Confirmed users, Administrators
5,526
edits
CA:RootTransferPolicy: Difference between revisions
Jump to navigation
Jump to search
→Personnel Changes
| Line 43: | Line 43: | ||
* The organization operating the PKI remains the same, but the organization personnel report to a new management structure. | * The organization operating the PKI remains the same, but the organization personnel report to a new management structure. | ||
If transferring the operation of the PKI to a different organization involves physically moving the root certificate's private key, then the steps outlined in the [[CA:RootTransferPolicy#Physical_Relocation | Physical Relocation]] section above must be followed. | If transferring the operation of the PKI to a different organization involves physically moving the root certificate's private key and/or the CA's online operations, then the steps outlined in the [[CA:RootTransferPolicy#Physical_Relocation | Physical Relocation]] section above must be followed. | ||
In all cases, the organization that is transferring the operation of the PKI must ensure that the transfer recipient is able to fully comply with [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy]. The original organization will continue to be responsible for the root certificate until the new organization has provided Mozilla with their [[CA:Information_checklist#CA_Primary_Point_of_Contact_.28POC.29|Primary Point of Contact]], CP/CPS documentation, and audit statement confirming successful transfer of the root. | In all cases, the organization that is transferring the operation of the PKI must ensure that the transfer recipient is able to fully comply with [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy]. The original organization will continue to be responsible for the root certificate until the new organization has provided Mozilla with their [[CA:Information_checklist#CA_Primary_Point_of_Contact_.28POC.29|Primary Point of Contact]], CP/CPS documentation, and audit statement confirming successful transfer of the root. | ||
The new organization operating the PKI must follow [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy], and send Mozilla links to the [[CA:Information_checklist#Verification_Policies_and_Practices|public-facing CP/CPS documentation and annual audit statements]]. | The new organization operating the PKI must follow [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Mozilla’s CA Certificate Policy], and send Mozilla links to the [[CA:Information_checklist#Verification_Policies_and_Practices|public-facing CP/CPS documentation and annual audit statements]]. | ||