Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Timeframe for complying with version 2.2 of policy
21 views
Skip to first unread message
Kathleen Wilson
May 16, 2013, 1:40:04 PM5/16/13
to mozilla-dev-s...@lists.mozilla.org
All,
I propose the following timeframes for complying with version 2.2 of
Mozilla's CA Certificate Policy once it is officially published.
Please reply in this discussion if you have concerns about this, or
recommendations on how to improve it.
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Version_1.1.3_of_the_Baseline_Requirements
Time Frame
Immediate compliance with BR #11.1.4, regarding new gTLD Domains, is of
utmost importance.
Compliance with the other new BRs and changes in version 1.1.3 of the
Baseline Requirements should be achieved as soon as possible, and before
the beginning of the 2014 annual audit.
Audits
Version 2.1 of Mozilla's CA Certificate Policy included updates to Audit
Criteria and stated that issuance of certificates to be used for
SSL-enabled servers must also conform to version 1.1 of the CA/Browser
Forum Baseline Requirements for the Issuance and Management of
Publicly-Trusted Certificates. The dates that were provided for audits
to include the BRs remain as stated, and it is understood that the audit
criteria may not have been updated yet to include the changes in version
1.1.3 of the BRs.
--
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Knowing_or_Intentional_Mis-issuance_of_Certificates
Time Frame
This policy clarification is immediately applicable to all currently
valid certificates and all new certificates.
--
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Clarification_about_policy_and_audit_documentation
Time Frame
This policy clarification is immediately applicable to all currently
valid certificates and all new certificates. Additionally Mozilla will
be updating the publicly viewable spreadsheet of included root
certificates to have a column to indicate when the recent audit was
completed for each root certificate.
--
Thanks,
Kathleen
I propose the following timeframes for complying with version 2.2 of
Mozilla's CA Certificate Policy once it is officially published.
Please reply in this discussion if you have concerns about this, or
recommendations on how to improve it.
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Version_1.1.3_of_the_Baseline_Requirements
Time Frame
Immediate compliance with BR #11.1.4, regarding new gTLD Domains, is of
utmost importance.
Compliance with the other new BRs and changes in version 1.1.3 of the
Baseline Requirements should be achieved as soon as possible, and before
the beginning of the 2014 annual audit.
Audits
Version 2.1 of Mozilla's CA Certificate Policy included updates to Audit
Criteria and stated that issuance of certificates to be used for
SSL-enabled servers must also conform to version 1.1 of the CA/Browser
Forum Baseline Requirements for the Issuance and Management of
Publicly-Trusted Certificates. The dates that were provided for audits
to include the BRs remain as stated, and it is understood that the audit
criteria may not have been updated yet to include the changes in version
1.1.3 of the BRs.
--
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Knowing_or_Intentional_Mis-issuance_of_Certificates
Time Frame
This policy clarification is immediately applicable to all currently
valid certificates and all new certificates.
--
--
https://wiki.mozilla.org/CA:CertificatePolicyV2.2#Clarification_about_policy_and_audit_documentation
Time Frame
This policy clarification is immediately applicable to all currently
valid certificates and all new certificates. Additionally Mozilla will
be updating the publicly viewable spreadsheet of included root
certificates to have a column to indicate when the recent audit was
completed for each root certificate.
--
Thanks,
Kathleen
0 new messages