Confirmed users, Administrators
5,526
edits
CA/Certificate Change Process: Difference between revisions
Jump to navigation
Jump to search
Fixed links
m (cleanup) |
(Fixed links) |
||
| Line 39: | Line 39: | ||
== Enable EV == | == Enable EV == | ||
The following steps outline the procedure for a CA to request that Extended Validation (EV) be enabled for a root certificate that is currently included in NSS. | The following steps outline the procedure for a CA to request that Extended Validation (EV) treatment be enabled for a root certificate that is currently included in [https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS NSS]. | ||
# Do some initial preparations before you formally submit a request: | # Do some initial preparations before you formally submit a request: | ||
#* Update the CP/CPS to reflect the EV policies, and make sure that the additions to the CP/CPS follow | #* Update the CP/CPS to reflect the EV policies, and make sure that the additions to the CP/CPS follow [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy Mozilla's Root Store Policy] as well as the [https://cabforum.org/extended-validation/ CA/Browser Forum's EV SSL Certificate Guidelines]. | ||
#* | #* Review [[CA/Required_or_Recommended_Practices|Required Practices]] and [[CA/Forbidden_or_Problematic_Practices|Forbidden Practices]]. | ||
#* Complete a WebTrust EV audit that meets the requirements stated in | #* Complete a WebTrust EV audit that meets the requirements stated in [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#audits Mozilla's Root Store Policy]. | ||
# Once you are ready, formally submit your request using the | # Once you are ready, formally submit your request using the [http://bugzilla.mozilla.org/ Bugzilla issue tracking system:] | ||
#* Click on the "Create a new bug report" link in [[CA | #* Click on the "Create a new bug report" link in [[CA/Application_Instructions#Create_Root_Inclusion.2FUpdate_Request|Application Instructions]]. | ||
#* Set the bug summary to "Enable EV for <name of your root>". | #* Set the bug summary to "Enable EV for <name of your root>". | ||
#* In the bug description, include a reference to the original root-inclusion bug number. | #* In the bug description, include a reference to the original root-inclusion bug number. | ||
#* In the bug description, include links to the updated CP/CPS and the WebTrust EV audit. | #* In the bug description, include links to the updated CP/CPS and the WebTrust EV audit statement. | ||
# The request will go through the [[ CA | #* Run the [[PSM:EV_Testing_Easy_Version#EV-Readiness_Check|EV-Readiness Check]]. | ||
# The request will go through the [[CA/Application_Verification#Information_Verification|Information Verification]], [[CA/Application_Verification#Detailed_Review|Detailed Review]], [[CA/Application_Verification#Public_discussion|Public Discussion]], and [[CA/Application_Verification#NSS_and_PSM_Bug_Creation|Inclusion]] phases as described in [[CA/Application_Process#Process_Overview|Application Process Overview]]. | |||
== Disable a Root == | == Disable a Root == | ||