CA/Certificate Change Process: Difference between revisions

CA/Certificate Change Process (view source)

271 bytes added , 1 February 2010

m

Confirmed users, Administrators

5,526

edits

@@ Line 64: / Line 64: @@
 #*** Reason for requesting this change
 #*** Impact that the change may have on Mozilla users
-#** An authoritative representative of the CA must request or approve the change.
+#*  The bug may be marked as security-sensitive. Security-sensitive bugs can be viewed only by a select set of Bugzilla users, not by the general public.
+#* In most situations an authoritative representative of the CA must request or approve the change. Mozilla reserves the right to approve the change without the consent of the CA.
 # The bug will be assigned to the Mozilla representative who is appointed to evaluate the request. This will usually be the standing module owner.
 # The Mozilla representative will ensure the necessary information has been provided.
@@ Line 72: / Line 73: @@
 #* Technical assistance may be requested
 #* Additional information may be requested of CA and other parties
-#* The Mozilla representative must confirm that a qualified representative of the CA has either requested or approved the change.
+#* The Mozilla representative must confirm that a qualified representative of either the CA or Mozilla has either requested or approved the change.
 # The Mozilla representative will deliver any preliminary decisions
 #* It may be necessary to treat the bug as a sensitive security issue and follow the [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla Policy for Handling Security Bugs]