CA/Prioritization: Difference between revisions

← Older edit

CA/Prioritization (view source)

Revision as of 20:08, 28 April 2025

279 bytes removed , 28 April

Removed factors mentioning single-purpose roots because that is now a requirement per MRSP v.3.0

Bwilson

Confirmed users

569

edits

@@ Line 19: / Line 19: @@
 '''2 - Compliance''' (Based on the compliance history of existing CA operators, and their responsiveness to issues) https://wiki.mozilla.org/CA/Incident_Dashboard
-'''3 - Single-Purpose, Separate Roots''' (Hierarchies that are separated by root for a particular purpose, e.g. server certificates vs. S/MIME certificates) https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#CA_Hierarchy
+'''3 - Replacing Existing''' (Existing CA operators that are replacing an already-included root certificate, https://wiki.mozilla.org/CA/Certificate_Change_Process, or is a previously approved subordinate CA operator who is requesting direct inclusion)
-'''4 - Replacing Existing''' (Existing CA operators that are replacing an already-included root certificate, https://wiki.mozilla.org/CA/Certificate_Change_Process, or is a previously approved subordinate CA operator who is requesting direct inclusion)
+'''4 -  Responsiveness/Complete and Timely''' (Applicant provides clear, complete, concise and timely responses to questions, comments, or concerns about their root inclusion request)
-'''5 -  Responsiveness/Complete and Timely''' (Applicant provides clear, complete, concise and timely responses to questions, comments, or concerns about their root inclusion request)
+'''5 - CA Hierarchy Control''' (CA hierarchies comprised solely of CAs fully controlled by the applicant) https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#53-intermediate-certificates
-'''6 - CA Hierarchy Control''' (CA hierarchies comprised solely of CAs fully controlled by the applicant) https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#53-intermediate-certificates
+'''6 - Completeness''' (Applicant completes all information in CCADB) https://wiki.mozilla.org/CA/Information_Checklist#Create_a_Root_Inclusion_Case
-'''7 - Completeness''' (Applicant completes all information in CCADB) https://wiki.mozilla.org/CA/Information_Checklist#Create_a_Root_Inclusion_Case
+'''7 - CPS Quality''' (Initially provided CP/CPS documents and [[CA/Compliance Self-Assessment|Compliance Self-Assessment]] fully meet Mozilla’s Root Store Policy and the CAB Forum Baseline Requirements) https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Publicly_Available_CP_and_CPS
-'''8 - CPS Quality''' (Initially provided CP/CPS documents and [[CA/Compliance Self-Assessment|Compliance Self-Assessment]] fully meet Mozilla’s Root Store Policy and the CAB Forum Baseline Requirements) https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Publicly_Available_CP_and_CPS
+'''8 - EV-Enablement of Already-Included Root Certificate''' (Existing CAs that are only requesting EV enablement of an already-included root certificate) https://wiki.mozilla.org/CA/Certificate_Change_Process#Enable_EV
-'''9 - Updating Trust Bits or EV-Enablement of Already-Included Root Certificate''' (Existing CAs that are only requesting EV enablement or adding a trust bit to an already-included root certificate) https://wiki.mozilla.org/CA/Certificate_Change_Process#Enable_EV
+'''9 - Ready''' (Detailed CP/CPS Review and [[CA/Compliance_Self-Assessment|Compliance Self-Assessment]] are complete and CA is “Ready for Discussion”) https://wiki.mozilla.org/CA/Application_Verification
-'''10 - Ready''' (Detailed CP/CPS Review and [[CA/Compliance_Self-Assessment|Compliance Self-Assessment]] are complete and CA is “Ready for Discussion”) https://wiki.mozilla.org/CA/Application_Verification