136
edits
CA/Communications: Difference between revisions
Jump to navigation
Jump to search
→January 2018 CA Communication: Suggested updates & fixes
(→January 2018 CA Communication: Changed to a survey format) |
(→January 2018 CA Communication: Suggested updates & fixes) |
||
| Line 28: | Line 28: | ||
* We have never used these methods and our CPS states that we do not use these methods of domain validation. | * We have never used these methods and our CPS states that we do not use these methods of domain validation. | ||
* We have disclosed our use of these methods of domain validation on the mozilla.dev.security.policy forum and have either stopped using them or implemented and disclosed a mitigation for the vulnerabilities that have been discovered. | * We have disclosed our use of these methods of domain validation on the mozilla.dev.security.policy forum and have either stopped using them or implemented and disclosed a mitigation for the vulnerabilities that have been discovered. | ||
* | * Other (please describe below) | ||
<br /> | <br /> | ||
ACTION 1 COMMENTS | ACTION 1 COMMENTS | ||
| Line 40: | Line 40: | ||
<br /><br /> | <br /><br /> | ||
Responses:<br /> | Responses:<br /> | ||
* We have | * We have no valid certificates that were issued using these methods | ||
* We | * We have active (not expired or revoked) certificates issued using BR 3.2.2.4.1, but we only use this method in a way that already complies with the proposed method 12 in CA/Browser Forum ballot 218. | ||
* We | * We have active (not expired or revoked) certificates issued using these methods. We have reviewed our implementation for vulnerabilities and have reported our findings below. | ||
findings on the mozilla.dev.security.policy list by the date specified in the comments section below. | * We have active (not expired or revoked) certificates issued using these methods. We will review our implementation for vulnerabilities and report our findings on the mozilla.dev.security.policy list by the date specified in the comments section below. | ||
<br /> | <br /> | ||
ACTION 2 COMMENTS | ACTION 2 COMMENTS (please include any exceptions to the option you selected above) | ||
<br /><br /> | <br /><br /> | ||
ACTION 3: Disclose All Subordinate CA Certificates | ACTION 3: Disclose All Subordinate CA Certificates | ||
| Line 70: | Line 71: | ||
Responses: | Responses: | ||
* We have already delivered our BR Self Assessment to Kathleen | * We have already delivered our BR Self Assessment to Kathleen | ||
* We intend to deliver our BR Self Assessment prior to | * We intend to deliver our BR Self Assessment prior to 31-January 2018 | ||
* We previously requested an extension and intend to deliver our BR Self Assessment prior to 15-April 2018 | |||
* We are exempt from completing a BR Self Assessment because our root(s) are not enabled for websites (SSL) | * We are exempt from completing a BR Self Assessment because our root(s) are not enabled for websites (SSL) | ||
<br /> | <br /> | ||
| Line 79: | Line 81: | ||
If you are one of the CAs that indicated in your response to the November 2017 CA Communication that you need more time to update your CPS to comply with version 2.5 of the Mozilla Root Store Policy, please complete the updates no later than 15-April 2018. Mozilla feels that four months is more than long enough to make a CPS change. | If you are one of the CAs that indicated in your response to the November 2017 CA Communication that you need more time to update your CPS to comply with version 2.5 of the Mozilla Root Store Policy, please complete the updates no later than 15-April 2018. Mozilla feels that four months is more than long enough to make a CPS change. | ||
<br /><br /> | <br /><br /> | ||
Our CPS already complies with Mozilla’s root store policy | * Our CPS already complies with Mozilla’s root store policy | ||
Our CPS will comply with Mozilla’s root store policy by 15-April 2018 | * Our CPS will comply with Mozilla’s root store policy by 15-April 2018 | ||
<br /><br /> | <br /><br /> | ||
ACTION 5 COMMENTS | ACTION 5 COMMENTS | ||