1. HKU Grid Certificate Authority (HKU Grid CA) CP/CPS Reviewer’s Comments
Bill Yau

2. Timeline (20th F2F Meeting) – Draft CP/CPS 3.0 Submitted for Review
19 Oct – 23 Nov: 1st Round Review
14 Feb – 20 Feb: 2nd Round Review
Sibling APGridPMA CAs Involved:
KISTI, KR (Sang-Un)
IGCA, IN (Santhosh)

3. Summary of Approved Changes
“Computer Centre” has been removed from Document Title and HKU Grid CA title [1.2][1.6.1] 
Document Version has been changed to 3.0 [1.2]
Document Date has been changed to 9 February 2018 [1.2]
CP/CPS OID has been modified [1.2][7.1.2]
OCSP service have been added [1.3.3] [1.6.1] [3.1.5][3.2.3][4.1.2][4.9.9][4.9.10][6.3.2][7.1.2]
New version of “Guidelines on Private Key Protection” has been used as reference [1.3.3][4.1.2]
Purposes of certificate use has been revised [1.4.1]
URL of CA root certificate and CRL have been modified [2.2][7.1.2]

4. Summary of Approved Changes
Direct contact in person has been added as a way of certificate revocation request [3.4][4.9.3]
Certificate enrollment/rekey process have been revised [4.1.2][4.7.3]
Length of user/host keys has been updated to at least 2048 bits long [4.1.2][6.1.5]
CA’s key pair length has been updated to 4096 bits [6.1.5][7.1.3]
Record retention period has been changed to 3 years [5.4.3][5.5.2]
CN of issuer name form has been updated to “HKU Grid CA 2” [7.1.4]
Minor grammatical error have been corrected [1.3.2][1.3.3][1.3.4]
Section of Bibliography has been removed 

5. Some Feedback on Comments
Few minor corrections might be still required as follows: 1) Document titles in front page and in Section 1 are not identical 2) Links are broken
This CP/CPS version 3.0 is planned to be used on a new host which is not online yet, thus these paths are currently empty. The addresses would be populated when the host is online (and start signing certificates).