Closed
Bug 528303
Opened 13 years ago
Closed 11 years ago
Update Mozilla CA certificate policy to require annual audit
Categories
(NSS :: CA Certificate Root Program, task)
NSS
CA Certificate Root Program
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hecker, Assigned: hecker)
Details
Attachments
(1 file)
We propose to update the Mozilla CA certificate policy to require that CAs provide annual audit statements. This would make our policy consistent with that of other browser vendors. We also propose to require that CAs notify us when they make changes in their verification procedures. This would alert us to cases where CAs get added under the assumption that they'll be issuing one class of certificate and then later the CA decides to offer a different class. For the exact proposed changes see the attached patch. The current policy (version 1.2) is at http://www.mozilla.org/projects/security/certs/policy/ The proposed revised policy (which would be version 1.3) is at http://hecker.org/mozilla/ca-certificate-policy-1-3-draft I'm now opening a public discussion period for this policy change. Please post your comments in the mozilla.dev.security.policy forum or the associated mailing list. Also note that I'm willing to consider other suggested policy changes, however those will be considered in separate bugs. Please confine your comments in the relevant forum thread and in this bug to this particular change.
|
Assignee | |
Updated•13 years ago
|
Status: NEW → ASSIGNED
|
||
Comment 1•11 years ago
|
||
Add to the Mozilla CA Cert Policy. See sections 4, 5, and 6 of the Maintenance section. http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html Also see the Enforcement section. http://www.mozilla.org/projects/security/certs/policy/EnforcementPolicy.html
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
||
Updated•5 years ago
|
Product: mozilla.org → NSS
You need to log in
before you can comment on or make changes to this bug.
Description
•