Confirmed users, Administrators
5,526
edits
CA/Root Inclusion Considerations: Difference between revisions
Jump to navigation
Jump to search
CA/Root Inclusion Considerations (view source)
Revision as of 22:48, 30 January 2023
, 30 January 2023drafting
(drafting) |
(drafting) |
||
| Line 8: | Line 8: | ||
* “We reserve the right to not include certificates from a particular CA operator in our root store. This includes (but is not limited to) cases where we believe that a CA operator has caused undue risks to users’ security, e.g. by knowingly issuing certificates without the knowledge of the entities whose information is referenced in those certificates ('MITM certificates'). | * “We reserve the right to not include certificates from a particular CA operator in our root store. This includes (but is not limited to) cases where we believe that a CA operator has caused undue risks to users’ security, e.g. by knowingly issuing certificates without the knowledge of the entities whose information is referenced in those certificates ('MITM certificates'). | ||
* “Mozilla is under no obligation to explain the reasoning behind any inclusion decision.” | * “Mozilla is under no obligation to explain the reasoning behind any inclusion decision.” | ||
When concerns are raised about a CA operator that currently has root certificates included in Mozilla's root store, Mozilla will take the steps described here: https://wiki.mozilla.org/CA/Maintenance_and_Enforcement#Potential_Problems.2C_Prevention.2C_Response | |||
==Unacceptable Behavior== | ==Unacceptable Behavior== | ||
| Line 20: | Line 22: | ||
** Deliberately violated Mozilla's Root Store Policy or other applicable policy | ** Deliberately violated Mozilla's Root Store Policy or other applicable policy | ||
** Lied, concealed, or failed to disclose the full extent of a problem | ** Lied, concealed, or failed to disclose the full extent of a problem | ||
== Concerning Behavior == | == Concerning Behavior == | ||