Changes

Jump to: navigation, search

CA

1,717 bytes removed, 09:18, 5 May 2017
Further link updates and rearrangement
* [[CA/Included_Certificates|Included CA Certificates]]
* [[NSS:Release_Versions|NSS:Release_Versions]] - shows which version of Mozilla products a particular root certificate was first available in
* [[CA/Intermediate_Certificates|Intermediate Certificates]]
* [[CA/Removed_Certificates|Removed CA Certificates]]
* [[CA/Certificate_Change_RequestsNSS:Release_Versions|Certificate Change RequestsNSS Release Versions]]- shows in which version of Mozilla products each root certificate was first available
== Program Administration ==
Most information relating to the administration of our program is stored either in [https://bugzilla.mozilla.org/ Bugzilla] or in the [[CA:CommonCADatabase|Common CA Database]].
* [[CA/Dashboard|Certificate Change Request Dashboard]] - tracks applications and trust changes through the processin Bugzilla* [[CA/ca-bugsCertificate_Change_Requests|Certificate Change Requests]] as tracked in the CCADB* [[CA/Incident_Dashboard|Lists of Mis-issuance Incident and Compliance BugsDashboard]]* [[CA_Bug_TriageCA/Bug_Triage|How we mark Bugzilla bugs related Bug Triage Process]] ====crt.sh==== * [https://crt.sh/mozilla-disclosures Disclosure status of all certificates known to CT]* [https://crt.sh/?cablint=issues Problematic certificates issued in the CA Certificate program]past week known to CT]
== Information for CAs ==
* [[CA/Application_Process|Application Process Overview]]* [[CA:How_to_apply|How To Applyfor Mozilla's Root Program]]
* [[CA:Root_Change_Process|Making Changes to Included Roots]]
* [[CA:Recommended_Practices|Recommended CA Practices]]
* [[CA:Problematic_Practices|Potentially Problematic CA Practices]]
* [[CA:BRs-Self-Assessment|Baseline Requirements Self Assessment]]
* [[PSM:EV_Testing_Easy_Version|EV Readiness Test]]
* [https://github.com/awslabs/certlint BR Lint Certificate Test] - source code download
* [https://github.com/kroeckx/x509lint X.509 Lint Certificate Test] - source code download
* [https://mozillacacommunity.force.com/CustomLogin CCADB Login]
 
== Information for Auditors ==
 
* [[CA/Auditors|Information for Auditors]]
== Information for the Public == * [[CA:Recommended_Practices/Terminology|Recommended Glossary of CA practicesand Certificate Terminology]]* [[CA:Problematic_PracticesUserCertDB|Potentially problematic CA practicesChanging Certificate Trust Settings in Firefox]]* [https://tls-observatory.services.mozilla.com/static/certsplainer.html Mozilla's Certificate Explainer]* [CAhttps://www.ssllabs.com/ssltest/analyze.html Qualys SSL Server Quality Checker]* [https://observatory.mozilla.org/ Mozilla SSL Server Quality Checker]* [https:BRs-Self-Assessment|How to do a self-assessment against the Baseline Requirements //certificate.revocationcheck.com/ Certificate Revocation Checker] (BRsalso checks CRL and OCSP server quality and compliance)]]
== Discussion Forums ==
* [https://www.mozilla.org/en-US/about/forums/#dev-tech-crypto mozilla.dev.tech.crypto]. This forum is used for discussions of the [http://www.mozilla.org/projects/security/pki/nss/ NSS] cryptographic library used in Firefox and other Mozilla-based products, as well as the [http://www.mozilla.org/projects/security/pki/psm/ PSM] module that implements higher-level security protocols for Firefox.
* [https://www.mozilla.org/en-US/about/forums/#dev-security mozilla.dev.security]. This forum is used for discussions of Mozilla security issues in general.
 
== Override Default Trust Settings in Firefox ==
 
Users of Firefox or other Mozilla products may [[CA:UserCertDB|override the default root certificate settings]] by either deleting root certificates or by changing the trust bit settings of a root certificate.
 
== How to Apply for Root Inclusion or Changes ==
 
* [https://wiki.mozilla.org/CA Process Overview]
* [[CA:How_to_apply|How to Apply]] -- A guide for CAs wishing to include their certificate in Mozilla's Root CA store, and also a guide for CAs wishing to add trust bits or enable EV for a certificate that is already included in Mozilla's Root CA store.
* [[CA:Root_Change_Process|Root Change Process]] -- How to request a change to a root certificate that is currently included in NSS. This includes the process for disabling or removing a root certificate from NSS.
 
* [[CA:Information_checklist|Checklist of CA information]] required to process a CA's application
* [[CA:Recommended_Practices|Recommended practices for CAs]] wishing to have their root CA certificates included in Mozilla products
* [[CA:Problematic_Practices|Potentially problematic CA practices]]. This discusses CA practices that are not explicitly forbidden by the Mozilla CA policy, and do not necessarily pose security issues, but that some people have expressed concerns about and that may cause delays in evaluating and approving CA applications. Some of these practices may be addressed in future versions of the Mozilla CA policy.
* [[CA:Schedule|Queue for Public Discussion]] of CA evaluations
* [[CA:Recommendations_for_Roots|Technical recommendations for root certificates]]. This is a very first-cut attempt to outline what root certificates should contain, based on the relevant RFCs as supplemented by existing practices.
* [[CA:SubordinateCA_checklist|Checklist for Subordinate CAs and CSPs]] Information needed when subordinate CAs are operated by third parties.
 
* [[PSM:EV_Testing_Easy_Version | EV Testing in Firefox:]] Explains how you can test that your CA certificate (that you want to enable for EV) and your OCSP infrastructure is working correctly according to the expectations of Mozilla, Firefox, the NSS library, and conforms to the SSL protocol specifications (as interpreted by Mozilla/NSS software).
** [[CA:EV_Revocation_Checking|EV certificates and revocation checking]]. This discusses how revocation checking via OCSP or CRLs affects the UI treatment of EV certificates.
* Terminology
** [[CA:Glossary|Glossary of CA- and Mozilla-related terms]]. Useful for following Mozilla CA-related discussions.
** [[CA:Terminology | High Level Terminology]]
* [[CA:Certificate Download Specification|Certificate download specification]]. This document describes the data formats used by Mozilla products for installing certificates.
Gerv
Accountapprovers, antispam, confirm, emeritus
4,925
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1170381"

Navigation menu