Confirmed users
377
edits
CA/Prioritization: Difference between revisions
Added previously approved sub CA operator requesting direct inclusion and reordered 3,4, and 5 of factors
m (Added links to Compliance Self-Assessment) |
(Added previously approved sub CA operator requesting direct inclusion and reordered 3,4, and 5 of factors) |
||
| Line 2: | Line 2: | ||
Prioritization of '''[[CA/Dashboard|CA Root Inclusion Requests]]''' will be based on the factors described below and use the P1-P5 Priority categories available in the Bugzilla system with our own categorization for the CA certificate inclusion process. | Prioritization of '''[[CA/Dashboard|CA Root Inclusion Requests]]''' will be based on the factors described below and use the P1-P5 Priority categories available in the Bugzilla system with our own categorization for the CA certificate inclusion process. | ||
'''P1''' = High (Applicant has good compliance history and is replacing an already-included CA certificate) | '''P1''' = High (Applicant has good compliance history and is replacing an already-included CA certificate or is previously approved as a subordinate CA operator) | ||
'''P2''' = Medium High (Applicant is well-prepared and responsive, with a good history of policy compliance) | '''P2''' = Medium High (Applicant is well-prepared and responsive, with a good history of policy compliance) | ||
| Line 19: | Line 19: | ||
'''2 - Compliance''' (Based on the compliance history of existing CA operators, and their responsiveness to issues) https://wiki.mozilla.org/CA/Incident_Dashboard | '''2 - Compliance''' (Based on the compliance history of existing CA operators, and their responsiveness to issues) https://wiki.mozilla.org/CA/Incident_Dashboard | ||
'''3 - | '''3 - Single-Purpose, Separate Roots''' (Hierarchies that are separated by root for a particular purpose, e.g. server certificates vs. S/MIME certificates) https://wiki.mozilla.org/CA/Required_or_Recommended_Practices#CA_Hierarchy | ||
'''4 - | '''4 - Replacing Existing''' (Existing CA operators that are replacing an already-included root certificate, https://wiki.mozilla.org/CA/Certificate_Change_Process, or is a previously approved subordinate CA operator who is requesting direct inclusion) | ||
'''5 - | '''5 - Responsiveness/Complete and Timely''' (Applicant provides clear, complete, concise and timely responses to questions, comments, or concerns about their root inclusion request) | ||
'''6 - CA Hierarchy Control''' (CA hierarchies comprised solely of CAs fully controlled by the applicant) https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#53-intermediate-certificates | '''6 - CA Hierarchy Control''' (CA hierarchies comprised solely of CAs fully controlled by the applicant) https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#53-intermediate-certificates | ||