26
Oct
17

Interesting Tidbits Out Of The PCI European Community Meeting Assessors Session

Usually the European Community Meeting uneventfully passes because everyone reads the slide decks, Twitter feeds and feedback from the North American CM.  However, with the cancellation of this year’s North American CM due to Hurricane Irma, that gave the EU CM the spotlight.

While we will all get the slide decks (and supposedly videos) via the portal, here are some interesting tidbits from the Assessors Session in Barcelona thanks to Yves Desharnais who attended the EU CM.

  • Emma Sutcliffe confirmed that the next major revision, i.e., v4.0, of the PCI DSS and PA-DSS are slated for a 2019 release (obviously barring any dramatic change in threats/attacks).
  • Emma also confirmed that there could be a “point” release, i.e., v3.3, of the PCI DSS and PA-DSS in 2018 to clean up errors and the like such as was with 3.1 and 3.2. Maybe while they are at it they can fix the ROC Reporting Template so that it does not cause Word to do strange things.
  • Jeremy King stated that the situation with SSL and Early TLS may be revisited before June 30, 2018. Apparently, the feedback from POI service providers and others are causing them to revisit that situation.

Now we are all in the know.

Advertisements

6 Responses to “Interesting Tidbits Out Of The PCI European Community Meeting Assessors Session”


  1. 1 Robert
    November 1, 2017 at 10:58 AM

    If you have feedback about the PCI DSS And PCI PA-DSS, there is a RFC open at the moment (until November 15th, 2017) to comment to the PCI SSC about these two standards. Maybe your comments will make it in a changes in the v3.3 or v4.0. Participate!

    • November 11, 2017 at 4:35 PM

      Comments have been filed, but I seriously doubt they will be included. 😉

  2. 3 RolandA
    October 29, 2017 at 8:46 AM

    Thank you for the notes!
    (However, Jeremy King wasn’t present at the assessor session)

    • October 29, 2017 at 8:56 AM

      I went back and reviewed the note I got from my friend who did attend. Hard to say given how his notes are written if this is related to an earlier session. Regardless, apparently Jeremy made a comment at some point at the EU CM about SSL/Early TLS.

  3. October 26, 2017 at 4:53 PM

    I’m about to head home, else I would have laid a large rant right here, right now. I might tomorrow.

    • October 30, 2017 at 12:56 PM

      Rant. RANT!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Announcements

If you are posting a comment, be patient, as the comments will not be published until they are approved.

If your organization has a PCI opportunity, is in need of assistance with a PCI issue or if you would like the PCI Guru to speak at your meeting, you can contact the PCI Guru at pciguru AT gmail DOT com.

I do allow vendors to post potential solutions in response to issues that I bring up in posts. However, the PCI Guru does not endorse any specific products, so "Caveat Emptor" - let the buyer beware. Also, if I feel that the response is too "sales-ee", I reserve the right to edit or not even authorize the response.

Calendar

October 2017
M T W T F S S
« Sep   Nov »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Enter your email address to subscribe to the PCI Guru blog and receive notifications of new posts by email.

Join 1,898 other followers


%d bloggers like this: