Confirmed users, Administrators
5,526
edits
CA:RootTransferPolicy: Difference between revisions
Jump to navigation
Jump to search
→Personnel Changes
| Line 30: | Line 30: | ||
== Personnel Changes == | == Personnel Changes == | ||
Personnel Changes may include one or more of the following. | Personnel Changes may include one or more of the following. | ||
* Operation of the PKI is transferred to a different organization | * Operation of the PKI is transferred to a different organization that is already operating root certificates included in Mozilla’s program. | ||
* Operation of the PKI is transferred to a different organization | * Operation of the PKI is transferred to a different organization that does not currently operate a root certificate included in Mozilla’s program. | ||
* The organization operating the PKI remains the same, but the organization | * The organization operating the PKI remains the same, but the organization personnel report to a new management structure. | ||
If transferring the operation of the PKI to a different organization involves physically moving the root certificate's private key, then the steps outlined in the [[CA:RootTransferPolicy#Physical_Relocation | Physical Relocation]] section above must be followed. | |||
In all cases, the CA who is transferring the operation of the PKI must ensure that the transfer recipient is able to fully comply with [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy]. The original CA will continue to be responsible for the root certificate until the new organization has provided Mozilla with their Primary Point of Contact, CP/CPS documentation, and audit statement confirming successful transfer of the root. | |||
The new organization operating the PKI must follow [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy], and send Mozilla links to the [[CA:Information_checklist#Verification_Policies_and_Practices|public-facing CP/CPS documentation and annual audit statements]]. | |||