Confirm, administrator
5,526
edits
Changes
New Bugzilla component for CA Certificate Mis-Issuance
Mozilla’s [[CA:Overview|CA Certificate Program]] governs inclusion of root certificates in [https://developer.mozilla.org/en-US/docs/NSS Network Security Services (NSS),] a set of open source libraries designed to support cross-platform development of security-enabled client and server applications. The [[CA:IncludedCAs|NSS root certificate store]] is not only used in Mozilla products such as the [https://www.mozilla.org/firefox/ Firefox] browser, but is also used by other companies in a variety of products.
<br /><br />
The [https://bugzilla.mozilla.org/ Bugzilla] productproducts/component for components related to the CA Certificate Program is are:* [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates20Certificate%20Mis-Issuance&product=mozilla.org mozilla.org :: CA CertificatesCertificate Mis-Issuance]- Problems found in certificates issued by Certificate Authorities included in the default certificate store. <br />'''Note''': When doing CA Program Bug triage, check * [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=NSS NSS mozilla.org mozilla.org :: CA Certificates] - For Certificate Authorities to file requests asking for bugs that should have been filed their certificates to be included in the default certificate store.* [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org mozilla.org NSS NSS :: CA Certificates]- For actual code changes to NSS. Kathleen should be the only person filing these bugs on behalf of the CA Program.<br /><br />
The CA Certificate Program deviates from Mozilla's standardized [[Bugmasters/Process/Triage|Bugzilla Bug Triage]] process by not using bug priorities (P1, P2, P3, or P5), because [https://bugzilla.mozilla.org/buglist.cgi?resolution=---&query_format=advanced&component=CA%20Certificates&product=mozilla.org CA Certificate bugs] do not directly include code changes to Mozilla's [[RapidRelease/Calendar|release trains]] or iterations.
<br /><br />
