CA/Prioritization

From MozillaWiki
< CA
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Prioritization of CA Root Inclusion Requests will be based on the factors described below and use the P1-P5 Priority categories available in the Bugzilla system with our own categorization for the CA certificate inclusion process.

P1 = High (Applicant has good compliance history and is replacing an already-included CA certificate or is previously approved as a subordinate CA operator)

P2 = Medium High (Applicant is well-prepared and responsive, with a good history of policy compliance)

P3 = Medium (Applicant’s request and responsiveness are “average”, but demonstrates compliance with policies)

P4 = Medium Low (Applicant’s responsiveness and compliance history are “average”)

P5 = Low (Applicant has much work to do, is slow to respond to requests, or has not demonstrated full compliance with policies)


Factors assessed in setting the above-referenced priorities, in order of importance, are:

1 - Alignment with Mozilla Manifesto - https://www.mozilla.org/en-US/about/manifesto/

2 - Compliance (Based on the compliance history of existing CA operators, and their responsiveness to issues) https://wiki.mozilla.org/CA/Incident_Dashboard

3 - Replacing Existing (Existing CA operators that are replacing an already-included root certificate, https://wiki.mozilla.org/CA/Certificate_Change_Process, or is a previously approved subordinate CA operator who is requesting direct inclusion)

4 - Responsiveness/Complete and Timely (Applicant provides clear, complete, concise and timely responses to questions, comments, or concerns about their root inclusion request)

5 - CA Hierarchy Control (CA hierarchies comprised solely of CAs fully controlled by the applicant) https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#53-intermediate-certificates

6 - Completeness (Applicant completes all information in CCADB) https://wiki.mozilla.org/CA/Information_Checklist#Create_a_Root_Inclusion_Case

7 - CPS Quality (Initially provided CP/CPS documents and Compliance Self-Assessment fully meet Mozilla’s Root Store Policy and the CAB Forum Baseline Requirements) https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#Publicly_Available_CP_and_CPS

8 - EV-Enablement of Already-Included Root Certificate (Existing CAs that are only requesting EV enablement of an already-included root certificate) https://wiki.mozilla.org/CA/Certificate_Change_Process#Enable_EV

9 - Ready (Detailed CP/CPS Review and Compliance Self-Assessment are complete and CA is “Ready for Discussion”) https://wiki.mozilla.org/CA/Application_Verification

Retrieved from "https://wiki.mozilla.org/index.php?title=CA/Prioritization&oldid=1253935"