Creating 'CA Program' Bugzilla Product

301 views
Skip to first unread message

Kathleen Wilson

unread,
Nov 3, 2022, 5:54:34 PM11/3/22
to dev-secur...@mozilla.org
All,

I have requested the following changes in Bugzilla Bug #1799010.

* Create a new Bugzilla Product called “CA Program”.
* Move component “NSS :: Common CA Database” to “CA Program :: Common CA Database”
* Move component “NSS :: CA Certificate Compliance” to “CA Program :: CA Certificate Compliance”
* Create component “CA Program :: CA Documents”

After the changes happen, I will need to update the wiki pages:

And instructions on the ccadb site, such as:

I appreciate your understanding while these changes are happening.

Thanks,
Kathleen



Aaron Gable

unread,
Nov 7, 2022, 4:13:54 PM11/7/22
to Kathleen Wilson, dev-secur...@mozilla.org
Sounds like a great change! One question: I'm "subscribed" to the "NSS :: CA Certificate Compliance" component, and get emails for all new issues and updates in that component. Will that subscription automatically get moved over, or will I want to recreate it after the move?

Thanks!
Aaron

--
You received this message because you are subscribed to the Google Groups "dev-secur...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-po...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/dc068e86-fcf1-4155-b8d2-30f64a15dfe6n%40mozilla.org.

Kathleen Wilson

unread,
Nov 7, 2022, 6:20:54 PM11/7/22
to dev-secur...@mozilla.org, aa...@letsencrypt.org, dev-secur...@mozilla.org
On Monday, November 7, 2022 at 1:13:54 PM UTC-8 aa...@letsencrypt.org wrote:
One question: I'm "subscribed" to the "NSS :: CA Certificate Compliance" component, and get emails for all new issues and updates in that component. Will that subscription automatically get moved over, or will I want to recreate it after the move?


The new CA Program components will have different IDs internally, so you will need to subscribe to the new components in CA Program.

Cheers,
Kathleen


Rob Stradling

unread,
Nov 8, 2022, 7:08:32 AM11/8/22
to Kathleen Wilson, dev-secur...@mozilla.org, aa...@letsencrypt.org
Hi Kathleen.  Are you planning to move all of the existing bugs relating to the Mozilla CA program from the "NSS" product to the identically named components in the "CA Program" product?

If not, then I think (for example) https://wiki.mozilla.org/CA/Closed_Incidents will still work as expected due to the behaviour described by [1].  i.e., the query doesn't specify a "product", and the "component" names are identical.

We have some internal dashboards at Sectigo that track active compliance bugs via the Bugzilla search API.  Currently the URLs include "&product=NSS", which I'm just about to remove.


From: dev-secur...@mozilla.org <dev-secur...@mozilla.org> on behalf of Kathleen Wilson <kwi...@mozilla.com>
Sent: 07 November 2022 23:20
To: dev-secur...@mozilla.org <dev-secur...@mozilla.org>
Cc: aa...@letsencrypt.org <aa...@letsencrypt.org>; dev-secur...@mozilla.org <dev-secur...@mozilla.org>
Subject: Re: Creating 'CA Program' Bugzilla Product
 

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

--
You received this message because you are subscribed to the Google Groups "dev-secur...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-po...@mozilla.org.

Kathleen Wilson

unread,
Nov 8, 2022, 2:28:18 PM11/8/22
to dev-secur...@mozilla.org, r...@sectigo.com, aa...@letsencrypt.org
On Tuesday, November 8, 2022 at 4:08:32 AM UTC-8 r...@sectigo.com wrote:
Hi Kathleen.  Are you planning to move all of the existing bugs relating to the Mozilla CA program from the "NSS" product to the identically named components in the "CA Program" product?

Yes.

 

If not, then I think (for example) https://wiki.mozilla.org/CA/Closed_Incidents will still work as expected due to the behaviour described by [1].  i.e., the query doesn't specify a "product", and the "component" names are identical.

Yay!
 

We have some internal dashboards at Sectigo that track active compliance bugs via the Bugzilla search API.  Currently the URLs include "&product=NSS", which I'm just about to remove.

Thanks!
 

Kathleen Wilson

unread,
Nov 14, 2022, 7:00:38 PM11/14/22
to dev-secur...@mozilla.org
These changes have been completed, and the existing bugs for the following components have been migrated from the NSS product to the corresponding components in the CA Program product.

From: NSS :: Common CA Database
To: CA Program :: Common CA Database

From: NSS :: CA Certificate Compliance
To: CA Program :: CA Certificate Compliance

From: NSS :: CA Certificate Root Program
To: CA Program :: CA Certificate Root Program

Also, the NSS :: Common CA Database, NSS :: CA Certificate Compliance, and NSS :: CA Certificate Root Program components have been deleted.

As previously noted, the dashboard wiki pages did not need to be updated.
https://wiki.mozilla.org/CA/Dashboard  -- root inclusion requests

I have updated instructions in various wiki pages to refer to the new CA Program Bugzilla product. Please let Ben or I know if you run into any other places that we need to update from the NSS to the CA Program Bugzilla product.

There is also a new Bugzilla component: “CA Program :: CA Documents”, so I will also update the following instructions to use this new component when using Bugzilla to provide CA documents such as qualified audit statements, self-assessments, etc.

Thanks,
Kathleen
Reply all
Reply to author
Forward
0 new messages