Closed Bug 1816717 Opened 1 year ago Closed 10 months ago

New CA Owner Custom Report - Audit/Self Assessment "Addendum"

Categories

(CA Program :: Common CA Database, enhancement, P1)

Product:
CA Program
Component:
Common CA Database
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cclements, Unassigned)

Details

We should create a custom report that can be exported by a CA Owner as a .csv that can be filtered and includes data relevant to Audit Reports and Self Assessments. The report would include Audit Statement Content required by the CCADB Policy and Baseline Requirements (i.e., Communication of Results). The report would include values expected by ALV.

Sections of the report might include:

  • CA Owner Information (name, address, email alias, website, POC names)
    • Primary and non-primary POCs included as [firstname] [lastname] separate by comma, regardless of community user license status.
  • Audit Information (type, start date, end date, report date) for the five types of audits
    • These values exported from CCADB could be provided based upon the most recent Audit Report Date for each type of audit included in the CA Hierarchy. It would be expected that these values would be updated if this export is being used for a current audit.
  • Auditor Information (name, website)
    • List the values based on the most recent audit report date for the Standard Audit Type identified in the Audit Information section above.
  • CA Hierarchy
    • List all CAs from CCADB for this CA Owner as each root followed by all child Intermediates.
      • Subject [Subject]
      • Issuer [Issuer]
      • SHA-256 Hash (Certificate) [SHA256 Fingerprint]
      • SHA-256 Hash (SPKI) [SPKI SHA256]
      • CA Type (root or subordinate)
      • EKU (i.e., "Trust Bits") (combination of all trust bits regardless of status)
      • Is EV? (Y/N)
      • Is Revoked? (Y/N)
      • Is Expired? (Y/N)
Priority: -- → P1

Audit/Self Assessment reports are live in CCADB production org. Following reports were created to meet the requirements:

  • CA Hierarchy
  • Policy Documents (Root Certificates)
  • Policy Documents (Intermediate Certificates)

CAs can access these reports from 'My CA' tab > 'CA Reports'.

Root Stores can view the same reports by going to the CA Owner page > 'CA Reports'.

Status: NEW → RESOLVED
Closed: 10 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.