Confirmed users, Administrators
5,526
edits
CA/Root Store Policy Archive: Difference between revisions
Jump to navigation
Jump to search
→Consider for Version 2.3
| Line 78: | Line 78: | ||
The following items will be discussed in regards to version 2.3 of [http://www.mozilla.org/projects/security/certs/policy/WorkInProgress Mozilla's CA Certificate Policy.] | The following items will be discussed in regards to version 2.3 of [http://www.mozilla.org/projects/security/certs/policy/WorkInProgress Mozilla's CA Certificate Policy.] | ||
* Add requirement for CAs to send Mozilla revoked intermediate certificates by submitting a bug report into the mozilla.org Bugzilla system, filed against the "CA Certificates" component of the "NSS" product. <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=CA%20Certificates> | |||
** [[CA:ImprovingRevocation#Preload_Revocations_of_Intermediate_CA_Certificates|When to notify Mozilla]] | |||
** Time frames for notifying Mozilla, and time frames for the change to happen in OneCRL | |||
* Consider adding "except as permitted under CT" to item #4 of the Inclusion Policy, where it says "duplicate issuer names and serial numbers". Then it becomes: "…duplicate issuer names and serial numbers, except as permitted under CT;” | * Consider adding "except as permitted under CT" to item #4 of the Inclusion Policy, where it says "duplicate issuer names and serial numbers". Then it becomes: "…duplicate issuer names and serial numbers, except as permitted under CT;” | ||
** Bugzilla {{Bug|1016587}} | ** Bugzilla {{Bug|1016587}} | ||