Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mozilla Policy Review: Version 2.6.1 and comments #577

Closed
22 of 24 tasks
lachellel opened this issue Mar 22, 2019 · 1 comment
Closed
22 of 24 tasks

Mozilla Policy Review: Version 2.6.1 and comments #577

lachellel opened this issue Mar 22, 2019 · 1 comment

Comments

@lachellel
Copy link
Contributor

lachellel commented Mar 22, 2019

Reviews against the trust store / root store program policies were completed during development. One additional review prior to final draft 1.0 to identify any changes for policy and practices.

Final draft 1.0 review against each section of the Mozilla Root Store Policy (v2.6.1 and draft 2.7).

  • https://github.com/mozilla/pkipolicy/blob/2.6/rootstore/policy.md

  • https://wiki.mozilla.org/CA/Root_Store_Policy_Archive

  • 2.1 CA Operations

  • 2.2 Validation Procedures

  • 2.3. Baseline Requirements

  • 3.1 Audits

  • 3.1.3 Audit Parameters

  • 3.1.4 Public Audit Information

  • 3.2 Auditors

  • 4.0 CCADB

  • 4.1 Additional Requirements

  • 4.2 Surveys

  • 5.1 Algorithms

  • 5.2 Forbidden and Required Practices

  • 5.3 Intermediate Certificates

  • 5.3.1 Technically Constrained

  • 5.3.2 Publicly Disclosed and Audited

  • 6 Revocation

  • 7 Root Store changes

  • 7.1 Inclusions

  • 7.2 Updates

  • 7.3 Removals

  • 8 CA Operational Changes

  • 8.1 Change in Legal Ownership CA Operational Changes

  • 8.2 Change in Operational Personnel

  • 8.3 Change in Secure Location

@lachellel
Copy link
Contributor Author

  • 3.3 CP and CPSes
    • for licenses: the CP asserts public domain dedication
    • verify (again) the CPS(s)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

1 participant