CA/Email templates

From MozillaWiki
< CA
Jump to: navigation, search

Email Templates used by CCADB

The email templates in this page are specifically for the email reminders that get sent by the Common CA Database (CCADB) to CAs in Mozilla's program, in regards to data or updated documentation that the CA needs to provide.

See the CA Communications wiki page if you are looking for a history of the surveys/communications that have been sent to CAs in Mozilla's program. CA Communications are different from the email reminders/notifications that get sent by the CCADB. The purpose of CA Communications is to ensure that all CAs in Mozilla's program receive the same information. On the other hand email reminders/notifications that get sent by the CCADB contain information specific to the CA about what data they need to update in the CCADB.

Welcome Email Template

Subject: Welcome to the Common CA Database

Dear Certification Authority,

Mozilla welcomes you to the Common CA Database!

You are receiving this email because you are the Primary Point of Contact for {!Receiving_User.CA_Owner_for_Contact__c}. As such, you are responsible for entering and maintaining your CA's data as required for continued inclusion in our program.

Instructions for using the Common CA Database are available here:
http://ccadb.org/cas/

To get started, go to: {!Community_Url}

Username: {!Receiving_User.Username}

Please login within the next 48 hours, and let me know if you run into any problems.

Thanks,
Kathleen
{!Organization.Name}

Audit Reminder Email Templates

Audit reminder email is sent on the third Tuesday of each month to CAs whose audit statements are about to expire, or whose audit statements are past due.

Courtesy Audit Reminder Email Template

Audit Reminder is sent when previous Audit Period End date is 1 year plus 31 days to 93 days old.

Subject: Mozilla: Audit Reminder

Dear Certification Authority,

This is a courtesy reminder from Mozilla that updated audit statements are due for the following root certificates:

{!RootCertificateList}

Here is the audit statement information we have for these root certificates.

{!standardAuditInfoStr}
{!brAuditInfoStr}
{!evAuditInfoStr}

As per Mozilla's Root Store Policy, we require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties.

Please provide your annual updates via the Common CA Database (CCADB), as described here:
http://ccadb.org/cas/updates

This is an automated email that will be sent regularly until the audit statements have been updated in our records.

Regards,

{!User.FirstName} {!User.LastName}
{!User.CompanyName}
{!User.Title}

Overdue Audit Statement Email Template

Overdue Notice is sent when previous Audit Period End date is 1 year plus 93 days to 150 days old.

Subject: Mozilla: Overdue Audit Statements

Dear Certification Authority,

Updated audit statements are overdue for the following root certificates. If you do not respond promptly with updated audit information, a Mozilla representative will file a Bugzilla Bug and start a discussion in the mozilla.dev.security.policy discussion forum to record that audit statements are past due for these root certificates.

{!RootCertificateList}

Here is the audit statement information we have for these root certificates.

{!standardAuditInfoStr}
{!brAuditInfoStr}
{!evAuditInfoStr}

As per Mozilla's Root Store Policy, we require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties. A failure to provide required updates in a timely manner are grounds for disabling a CA’s root certificates or removing them from Mozilla products. According to the policy "a timely manner" means within 30 days of when the appropriate documentation becomes available to the CA.

Please provide your annual updates via the Common CA Database (CCADB), as described here:
http://ccadb.org/cas/updates

This is an automated email that will be sent regularly until the audit statements have been updated in our records.

Regards,

{!User.FirstName} {!User.LastName}
{!User.CompanyName}
{!User.Title}

Failure to Provide Audit Statement Email Template

Danger of being removed warning is sent when previous Audit Period End date is older than 1 year plus 150 days.

Subject: Mozilla: Your root is in danger of being removed

Dear Certification Authority,

Your root certificates as listed below are in danger of being removed from Mozilla's root store, because the audit statements that we have on record are very old. If you do not respond promptly with updated audit information, we will initiate the process of removing these root certificates.

{!RootCertificateList}

Here is the audit statement information that we have for these root certificates:

{!standardAuditInfoStr}
{!brAuditInfoStr}
{!evAuditInfoStr}

As per Mozilla's Root Store Policy, we require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties. A failure to provide required updates in a timely manner are grounds for disabling a CA’s root certificates or removing them from Mozilla products. According to the policy "a timely manner" means within 30 days of when the appropriate documentation becomes available to the CA.

Please provide your annual updates via the Common CA Database (CCADB), as described here:
http://ccadb.org/cas/updates

This is an automated email that will be sent regularly until the audit statements have been updated in our records or the corresponding root certificates have been disabled or removed from NSS.

Regards,

{!User.FirstName} {!User.LastName}
{!User.CompanyName}
{!User.Title}

Intermediate Certificate Email Templates

Intermediate Certificate related email is sent to CAs who need to update or add records to the CCADB to represent the intermediate certificates chaining up to their root certificates that are included in Mozilla's program.

Disclosure Incomplete Email Template

The following email templates corresponds to the following row/section in https://crt.sh/mozilla-disclosures.

Subject: Mozilla: Need Audit or CP/CPS for Intermediate Certificates

Dear Certification Authority,

This is a courtesy reminder from Mozilla that audit statements or CP/CPS documents are missing for the following intermediate certificate records in the Common CA Database (CCADB).

{!IntermediateCertificateList} -- format: <Certificate Name>, <SHA256 Fingerprint>)

For each of the certificates listed above, please update their record in the CCADB to provide audit and policy information as described here:

http://ccadb.org/cas/

This is an automated email that will be sent regularly until the audit statements and policy documents have been correctly disclosed in the CCADB.

Regards,

{!User.FirstName} {!User.LastName}
{!User.CompanyName}
{!User.Title}

Outdated Audit Statements for Intermediate Certificates

This email is automatically sent by the CCADB on the first Tuesday of each month to CAs who have outdated audit statements in their intermediate cert records. An audit statement is determined to be outdated when its Audit Period End Date is older than 1 year + 3 months.

Subject: Outdated Audit Statements for Intermediate Certificates
Dear Certification Authority,
Your CA has <#> intermediate certificate records in the Common CA Database (CCADB) that have outdated audit statements. Please login to the CCADB to provide audit and policy information as described here:

ccadb.org/cas/intermediates

A report of the intermediate certificates that need to be updated may be found by logging into the CCADB, clicking on the 'Reports' tab and the 'CA Community Reports' folder. The report is called "My Outdated Audit Statements for ICs"

{!IntermediateCertificateList} (#10#)

This is an automated email that will be sent regularly until the audit statements have been updated in your CA's intermediate certificate records in the CCADB.

Regards,

{!User.FirstName} {!User.LastName}
{!User.CompanyName}
{!User.Title}