Confirm, administrator
5,526
edits
Changes
Changed Bugzilla Product from NSS to CA Program per Bugzilla Bug #1799573
== Security Compromise ==
When a serious security concern is noticed, such as a root compromise, it should be treated as a security-sensitive bug, and a [https://bugzilla.mozilla.org/enter_bug.cgi?product=NSSCA%20Program&component=CA%20Certificate%20Compliance&groups=crypto-core-security secure bug should be filed in Bugzilla].
To report a concern about certificates being issued by a CA in Mozilla's Program:
* https://bugzilla.mozilla.org/enter_bug.cgi?product=NSSCA%20Program&component=CA%20Certificate%20Compliance&version=other
Open CA Mis-Issuance bugs: https://wiki.mozilla.org/CA/Incident_Dashboard
* No recent audit
'''Important:''' Root changes that are motivated by a serious security concern such as a root compromise should be treated as a security-sensitive bug, and a [https://bugzilla.mozilla.org/enter_bug.cgi?product=NSSCA%20Program&component=CA%20Certificate%20Compliance&groups=crypto-core-security secure bug filed in Bugzilla].
The process for removing or disabling a root in NSS is as follows:
# Initiate the request:
#* [https://bugzilla.mozilla.org/enter_bug.cgi?&component=CA%20Certificate%20Root%20Program&product=NSSCA%20Program&bug_severity=enhancement&short_desc=Add%20%5Byour%20CA%27s%20name%5D%20root%20certificate%28s%29 File a bug in Bugzilla] with the following information:#** Product: NSSCA Program
#** Component: CA Certificate Root Program
#** Summary should be one of:
