Confirmed users, Administrators
5,526
edits
CA/Communications: Difference between revisions
m
→May 12, 2014
m (→May 12, 2014) |
|||
| Line 1: | Line 1: | ||
The following are communications that have been sent to Certification Authorities participating in [[CA | Mozilla's root program.]] If you have questions regarding these communications, please first review related discussions in the mozilla.dev.security.policy forum. If your questions cannot be answered in that forum, then please send email to certificates@mozilla.org. | The following are communications that have been sent to Certification Authorities participating in [[CA | Mozilla's root program.]] If you have questions regarding these communications, please first review related discussions in the mozilla.dev.security.policy forum. If your questions cannot be answered in that forum, then please send email to certificates@mozilla.org. | ||
=== May | === May 13, 2014 === | ||
Subject: Mozilla Communication: Action requested by May 30, 2014 | Subject: Mozilla Communication: Action requested by May 30, 2014 | ||
| Line 9: | Line 9: | ||
This note requests a set of actions on your behalf, as a participant in Mozilla's CA Certificate Program. Please reply by May 30, 2014, with your response to these action items. A compiled list of CA responses to the following action items will be published. | This note requests a set of actions on your behalf, as a participant in Mozilla's CA Certificate Program. Please reply by May 30, 2014, with your response to these action items. A compiled list of CA responses to the following action items will be published. | ||
CA Certificate Inclusion Policy: http://www.mozilla.org/about/governance/policies/security-group/certs/policy/inclusion/ | |||
http://www.mozilla.org/about/governance/policies/security-group/certs/policy/ | |||
CA Certificate Maintenance Policy: http://www.mozilla.org/about/governance/policies/security-group/certs/policy/maintenance/ | |||
http://www.mozilla.org/about/governance/policies/security-group/certs/included/ | |||
Spreadsheet of included root certificates: http://www.mozilla.org/about/governance/policies/security-group/certs/included/ | |||
1) Ensure that Mozilla’s spreadsheet of included root certificates has the correct link to your most recent audit statement, and that the date of the audit statement is correct. As per Mozilla's CA Certificate Maintenance Policy, we require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties. To notify us of an updated statement of attestation, send email to certificates@mozilla.org or submit a bug report into the mozilla.org Bugzilla system, filed against the "CA Certificates" component of the "mozilla.org" product. | 1) Ensure that Mozilla’s spreadsheet of included root certificates has the correct link to your most recent audit statement, and that the date of the audit statement is correct. As per Mozilla's CA Certificate Maintenance Policy, we require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties. To notify us of an updated statement of attestation, send email to certificates@mozilla.org or submit a bug report into the mozilla.org Bugzilla system, filed against the "CA Certificates" component of the "mozilla.org" product. | ||