Confirmed users, Administrators
5,526
edits
CA/CertificatePolicyV2.1: Difference between revisions
m
→Baseline Requirements
| Line 50: | Line 50: | ||
Item #12 of the [http://www.mozilla.org/projects/security/certs/policy/InclusionPolicy.html Inclusion Policy] adds the requirement for CA operations and issuance of certificates to be used for SSL-enabled servers to also conform to version 1.1 of the [http://www.cabforum.org/documents.html CA/Browser Forum Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates.] | Item #12 of the [http://www.mozilla.org/projects/security/certs/policy/InclusionPolicy.html Inclusion Policy] adds the requirement for CA operations and issuance of certificates to be used for SSL-enabled servers to also conform to version 1.1 of the [http://www.cabforum.org/documents.html CA/Browser Forum Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates.] | ||
* As of February 2013, SSL certificate issuance must also be audited according to the Baseline Requirements (BRs), as described above. The first BR audit for each CA and subCA may include a reasonable list of BRs that the CA (or subCA) is not yet in compliance with. The second BR audit (the following year) is expected to confirm that the issues that were listed in the previous BR audit have been resolved. | * As of February 2013, SSL certificate issuance must also be audited according to the Baseline Requirements (BRs), [[CA:CertificatePolicyV2.1#Audit_Criteria | as described above.]] The first BR audit for each CA and subCA may include a reasonable list of BRs that the CA (or subCA) is not yet in compliance with. The second BR audit (the following year) is expected to confirm that the issues that were listed in the previous BR audit have been resolved. | ||
* All other dates are as specified by the CA/Browser Forum. | * All other dates are as specified by the CA/Browser Forum. | ||