CA/Root Store Policy Archive: Difference between revisions

Jump to navigation Jump to search

CA/Root Store Policy Archive (view source)

Revision as of 12:39, 17 November 2016

1,129 bytes removed ,  17 November 2016
Update process
(Update process)
Line 1: Line 1:
=== Process for Updating the Policy ===
=== Process for Updating the Policy ===


The general process that will be followed to update the [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy] is as follows:
The general process that will be followed to update the [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy] is as follows. Issues and potential changes will be tracked in the [https://github.com/mozilla/pkipolicy/issues policy issue tracker].  
# Public discussion to identify the list of things to consider adding or clarifying in the policy.
# Public Discussion of each item in the list determined in #1.
#* General agreement on intent of the item
#** A representative of Mozilla will state when the official position of Mozilla differs from what has been posted in a discussion.
#* Propose and discuss how to modify the policy for the item
# Draft updated policy.
# Create a bug in Mozilla's [http://bugzilla.mozilla.org/ Bugzilla issue tracking system.]  
#* The bug should be left open for a reasonable amount of time after closing the newsgroup discussion before implementing the update, in order to provide adequate opportunity to ensure all issues have been discussed.
# Continue Public Discussion
#* Discuss the draft updated policy, e.g. the actual text changes/additions to be made to the policy and differences from the previous version.
#* A representative of Mozilla will summarize a consensus that has been reached, and/or state the official position of Mozilla.
# Approval of final draft.
#* Close discussion, and recommend approval in bug.
#* After reasonable amount of time, approve changes in bug. 
# Post official update.
# Notify people of the update.
#* Post notice in the m.d.s.policy, m.d.security, and m.governance forums.
#* Send email communication to CAs, indicate date by which they should comply with the updated policy.  


A [https://wiki.mozilla.org/Modules/Activities#Mozilla_CA_Certificate_Policy Mozilla CA Certificate Policy Module Owner or a Peer] performs the following actions.
# A Mozilla representative will bring forward an item for discussion in m.d.s.policy.
* Moderate the public discussions
# There will be a discussion of how, if at all, to modify the policy for the item.
** State the official position of Mozilla when it differs from the discussion
# At some point, which may be at the start, a Mozilla representative will draft proposed text.
* Propose the draft of the changes to make to the policy
# A Mozilla representative will summarize a consensus that has been reached, and/or state the official position of Mozilla.
* Create the corresponding bug, recommend approval, approve the bug.
# The draft policy in Github will be updated, if required.
* Post the official policy update, after another Mozilla representative, such as a CA Certificate Policy Module Owner or a Peer, has reviewed and approved the changes.
# The issue will be closed.
* Posts notices in discussion forums and sends communication to CAs.
 
At intervals, a new policy version will be released based on the current draft, along with a timeline for compliance.
 
* A Mozilla representative will post notice in the m.d.s.policy, m.d.security, and m.governance forums.
* A Mozilla representative will send email communication to CAs, indicate the compliance schedule.


=== Previous Versions of the Policy ===
=== Previous Versions of the Policy ===
Gerv
Account confirmers, Anti-spam team, Confirmed users, Bureaucrats and Sysops emeriti
4,925

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1155085"

Navigation menu