CA/FAQ: Difference between revisions

Jump to navigation Jump to search

CA/FAQ (view source)

Revision as of 22:10, 26 September 2018

1,342 bytes removed ,  26 September 2018
Updated to match current policy
m (updated links)
(Updated to match current policy)
Line 73: Line 73:
[https://developer.mozilla.org/en-US/docs/Highlevel_Overview_of_NSS About NSS]
[https://developer.mozilla.org/en-US/docs/Highlevel_Overview_of_NSS About NSS]


=== What is the Mozilla CA Certificate Policy? ===
=== What is the Mozilla Root Store Policy? ===


The [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy] is the official Mozilla policy for CA certificates that are distributed with Mozilla software products. This policy consists of three sections:
The [http://www.mozilla.org/projects/security/certs/policy/ Mozilla Root Store Policy] is the official Mozilla policy for CA certificates that are distributed with Mozilla software products. This policy covers how the default set of certificates and associated trust bits is maintained for software products distributed by Mozilla. Other entities distributing software based on ours are free to adopt their own policies. In particular, under the terms of the relevant Mozilla license(s) distributors of such software are permitted to add or delete CA certificates and modify the values of the trust bits in the versions that they distribute. However, as with other software modifications, by making such changes a distributor MAY well affect its ability to use Mozilla trademarks in connection with its versions of the software. See the [https://www.mozilla.org/foundation/trademarks/distribution-policy/ Mozilla trademark policy] for more information.
# [http://www.mozilla.org/projects/security/certs/policy/InclusionPolicy.html Mozilla CA Certificate Inclusion Policy:] This section describes the obligations of Certification Authorities applying for inclusion of their root certificates in Mozilla Products. This includes considerations that are taken into account such as the CA's publicly available documentation about their policies, and audits of the CA's operations in support of the documented policies.
# [http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html Mozilla CA Certificate Maintenance Policy:] This section describes the obligations of Certification Authorities for maintaining confidence in their root certificates that are included in Mozilla Products. This includes regular auditing of the CA's policies and practices; conforming to current CA industry standards and recommended best practices; and making changes to included root certificates.
# [http://www.mozilla.org/projects/security/certs/policy/EnforcementPolicy.html Mozilla CA Certificate Enforcement Policy:] This section describes the steps that Mozilla may take in order to enforce this policy. This includes evaluation of security concerns, and removing or disabling a root certificate.
 
The [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy] applies only to software products distributed by Mozilla, including the Mozilla Foundation and its subsidiaries. Other entities distributing such software are free to adopt their own policies. In particular, under the terms of the relevant Mozilla license(s) distributors of such software are permitted to add or delete CA certificates in the versions that they distribute, and are also permitted to modify the values of the "trust bits" on CA certificates in the default CA certificate set. As with other software modifications, by making such changes a distributor may affect its ability to use Mozilla trademarks in connection with its versions of the software; see the Mozilla trademark policy for more information.


=== How do I get my website's certificate to be trusted by Firefox? ===
=== How do I get my website's certificate to be trusted by Firefox? ===
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1201612"

Navigation menu