Closed Bug 1761304 Opened 3 years ago Closed 2 years ago

Apple Root Program BIMI VMC Audit

Categories

(CA Program :: Common CA Database, task)

Product:
CA Program
Component:
Common CA Database
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rebecca_kelley, Assigned: poonam)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15

Expected results:

The Apple Root Program is requesting an Apple Specific enhancement to add an audit field for BIMI VMC issued certificates. The Apple Root Program will be tracking all BIMI VMC Certificates for each CA that utilizes them, and would like to have all audits complied in one location on CCADB.

Type: enhancement → task
Priority: -- → P2
Whiteboard: [ccadb-enhancement]

This enhancement can be placed in the Apple Field at this time.

We are looking for the following to be added to our field:

  • VMC Audit URL
  • VMC Audit Statement Date
  • VMC Period Start Date
  • VMC Period End Date
Assignee: nobody → poonam
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: P2 → P1

Hi Rebecca,

I have added the new VMC fields for Root & Intermediate certs in production. These fields are editable by Apple users only. Do you want these fields to be editable by CAs for Intermediate certificates? I can make the changes accordingly.

Please also check 'VMC Audits' report in 'Apple Reports' folder.

Pending Items:

  • Archiving of VMC Audits
  • Update AddUpdateIntermediateCertAPI to include VMC fields

Regards,
Poonam

Hi Rebecca,

The code changes for archiving the VMC fields from root/intermediate certificate is done in SBCxCCADB. The archiving logic is same as the other audits.

  • if an audit statement link does not exists in File Archive object, the audit statement is download from the provided (external) link and a new record is created in File Archive object. Additional information like audit type, statement date, period start and end dates are also copied to the File Archive record. A new (internal) link is made available for the archived audit file.
  • if an audit statement already exists in File Archive object, the latest information on audit type, statement date, period start and end dates is copied to the File Archive record.
  • archiving status and message is displayed on the root/intermediate record pages.
  • if 'Audit Same As Paren't' is checked on intermediate certificate and the VMC fields are populated, a message will appear on the screen to clear the VMC fields or uncheck the checkbox.

Please verify the changes in sandbox so that I can proceed to deploy in production.

Thank you.
Poonam

Assignee: nobody → poonam
Status: NEW → ASSIGNED
Flags: needinfo?(kwilson)

Sent a note to Rebecca to get her approval to deploy in production.

Hi Poonam,
Thank you for reviewing the VMC enhancements with me on CCADB. They looked and functioned great and are ready for production.

File Archiving for VMC Audits have been tested with Rebecca and deployed in production.

Rebecca will provide feedback after doing additional testing.

AddUpdateIntermediateCertAPI has been updated with VMC fields, tested and deployed in prod to include VMC fields.

I believe that this request has been completed.

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Product: NSS → CA Program
Priority: P1 → --
Whiteboard: [ccadb-enhancement]
You need to log in before you can comment on or make changes to this bug.