Confirm, administrator
5,526
edits
Changes
m
* Other?== Bug Triage in Mozilla's CA Certificate Program==
=== CA Program Whiteboard Tags ====='''Root Inclusion/Change requests, and EV treatment enablement requests'''Treatment Enablement Requests===
'''Concerns about certificates CAs have issued'''=== CA Certificate Issuance Problems and Incidents ===
'''===CA Program Process or Policy Related Bugs'''===
'''=== CA Audit Statements''' Statement Bugs ===
updated headings
* Need to get better at triaging and tracking CA Program bugs that are not root inclusion/change requests, such as CA Incident Response bugs.
* With other root store operators (e.g. Microsoft) also using Bugzilla for things like audit statements (see below), I will need to make sure the bugs get properly handled.
Mozilla’s [[CA:Overview|CA Certificate Program]] governs inclusion of root certificates in [https://developer.mozilla.org/en-US/docs/NSS Network Security Services (NSS),] a set of open source libraries designed to support cross-platform development of security-enabled client and server applications. The [[CA:IncludedCAs|NSS root certificate store]] is not only used in Mozilla products such as the [https://www.mozilla.org/firefox/ Firefox] browser, but is also used by other companies in a variety of products.
<br /><br />
* [[CA:SalesforceCommunity#Documents|CA Audit statements]], when they are not published on [http://www.webtrust.org/ webtrust.org], the auditor's website, or the CA's website.
* [ca-initial] -- not enough information to begin the Information Verification phase, or not yet assigned to someone to do the Information Verification
* [ca-verification] -- in Information Verification phase
** Current query: Whiteboard contains [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org&status_whiteboard_type=allwordssubstr&query_format=advanced&status_whiteboard=awaiting%20PSM awaiting PSM]
* [ca-concern] -- concern has been raised about certificates that a CA has issued
** Current query: Whiteboard contains [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org&status_whiteboard_type=allwordssubstr&query_format=advanced&status_whiteboard=Incident%20Reported Incident Reported]
** Current query: Whiteboard contains [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org&status_whiteboard_type=allwordssubstr&query_format=advanced&status_whiteboard=BR%20Compliance BR Compliance]
* [ca-program] -- bugs related to CA Program process, wiki pages, or policy. Note that most [https://github.com/mozilla/pkipolicy/issues CA Program Policy issues] are tracked in github.
* [https://bugzilla.mozilla.org/buglist.cgi?list_id=13432145&resolution=---&resolution=FIXED&resolution=WONTFIX&resolution=WORKSFORME&status_whiteboard_type=allwordssubstr&query_format=advanced&status_whiteboard=%5Bca-audits%5D&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&component=CA%20Certificates&product=mozilla.org [ca-audits]] -- One bug may be created per CA to store audit statements that are not published on [http://www.webtrust.org/ webtrust.org], the auditor's website, or the CA's website.
** Close bug as RESOLVED | WORKSFORME, with comment "Closing this bug, but this bug may continue to be used for tracking this CA's annual audit statements."
