Today I sent out the following April 2021 CA Communication and Survey to all CAs in Mozilla's root program. If you are listed in the CCADB as a CA Point-of-Contact and believe you did not receive this email, please check your Spam folder. Contact me if you did not receive it.
Dear Certification Authority,
Mozilla’s Root Store Policy was recently updated to version 2.7.1
with an effective date of 1 May 2021. This version contains several
changes that may affect your organization and the auditors who
evaluate your PKI. These changes require you to take action to ensure
your continued compliance.
Please review version 2.7.1 of Mozilla’s Root Store Policy
internally, and with your auditors as well. After you and your auditors
have reviewed these new requirements, complete the April 2021 survey via
the Common CA Database (CCADB). This survey also contains information
regarding other recent and upcoming changes that may affect your
practices. Read all survey questions first before beginning to respond.
To respond to this survey, log in to the CCADB, click on the 'CA
Communications' under the 'More' tab, and select the 'April 2021 CA
Communication' survey. All CAs with root certificates included in
Mozilla’s root store must submit their responses by 30-April-2021.
A compiled list of CA responses to the survey will be automatically and immediately published by the CCADB system.
Participation in Mozilla's CA Certificate Program is at our sole
discretion, and we will take whatever steps are necessary to keep our
users safe. Nevertheless, we believe that the best approach to safeguard
that security is to work with CAs as partners, to foster open and frank
communication, and to be diligent in looking for ways to improve. Thank
you for your cooperation in this pursuit.
Mozilla CA Program Manager