Changes

Jump to: navigation, search

CA/Bug Triage

1,583 bytes removed, 22:06, 6 February 2017
Drafting initial text
The CA Certificate Program deviates from Mozilla's standardized [[Bugmasters/Process/Triage|Bugzilla Bug Triage]] process by not using bug priorities (P1, P2, P3, or P5), because [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org CA Certificate bugs] do not directly include code changes to Mozilla's release trains or iterations.
<br /><br />
[https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org&list_id=13429872 CA Certificate bugs] are used totrack:* Track root Root inclusion/change requests. When approved, the actual code changes are requested via a new [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=NSS Bugzilla Bug for NSS].* Track EV treatment enablement requests. When approved, the actual code changes are requested via a new [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=Security%3A%20PSM&product=Core Bugzilla Bug for PSM].
* Concerns that are raised about certificates being issued by CAs, and the resulting action items for the CAs.
* CA Program related concerns or action items. If it is determined that a code changes is needed, then a separate Bugzilla Bug will be created to request the code change.
* [[CA:SalesforceCommunity#Documents|CA Audit statements]], when they are not published on [http://www.webtrust.org/ webtrust.org], the auditor's website, or the CA's website.
In short, every new bug should either be prioritized as moved to a different component, or needinfo should be requested from someone. P1 means the bug should be fixed before the current Nightly branches to Aurora (and even uplifted as appropriate). P2 means the bug will be worked on "next" (basically, after P1s are taken care of). P3 means the bug is in the "should be fixed" backlog. Tracking or meta bugs are also P3. P5 is for bugs where patches would be reviewed and taken from contributors if appropriate, but otherwise won't be worked on. If a bug has had an unanswered needinfo flag for more than 2 weeks, it should be reevaluated (closing as incomplete, needinfo-ing another person, etc.).  After branching, bug priorities should be revisited. If a P1 is still open, it either needs to be deprioritized (maybe it isn't really a P1) or whatever is blocking its completion needs to be identified and dealt with. P2s and P3s should be considered for promotion to a higher priority. Assignees should be found for any bugs promoted to P1. This is the list of [https://bugzilla.mozilla.org/buglist.cgi?product=Core&component=Security%3A%20PSM&priority=--&n1=1&f1=flagtypes.name&o1=substring&v1=needinfo&resolution=---&chfield=&#91;Bug%20creation&#93;&chfieldto=Now&query_format=advanced&chfieldfrom=2016-06-01 untriaged bugs] according to the new process. This is the list of [https://bugzilla.mozilla.org/buglist.cgi?product=Core&component=Security%3A%20PSM&f1=flagtypes.name&o1=substring&v1=needinfo&f2=delta_ts&o2=lessthan&v2=14d&resolution=---&query_format=advanced bugs waiting on needinfo for more than 2 weeks] according to the new process. Internally, PSM makes use of a number of The CA Program whiteboard tags for organizational and prioritization purposes. They are as follows
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=&#91;psm-assigned&#93; &#91;psm-assigned&#93;] are bugs that currently have an assignee. These should all be P1.
* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=&#91;psm-backlog&#93; &#91;psm-backlog&#93;] consists of the backlog of bugs we should fix in PSM. These should all be P2 or P3. If they are P1, they should have an assignee and the tag should be &#91;psm-assigned&#93;.
Confirm, administrator
5,526
edits

Navigation menu