 2.0.8
 author:
   - CA/Browser Forum
 
-date: 6-September-2024  
+date: 2-October-2024  
 
 
 
@@ -144,6 +144,7 @@ The following Certificate Policy identifiers are reserved for use by CAs to asse
 | 2.0.5 | SC73 | Compromised and weak keys | 3-May-2024 | 1-July-2024 |
 | 2.0.6 | SC75 | Pre-sign linting | 28-June-2024 | 6-August-2024 |
 | 2.0.7 | SC67 | Require Multi-Perspective Issuance Corroboration | 2-August-2024 | 6-September-2024 |
+| 2.0.8 | SC77 | Update WebTrust Audit name in Section 8.4 and References | 2-September-2024 | 2-October-2024 |
 
 \* Effective Date and Additionally Relevant Compliance Date(s)
 
@@ -614,6 +615,8 @@ RFC8954, Request for Comments: 8954, Online Certificate Status Protocol (OCSP) N
 WebTrust for Certification Authorities, SSL Baseline with Network Security, available at 
 <https://www.cpacanada.ca/en/business-and-accounting-resources/audit-and-assurance/overview-of-webtrust-services/principles-and-criteria>
 
+[WebTrust Principles and Criteria for Certification Authorities – SSL Baseline](https://www.cpacanada.ca/en/business-and-accounting-resources/audit-and-assurance/overview-of-webtrust-services/principles-and-criteria)
+
 X.509, Recommendation ITU-T X.509 (08/2005) \| ISO/IEC 9594-8:2005, Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks.
 
 ### 1.6.4 Conventions
@@ -3496,11 +3499,16 @@ The CA's audit SHALL be performed by a Qualified Auditor. A Qualified Auditor me
 
 The CA SHALL undergo an audit in accordance with one of the following schemes:
 
-1. "WebTrust for CAs v2.1 or newer" AND "WebTrust for CAs SSL Baseline with Network Security v2.3 or newer"; or
-2. ETSI EN 319 411-1 v1.2.2, which includes normative references to ETSI EN 319 401 (the latest version of the referenced ETSI documents should be applied); or
-3. If a Government CA is required by its Certificate Policy to use a different internal audit scheme, it MAY use such scheme provided that the audit either
-   a. encompasses all requirements of one of the above schemes or
-   b. consists of comparable criteria that are available for public review.
+1. WebTrust:
+  * "Principles and Criteria for Certification Authorities" Version 2.2 or newer; and either
+    * "WebTrust Principles and Criteria for Certification Authorities – SSL Baseline with Network Security" Version 2.7 or newer; or
+    * "WebTrust Principles and Criteria for Certification Authorities – SSL Baseline" Version 2.8 or newer and "WebTrust Principles and Criteria for Certification Authorities – Network Security" Version 1.0 or newer
+2. ETSI:
+  * ETSI EN 319 411-1 v1.4.1 or newer, which includes normative references to ETSI EN 319 401 (the latest version of the referenced ETSI documents should be applied); or
+3. Other:
+  * If a Government CA is required by its Certificate Policy to use a different internal audit scheme, it MAY use such scheme provided that the audit either
+    a. encompasses all requirements of one of the above schemes; or
+    b. consists of comparable criteria that are available for public review.
 
 Whichever scheme is chosen, it MUST incorporate periodic monitoring and/or accountability procedures to ensure that its audits continue to be conducted in accordance with the requirements of the scheme.