MRSP 3.1: Candidate Issues

78 views
Skip to first unread message

Ben Wilson

unread,
Apr 21, 2026, 5:18:02 PM (4 days ago) Apr 21
to dev-secur...@mozilla.org

All,

I have reviewed the open issues in the mozilla/pkipolicy repository and identified a set of items to address in the next version (v. 3.1) of the Mozilla Root Store Policy (MRSP). These are currently labeled for the upcoming update:

https://github.com/mozilla/pkipolicy/issues?q=is%3Aissue%20state%3Aopen%20label%3A3.1

The current set of issues proposed for inclusion in v.3.1 is:

Issue #Description
#298Clarify MRSP 7.1 audit requirements for inclusion requests
#297Update version number references for audit criteria
#296Add possibility of requesting a Detailed Controls Report as MRSP 3.1.5
#295Revise Item 1 in MRSP 3.3
#294Require Root CA Key Generation within Last 5 Years
#293Remove redundancy between MRSP and CCADB Policy and BRs
#292Refine what a "timely manner" means in MRSP 7.3
#291Clarify MRSP 8.1 re: CA Acquisitions
#282Consider requiring Markdown/AsciiDoc for CPs and CPSes

Rather than addressing each issue independently, I plan to organize discussion into four (4) themed threads by grouping related issues together, to keep conversations focused and productive, in the following order:

1. CP/CPS Documentation Requirements
(#295, #282)
Focus: sufficiency of disclosure, incorporation by reference, and documentation format.

2. Audits, Assurance, and Root Inclusion Requirements
(#296, #297, #298, #294)
Focus: audit expectations, Detailed Controls Reports (DCRs), and requirements tied to root inclusion (including root key age).

3. CA Operational Reporting and Policy Alignment
(#292, #293)
Focus: timeliness of updates, and alignment with CCADB Policy and CA/Browser Forum requirements.

4. Governance and CA Ownership Changes
(#291)
Focus: evaluation of CA acquisitions and changes in control.

If there are additional issues that should be included, or if any of the above should be re-scoped or reprioritized, please respond here.

Thanks,

Ben
Mozilla Root Program


Reply all
Reply to author
Forward
0 new messages