Confirmed users, Administrators
5,526
edits
CA/Responding To An Incident: Difference between revisions
Jump to navigation
Jump to search
m
CA/Responding To An Incident (view source)
Revision as of 23:36, 14 November 2022
, 14 November 2022Changed Bugzilla Product from NSS to CA Program per Bugzilla Bug #1799573
(→Incident Report: Edited section on multiple incident reports) |
m (Changed Bugzilla Product from NSS to CA Program per Bugzilla Bug #1799573) |
||
| Line 72: | Line 72: | ||
The incident report may well repeat things which have been said previously in discussions or bug comments. This is entirely expected. The report should be a summary of previous findings. The existence of data in discussions or bug comments does not excuse a CA from the task of compiling a proper incident report. | The incident report may well repeat things which have been said previously in discussions or bug comments. This is entirely expected. The report should be a summary of previous findings. The existence of data in discussions or bug comments does not excuse a CA from the task of compiling a proper incident report. | ||
Your CA may submit an incident report by [https://bugzilla.mozilla.org/enter_bug.cgi?product= | Your CA may submit an incident report by [https://bugzilla.mozilla.org/enter_bug.cgi?product=CA%20Program&component=CA%20Certificate%20Compliance&version=other creating a bug in Bugzilla under the CA Program :: CA Certificate Compliance component], or by posting the report to the [https://groups.google.com/a/mozilla.org/g/dev-security-policy MDSP mailing list]. If an incident report is sent to the list without a corresponding bug, a new one will be created to track the incident. | ||
The incident report should cover at least the following topics: | The incident report should cover at least the following topics: | ||