Confirmed users, Administrators
5,526
edits
CA/Certificate Change Process: Difference between revisions
m
→Remove a Root
m (→Disable a Root) |
m (→Remove a Root) |
||
| Line 121: | Line 121: | ||
The process for removing a root from NSS is as follows: | The process for removing a root from NSS is as follows: | ||
# | # Any individual may initiate the request using the Mozilla project's [http://bugzilla.mozilla.org/ Bugzilla issue tracking system:] | ||
#* File a bug in Bugzilla with the following information: | #* File a bug in Bugzilla with the following information: | ||
#** Product: mozilla.org | #** Product: mozilla.org | ||
| Line 138: | Line 138: | ||
# The Mozilla representative will ensure the necessary information has been provided. | # The Mozilla representative will ensure the necessary information has been provided. | ||
#* Options should be identified | #* Options should be identified | ||
#** | #** Whether the root certificate should be removed from NSS instead of unsetting trust bits | ||
#* Technical assistance may be requested | #* Technical assistance may be requested | ||
#* Additional information may be requested of CA and other parties | #* Additional information may be requested of CA and other parties | ||
#* The Mozilla representative must confirm that a qualified representative of | #* The Mozilla representative must confirm that a qualified representative has approved the change. A qualified representative is either | ||
# The Mozilla representative will deliver any preliminary decisions | #** The known representative of the CA, or | ||
#** Two Mozilla staff members, if the CA is not in agreement. | |||
# The Mozilla representative whom the bug is assigned to will deliver any preliminary decisions | |||
#* It may be necessary to treat the bug as a sensitive security issue and follow the [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla Policy for Handling Security Bugs] | #* It may be necessary to treat the bug as a sensitive security issue and follow the [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla Policy for Handling Security Bugs] | ||
# The Mozilla representative will start a public discussion in the mozilla.dev.security.policy newsgroup. | # The Mozilla representative whom the bug is assigned to will start a public discussion in the mozilla.dev.security.policy newsgroup. | ||
#* Outline is presented, references to full bug provided | #* Outline is presented, references to full bug provided | ||
#* Deadline for discussion is set | #* Deadline for discussion is set | ||