About Mozilla's CA Certificate Policy Version 2.3
Purpose of this update
The purpose of this update to Version 2.3 was to officially publish some agreed-upon changes which had been made a year or more before the date of publication and which had been de facto adopted but had not been officially published. Also, we added information about new versions of the ETSI audit standards.
Time Frames for included CAs to comply with version 2.3 of the policy
Immediate - Even though Version 2.3 was published December 19, 2016, the changes had already been adopted in practice.
Summary of changes:
- Remove references to code signing; Mozilla's root program no longer covers this
- Update references to the Baseline Requirements to account for the rearrangement of that document
- Update ETSI audit standards document names and numbers
- Update minimum version of the BRs to 1.3