* [[CA:SalesforceCommunity#Documents|CA Audit statements]], when they are not published on [http://www.webtrust.org/ webtrust.org], the auditor's website, or the CA's website.
The CA Program whiteboard tags:* Root Inclusion/Change requests, and EV treatment enablement requests** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-initial] --assigned] [psmnot enough information to begin the Information Verification phase** [ca-assigned]verification] are bugs that currently have an assignee. These should all be P1.-- in Information Verification phase** [https://bugzillaca-verified] (date) -- Information Verification phase complete.mozillaReady for public discussion.org/buglistIn parentheses add date when Information Verification phase was completed.cgi?quicksearch=[psm** [ca-backlog] [psmdiscussion] -backlog]] consists of - in discussion in the backlog of bugs we should fix in PSMmozilla.dev. These should all be P2 or P3security. If they are P1, they should have an assignee and the tag should be [psm-assigned]policy forum.** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-cleanup] [psmdiscussion-cleanup]hold] consists of code maintenance bugs that would make development easier-- discussion on hold, but don't directly impact functionality. These are probably mostly P3 or P5pending CA actions.** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-hold] --tracking] [psmCA's request is on hold, typically because the CA is a super-tracking]] are meta bugs that track larger work. These should CA, so all be P3of their subCAs have to achieve inclusion first.** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-deprecation] [psmpending-deprecation]approval] are bugs that involve deprecating weak cryptography* [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psm-clientauth] [psm-clientauth]] consists final notice of bugs involved with TLS client authenticationintent to approve the CA's request** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-approved] -smartcard] [psm-smartcard]] are bugs involving PKCS#11 devicesrequest is approved, pending code changes in NSS** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-documentation] [psmapproved-documentation]ev] -- request is approved, certs are bugs on writing or improving in NSS, pending code changes in PSM documentation* Concerns about certificates CAs have issued** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-concern] -waiting] [psm-waiting]] are bugs concern has been raised about certificates that are waiting on some external inputa CA has issued** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-incident] -blocked] [psm-blocked]] are bugs that are blocked on other workthe concern about a CA's certificates has been confirmed, and further investigation and action required to understand and contain the incident.** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-intermittent] [psmincident-intermittent]response] are bugs filed for intermittently failing tests in PSM-- the incident has been contained, and the CA has follow-up action items** [https://bugzilla.mozilla.org/buglist.cgi?quicksearch=[psmca-wouldcompliance] -take] [psm-would-take]] are bugs where we would review patches from contributorsthe concern about a CA's certificates is in regards to failure to comply with Mozilla policy and/or the CA/Browser Forum's Baseline Requirements, but otherwise we won't and is determined to not be working on them. These should be P5an imminent security concern.* CA Audit Statements These ** [ca-audit] -- One bug may be created per CA to store audit statements that are the not published on [httpshttp://bugzillawww.mozillawebtrust.org/buglistwebtrust.cgi?cmdtype=runnamed&namedcmd=psm-untriaged remaining untriaged bugsorg] with respect , the auditor's website, or the CA's website. The bug will be closed as WONTFIX, but the CA may continue to add documents to internal the bug managementeach year.
