Open CA Bugs in Bugzilla

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern. A CA's response to CA compliance bug includes providing an Incident Report in the bug.

Anyone may create a CA Compliance bug as follows:

• https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=CA%20Certificate%20Compliance&version=other
• Whiteboard = [ca-compliance]
  • If the issue is due to mandated restrictions regarding COVID-19, use Whiteboard = [ca-compliance][covid-19]

26 Total; 26 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Audit Delays

The compliance bug's whiteboard field is tagged with [audit-delay] whenever a CA is unable to deliver audit statements to Mozilla when they are due. Such bugs should be reported as CA compliance issues, with the following whiteboard tags as described here.

• Whiteboard = [ca-compliance][audit-delay]
• For audit delays due to mandated restrictions regarding COVID-19, use Whiteboard = [ca-compliance][audit-delay][covid-19]

1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Revocation Delays

The compliance bug's whiteboard field is tagged with [delayed-revocation-ca] or [delayed-revocation-leaf] whenever a CA fails to abide by Mozilla's requirement to revoke certificates in a timely fashion. As discussed in CA/Responding_To_An_Incident#Revocation, Mozilla recognizes that there may be *exceptional* situations that cause a CA to not abide by the Baseline Requirements, which should be accompanied by an Incident Report.

Such bugs should be reported as CA compliance issues, and will be categorized appropriately during triage.

2 Total; 2 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here:

• https://wiki.mozilla.org/CA/Closed_Incidents