Confirmed users, Administrators
5,526
edits
CA:FAQ: Difference between revisions
m
→What is the Mozilla CA Certificates Module?
| Line 69: | Line 69: | ||
Mozilla operates under a [http://www.mozilla.org/hacking/module-ownership.html module ownership governance system]. A '''module''' is a discrete unit of code or activity. An '''owner''' is the person in charge of a module or sub-module. A '''peer''' is a person whom the owner has appointed to help them. | Mozilla operates under a [http://www.mozilla.org/hacking/module-ownership.html module ownership governance system]. A '''module''' is a discrete unit of code or activity. An '''owner''' is the person in charge of a module or sub-module. A '''peer''' is a person whom the owner has appointed to help them. | ||
Mozilla's [[Module_Owners_Activities_Modules#CA_Certificates_Module| CA Certificates Module]] is used by all Mozilla software that includes root certificates. | Mozilla's [[Module_Owners_Activities_Modules#CA_Certificates_Module| CA Certificates Module]] is used by all Mozilla software that includes root certificates. It includes evaluation of new root inclusion requests, including and modifying trust bits of root certificates, maintaining links to current [https://spreadsheets.google.com/pub?key=ttwCVzDVuWzZYaDosdU6e3w&single=true&gid=0&output=html documentation and audit statements] for included root certificates, and removal of root certificates as needed. | ||
For a CA's root certificate to be considered for inclusion in Mozilla products, the CA makes a formal request by filing a bug in [[CA:How_to_apply | Mozilla's Bugzilla system]]. Then the owners or peers of Mozilla's [[Module_Owners_Activities_Modules#CA_Certificates_Module| CA Certificates Module]] evaluate the information provided by the CA and conduct a public discussion in the mozilla.dev.security.policy forum regarding the request. After considering the information that the CA has presented and the recommendations of the Mozilla community, the module owners or peers determine if the root certificate should be included in Mozilla software products and which trust bits should be set on them. | For a CA's root certificate to be considered for inclusion in Mozilla products, the CA makes a formal request by filing a bug in [[CA:How_to_apply | Mozilla's Bugzilla system]]. Then the owners or peers of Mozilla's [[Module_Owners_Activities_Modules#CA_Certificates_Module| CA Certificates Module]] evaluate the information provided by the CA and conduct a public discussion in the mozilla.dev.security.policy forum regarding the request. After considering the information that the CA has presented and the recommendations of the Mozilla community, the module owners or peers determine if the root certificate should be included in Mozilla software products and which trust bits should be set on them. | ||