Confirmed users, Administrators
5,526
edits
CA/Communications: Difference between revisions
Jump to navigation
Jump to search
Added links to the November 2017 Communication Response Reports
m (Removed word 'Draft') |
(Added links to the November 2017 Communication Response Reports) |
||
| Line 25: | Line 25: | ||
The reports in the following links are automatically generated from data in the [http://ccadb.org/ Common CA Database (CCADB)]. | The reports in the following links are automatically generated from data in the [http://ccadb.org/ Common CA Database (CCADB)]. | ||
* | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00035,Q00036 Responses to Action 1] -- Full compliance with version 2.5 of [https://www.mozilla.org/about/governance/policies/security-group/certs/policy Mozilla's Root Store Policy] | ||
* [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00037,Q00044 Responses to Action 2] -- non-technically-constrained intermediate certificates must be [http://ccadb.org/cas/intermediates disclosed in CCADB] within one week of creation. '''New requirements''' for [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#technically-constrained technical constraints on intermediate certificates issuing S/MIME certificates]. | |||
* Responses to Action 2 -- non-technically-constrained intermediate certificates must be [http://ccadb.org/cas/intermediates disclosed in CCADB] within one week of creation. '''New requirements''' for [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#technically-constrained technical constraints on intermediate certificates issuing S/MIME certificates]. | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00038,Q00045 Responses to Action 3] -- Annual updates via [http://ccadb.org/cas/updates CCADB Audit Cases] | ||
* Responses to Action 3 -- Annual updates via [http://ccadb.org/cas/updates CCADB Audit Cases] | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00050,Q00051 Responses to Action 4] -- Reiterate [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#audit-parameters audit requirements] and '''penalty for incomplete audit statements''' | ||
* Responses to Action 4 -- Reiterate [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#audit-parameters audit requirements] and '''penalty for incomplete audit statements''' | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00039,Q00046 Responses to Action 5] -- Perform a [[CA/BR_Self-Assessment|BR Self Assessment]] | ||
* Responses to Action 5 -- Perform a [[CA/BR_Self-Assessment|BR Self Assessment]] | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00042,Q00048 Responses to Action 6] -- Provide tested email address for [https://ccadb-public.secure.force.com/mozilla/CAInformationReport Problem Reporting Mechanism] | ||
* Responses to Action 6 -- Provide tested email address for [https://ccadb-public.secure.force.com/mozilla/CAInformationReport Problem Reporting Mechanism] | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00040,Q00047 Responses to Action 7] -- Follow new developments and effective dates for [http://tools.ietf.org/html/rfc6844 Certification Authority Authorization (CAA)] | ||
* Responses to Action 7 -- Follow new developments and effective dates for [http://tools.ietf.org/html/rfc6844 Certification Authority Authorization (CAA)] | * [https://ccadb-public.secure.force.com/mozillacommunications/CACommResponsesOnlyReport?CommunicationId=a051J00003mogw7&QuestionId=Q00052,Q00053 Responses to Action 8] -- Check [https://groups.google.com/d/msg/mozilla.dev.security.policy/4kj8Jeem0EU/GvqsgIzSAAAJ issuance of certs to .tg domains] from October 25 to November 11, 2017. | ||
* Responses to Action 8 -- Check [https://groups.google.com/d/msg/mozilla.dev.security.policy/4kj8Jeem0EU/GvqsgIzSAAAJ issuance of certs to .tg domains] from October 25 to November 11, 2017. | |||
== May 2017 - Announcing CCADB Changes == | == May 2017 - Announcing CCADB Changes == | ||