CA:Schedule: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Turn into a redirect)
 
Line 1: Line 1:
== Schedule for CA evaluations ==
#REDIRECT [[CA/Dashboard]]
 
''Note that this schedule is tentative and may change without warning based on unforeseen circumstances. Nothing in this schedule shall be construed as a commitment by the Mozilla Foundation or the Mozilla project in general.''
 
=== General timeline ===
 
Our process for evaluating CA requests is as follows:
# We assign CAs into different groups according to the general priority of processing their requests, and then assign each CA a specific target date for beginning public discussion of their request(s).
# Prior to the target date for a CA we gather any needed information from the CA; if for some reason we cannot obtain the needed information then we will postpone consideration of the CA and schedule some other CA for that target date.
# Once a CA enters the public discussion period we allow one week for public comment on the CA's request, after which we will make a preliminary determination as to whether the request should be approved or not.
# If a request receives preliminary approval then we have a second one-week comment period prior to final approval.
# If a request receives final approval then we will file bugs against the appropriate developer(s) to have the necessary changes made to NSS (for CA root inclusion) or PSM (for EV-enabling a CA) or both.
# If a request does not receive preliminary or final approval then it will be put back in the queue and reassigned a new target date.
 
Once bugs are filed against NSS and/or PSM the schedule is set first by the NSS/PSM developer(s) (for making the technical changes) and then by the product teams for Firefox and other products (to include the new changes in a release of Firefox, etc.)
 
=== Priority groups ===
 
CAs are assigned priorities based on the following factors, among others:
* length of time the CA has been in the queue
* whether information gathering for the CA has been completed
* whether the request is for EV status or not
* market share of the CA
* size and importance of the CA's geographic market
* for government CAs, whether the government is national or regional
 
The following CAs will likely have higher priority in the schedule; note that the CAs are listed in alphabetical order:
* Chunghwa Telecom eCA (much older request than bug number indicates)
* DCSSI (national CA)
* FNMT (national CA)
* ICP-Brasil (national CA)
* KISA (national CA)
* SECOM Trust (important commercial CA in its region)
* T-Systems (already in process, need to re-start public discussion)
* WISeKey (already in process, need to re-start public discussion)
 
The following CA requests will likely have lower priority in the schedule; again these are listed in alphabetical order:
* ACCV (regional government CA)
* CATCert (regional government CA)
* Comodo (401587) (EV request for legacy roots, not clear if this is actually needed)
* Izenpe (regional government CA)
* Trustis (waiting on ETSI audit)
* VeriSign/GeoTrust/thawte (420760) (EV request for legacy roots, not clear if this is actually needed)
 
=== Target schedule ===
 
The current tentative schedule is predicated on our starting public discussion for one new CA each week; this may be modified as we gain more experience with the schedule.
 
The following CAs are tentatively scheduled:
 
{|
|-
! Start public comment || CA || Bug(s) || Geographic focus || Notes
|-
| 2008/10/17 || [http://www.mozilla.org/projects/security/certs/pending/#WISeKey WISeKey] || [http://bugzilla.mozilla.org/show_bug.cgi?id=371362 371362] || global ||
|-
| 2008/10/23 || [http://www.mozilla.org/projects/security/certs/pending/#SECOM%20Trust SECOM Trust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=394419 394419] || Japan || EV
|-
| 2008/10/30 || [http://www.mozilla.org/projects/security/certs/pending/#Microsec Microsec Ltd] || [http://bugzilla.mozilla.org/show_bug.cgi?id=370505 370505] || Hungary || re-start public comment period
|-
| 2008/11/06 || [http://www.mozilla.org/projects/security/certs/pending/#KISA KISA] || [http://bugzilla.mozilla.org/show_bug.cgi?id=335197 335197] || Korea || national government CA, need more info on subordinates
|-
| 2008/11/13 || [http://www.mozilla.org/projects/security/certs/pending/#S-TRUST S-TRUST] || [http://bugzilla.mozilla.org/show_bug.cgi?id=370627 370627] || Germany ||
|-
| 2008/11/20 || [http://www.mozilla.org/projects/security/certs/pending/#T-Systems T-Systems] || [http://bugzilla.mozilla.org/show_bug.cgi?id=378882 378882] || Germany || need CPSs for subordinate CAs
|}
 
The following CAs are not yet scheduled:
 
{|
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#ACCV ACCV] || [http://bugzilla.mozilla.org/show_bug.cgi?id=274100 274100] || Spain || regional government CA
|-
| || CATCert || [http://bugzilla.mozilla.org/show_bug.cgi?id=295474 295474] || Spain || regional government CA, add to pending list
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Trustis Trustis] || [http://bugzilla.mozilla.org/show_bug.cgi?id=324126 324126] || Europe || awaiting ETSI audit
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#ARGE%20DATEN ARGE DATEN] || [http://bugzilla.mozilla.org/show_bug.cgi?id=348987 348987] || Austria ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Izenpe Izenpe] || [http://bugzilla.mozilla.org/show_bug.cgi?id=361957 361957] || Spain || EV, regional government CA
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#DCSSI DCSSI] || [http://bugzilla.mozilla.org/show_bug.cgi?id=368970 368970] || France || national government CA
|-
| || DigiNotar || [http://bugzilla.mozilla.org/show_bug.cgi?id=369357 369357] || Netherlands || EV, add to pending list
|-
| || SSC, Lithuanian National Root || [http://bugzilla.mozilla.org/show_bug.cgi?id=379152 379152] || Lithuania || national government CA
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Kamu%20SM Kamu Sertifikasyon Merkezi] || [http://bugzilla.mozilla.org/show_bug.cgi?id=381974 381974] || Turkey || national government CA
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#TC%20TrustCenter TC TrustCenter] || [http://bugzilla.mozilla.org/show_bug.cgi?id=392024 392024] || Germany ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Certigna%20of%20Dhimyotis Certigna] || [http://bugzilla.mozilla.org/show_bug.cgi?id=393166 393166] || Europe ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Certicamara%20S.A. Certicámara SA] || [http://bugzilla.mozilla.org/show_bug.cgi?id=401262 401262] || Spain ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Comodo Comodo] || [http://bugzilla.mozilla.org/show_bug.cgi?id=401587 401587] || global || EV, not needed for legacy roots?
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#VeriSign VeriSign] || [http://bugzilla.mozilla.org/show_bug.cgi?id=402947 402947] || global || additional trust flags
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Camerfirma Camerifirma] || [http://bugzilla.mozilla.org/show_bug.cgi?id=406968 406968] || Spain ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#thawte thawte] || [http://bugzilla.mozilla.org/show_bug.cgi?id=407163 407163] || global || additional trust flags
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#GeoTrust GeoTrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=407168 407168] || global || additional trust flags
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Hongkong%20Post Hongkong Post] || [http://bugzilla.mozilla.org/show_bug.cgi?id=408949 408949] || China ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#VeriSign Verisign] || [http://bugzilla.mozilla.org/show_bug.cgi?id=409235 409235] || global || ECC
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#GeoTrust GeoTrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=409236 409236] || global || ECC
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#thawte thawte] || [http://bugzilla.mozilla.org/show_bug.cgi?id=409237 409237] || global || ECC
|-
||| [http://www.mozilla.org/projects/security/certs/pending/#VAS%20Latvijas%20Pasts VAS "Latvijas Pasts"] || [http://bugzilla.mozilla.org/show_bug.cgi?id=412747 412747] || Latvia ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Sertifitseerimiskeskus%20AS Sertifitseerimiskeskus AS] || [http://bugzilla.mozilla.org/show_bug.cgi?id=414520 414520] || Baltic region ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Entrust Entrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=416544 416544] || global || EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#ComSign Comsign] || [http://bugzilla.mozilla.org/show_bug.cgi?id=420705 420705] || Israel ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#VeriSign VeriSign], [http://www.mozilla.org/projects/security/certs/pending/#GeoTrust GeoTrust] and [http://www.mozilla.org/projects/security/certs/pending/#thawte thawte] || [http://bugzilla.mozilla.org/show_bug.cgi?id=420760 420760] || global || EV, no longer needed?
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Verizon%20/%20Cybertrust Verizon/CyberTrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=430694 430694] || global || EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Verizon%20/%20Cybertrust Verizon/CyberTrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=430698 430698] || global || EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Verizon%20/%20Cybertrust Verizon/Cybertrust] || [http://bugzilla.mozilla.org/show_bug.cgi?id=430700 430700] || global || EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#TURKTRUST TÜRKTRUST] || [http://bugzilla.mozilla.org/show_bug.cgi?id=433845 433845] || Turkey ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Swiss%20BIT Swiss BIT] || [http://bugzilla.mozilla.org/show_bug.cgi?id=435026 435026] || Switzerland || add to pending list
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#FNMT FNMT]|| [http://bugzilla.mozilla.org/show_bug.cgi?id=435736 435736] || Spain || national government CA
|-
| || Staat der Nederlanden || [http://bugzilla.mozilla.org/show_bug.cgi?id=436056 436056] || Netherlands || national government CA, add to pending list
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#TC%20TrustCenter TC TrustCenter] || [http://bugzilla.mozilla.org/show_bug.cgi?id=436467 436467] || Germany || EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#ICP-Brasil ICP-Brasil] || [http://bugzilla.mozilla.org/show_bug.cgi?id=438825 438825] || Brazil || national government CA
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#E-TUGRA E-Tugra] || [http://bugzilla.mozilla.org/show_bug.cgi?id=443653 443653] || Turkey ||
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#Chunghwa%20Telecom Chunghwa Telecom eCA] || [http://bugzilla.mozilla.org/show_bug.cgi?id=448794 448794] || Taiwan || add to pending list
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#StartCom StartCom] || [http://bugzilla.mozilla.org/show_bug.cgi?id=451298 451298] || Israel || add code signing and EV
|-
| || [http://www.mozilla.org/projects/security/certs/pending/#SwissSign SwissSign] || [http://bugzilla.mozilla.org/show_bug.cgi?id=453460 453460] || Switzerland || EV
|-
| || Disig || [http://bugzilla.mozilla.org/show_bug.cgi?id=455878 455878] || Slovakia || add to pending list
|-
| || Serasa S.A || [http://bugzilla.mozilla.org/show_bug.cgi?id=457921 457921] || Brazil|| add to pending list
|}

Latest revision as of 08:37, 5 May 2017

Redirect to:

Retrieved from "https://wiki.allizom.org/index.php?title=CA:Schedule&oldid=1170368"