The CCADB is being updated to introduce a new Case type called “Add/Update Root Request”, which will replace the existing “CA Audit Update Request” and “CA Information Update Request (Non-Audit)” Case types.
Please do not modify data in the CCADB during this update.
There will be an "Under Construction" message on the CCADB home page, and I will post another update here when the changes have been completed and verified.
In the "Add/Update Root Request" case we are also:
1. Adding a way for CAs to use this new case type to have new root certificate records created in the CCADB
2. Adding a tab called "ROOT INFORMATION", where CAs can provide key generation reports and information about the intended CA hierarchy.
Our next project will be to revamp the workflow and UI for Root Inclusion Cases. The idea being that a CA will use the "Add/Update Root Request" case type to add records for their new root certificates, and maintain the corresponding policy documents and audit statements there. Separately, the CA can then create the requests for root stores to include those root certificates. This new workflow should:
+ Be much easier for CAs to use
+ Enable CAs to request inclusion in multiple root stores without having to provide the data multiple times
+ Reduce duplication of data in the CCADB, which currently results in outdated information in Cases – the root inclusion case (which can be open for multiple years) will refer to (not copy) the data in the CA Owner and relevant Root Certificate records.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/MW4PR17MB4729CC3122B90478B1C8F13AAA499%40MW4PR17MB4729.namprd17.prod.outlook.com.