Confirmed users, Administrators
5,526
edits
CA:MaintenanceAndEnforcement: Difference between revisions
Jump to navigation
Jump to search
m
→Maintaining Confidence in Root Certificates
| Line 16: | Line 16: | ||
#* [https://wiki.mozilla.org/CA:Communications CA Communications] | #* [https://wiki.mozilla.org/CA:Communications CA Communications] | ||
#* https://wiki.mozilla.org/CA:Communications#Responses | #* https://wiki.mozilla.org/CA:Communications#Responses | ||
#* If a CA does not | #* If a CA does not respond to Mozilla's communications within the timeframe specified in the communication or does not provide a copy of its annual audit statement within 15 months of its previous annual audit, then Mozilla may take the actions described in [http://www.mozilla.org/projects/security/certs/policy/EnforcementPolicy.html Mozilla's CA Certificate Enforcement Policy.] | ||
# When a potential certificate mis-issuance is noticed by anyone, they should report it according to [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla's Security Policy,] and people from the [http://www.mozilla.org/projects/security/secgrouplist.html security group] work together to determine and take appropriate action, by considering the criteria listed below. | # When a potential certificate mis-issuance is noticed by anyone, they should report it according to [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla's Security Policy,] and people from the [http://www.mozilla.org/projects/security/secgrouplist.html security group] work together to determine and take appropriate action, by considering the criteria listed below. | ||