Changes

Jump to: navigation, search

CA/Application Process

478 bytes added, 22:36, 17 January 2018
Moved Detailed Review of CA's docs to before the discussion phase.
#* If the CA contracts to another organization to help with the root inclusion request, the representative of the CA must clarify that relationship in their request, and must provide clear information about who the ongoing [[CA/Information_Checklist#CA_Primary_Point_of_Contact_.28POC.29|points-of-contact]] will be for the CA.
# A representative of Mozilla [[CA/Application_Verification#Information_Verification|verifies the information provided by the CA]].
# A representative of Mozilla or of the CA Community (as agreed by a Mozilla representative) performs a [[CA/Application_Verification#Detailed_Review|detailed review of the CA’s CP/CPS and audit documents]]. During this phase, the CA may be required to update their CP/CPS and audit documents to become fully aligned with [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla's Root Store Policy].
# A representative of Mozilla [[CA/Dashboard#Ready_for_Public_Discussion|adds the request to the queue for public discussion.]]
# Anyone interested in the CA's application participates in discussions of CA requests [[CA/Dashboard#In_Public_Discussion|currently in discussion]] in the [https://www.mozilla.org/en-US/about/forums/#dev-security-policy mozilla.dev.security.policy forum].# When the application reaches the head of the queue, a representative of Mozilla starts the [[CA/Application_Verification#Public_discussion|public discussion]] for the CA in the [https://www.mozilla.org/en-US/about/forums/#dev-security-policy mozilla.dev.security.policy forum], stating Mozilla’s intent to approve the request and initiating a 3 week comment period.#* We prefer If no concerns are raised during that at least two independent parties review time period, then the representative of Mozilla will close the discussion and comment upon each applicationthe request may proceed to the approval phase.
# A representative of the CA responds to questions and concerns posted during the public discussion of the CA's request.
# A representative of Mozilla summarizes the discussion and resulting decisions or action items.
#* A discussion may be extended beyond the initial comment period if concerns or questions are raised that require further attention.
#* A discussion may be put on hold, pending a CA action item, such that the discussion may continue as soon as the CA has provided the requested information.
# A representative of the CA completes action items resulting from the public discussion, which may include updating processes, documentation, and audits.
Kathleen Wilson
Confirm, administrator
5,526
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1186983"

Navigation menu