Closed Bug 1507862 Opened 6 years ago Closed 6 years ago

ACCV: Late Audit Statement

Categories

(CA Program :: CA Certificate Compliance, task)

Product:
CA Program
Component:
CA Certificate Compliance
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: wthayer, Assigned: jamador)

Details

(Whiteboard: [ca-compliance] [audit-delay])

The following audit statements for ACCV were received 6 months after the end of the audit period, in violation of Mozilla Root Store Policy section 3.1.3: https://www.accv.es/fileadmin/Archivos/politicas_certificacion/10074.pdf https://www.accv.es/fileadmin/Archivos/politicas_certificacion/10075.pdf Please explain why this happened, and what steps are being taken to prevent it from happening again.
With their permission, I am adding the CCADB case comments from ACCV: Created By: José Amador García (11/8/2018 4:03 AM) Due to a change in the Public Sector Contracts Act (enter into force march 2018) that has modified several regulatory aspects in selection and tender procedures, ACCV has not been able to carry out the contracting of the Audits in the same way as in previous years. Once we check the impossibility of making the contract in the same way, we had to go to a modality that required much more time and additional administrative procedures. As a result, ACCV finally was able to hire WT and BR / WT audits, but with a delay longer than expected. To avoid this situation ACCV has prepared a public tendering process for the next three years, thus preventing the problem in the near future. ACCV has foreseen that the contracting process can start again in a simple way after the initial three years. We greatly regret the breach, being the first problem of times that we have since our first report in 2006. If you need some additional information, please let us know. Thank you very much.
Wayne: Could you clarify how Mozilla is handling this? Is Mozilla satisfied by the root cause analysis and the steps to mitigate, or is there other information to share?
Flags: needinfo?(wthayer)
Mozilla is satisfied with the response and I created this bug for tracking. Resolving.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(wthayer)
Resolution: --- → FIXED
Product: NSS → CA Program
Summary: Government of Spain (ACCV): Late Audit Statement → ACCV: Late Audit Statement
Whiteboard: [ca-compliance] → [ca-compliance] [audit-delay]
You need to log in before you can comment on or make changes to this bug.