Confirmed users, Administrators
5,526
edits
CA/Root Inclusion Considerations: Difference between revisions
Jump to navigation
Jump to search
CA/Root Inclusion Considerations (view source)
Revision as of 01:02, 8 February 2023
, 8 February 2023incorporating feedback
m (incorporating feedback) |
(incorporating feedback) |
||
| Line 46: | Line 46: | ||
The CA: | The CA: | ||
* Has [[CA/Prioritization|Certificate Change Prioritization]] score of P4 or P5. | * Has [[CA/Prioritization|Certificate Change Prioritization]] score of P4 or P5. | ||
* Fails to provide prompt and detailed responses to Mozilla inquiries about their CA operations, root inclusion requests, policy documents, audit statements, and incidents. | |||
* Is not a [https://cabforum.org/information-for-potential-members/ voting member], [https://github.com/cabforum/forum/blob/main/Bylaws.md#31-associate-members associate member], or [https://github.com/cabforum/forum/blob/main/Bylaws.md#32-interested-parties interested party] participating in the CA/Browser Forum (CABF) Server Certificate Working Group (when applying for the Websites trust bit) or the CABF S/MIME Certificate Working Group (when applying for the Email trust bit). | * Is not a [https://cabforum.org/information-for-potential-members/ voting member], [https://github.com/cabforum/forum/blob/main/Bylaws.md#31-associate-members associate member], or [https://github.com/cabforum/forum/blob/main/Bylaws.md#32-interested-parties interested party] participating in the CA/Browser Forum (CABF) Server Certificate Working Group (when applying for the Websites trust bit) or the CABF S/MIME Certificate Working Group (when applying for the Email trust bit). | ||
* Is a [[CA/Subordinate_CA_Checklist#Super-CAs|Super-CA]] that signs the certificates of subordinate CAs to only show that they have been accredited or licensed by the signing CA (i.e. the super-CA does not guarantee that their subCAs comply with the BRs and Mozilla’s root store policy. | * Is a [[CA/Subordinate_CA_Checklist#Super-CAs|Super-CA]] that signs the certificates of subordinate CAs to only show that they have been accredited or licensed by the signing CA (i.e. the super-CA does not guarantee that their subCAs comply with the BRs and Mozilla’s root store policy. | ||
| Line 54: | Line 55: | ||
** https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Required_Practices. | ** https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Required_Practices. | ||
* Does any of the activities listed in https://wiki.mozilla.org/CA/Forbidden_or_Problematic_Practices#Forbidden_Practices | * Does any of the activities listed in https://wiki.mozilla.org/CA/Forbidden_or_Problematic_Practices#Forbidden_Practices | ||
* Demonstrates unacceptable behavior in [https://groups.google.com/a/mozilla.org/g/dev-security-policy Mozilla's dev-security-policy] discussion forum, as per [https://www.mozilla.org/about/governance/policies/participation/ Mozilla’s Community Participation Guidelines]. | |||
* Fails to follow the [https://docs.google.com/document/d/19ALqEvHtTE6OUTz2FaOXrU9gruIdvia5EDh3hXeGpZA/ CCADB Public Code of Conduct] when posting in the [https://groups.google.com/a/ccadb.org/g/public CCADB Public] discussion forum. | |||