CA/Included Certificates: Difference between revisions

← Older edit

CA/Included Certificates (view source)

Revision as of 23:44, 22 May 2023

1,169 bytes added , 22 May 2023

Change ccadb-public.secure.force.com to ccadb.my.salesforce-sites.com

Kathleen Wilson

Confirmed users, Administrators

5,526

edits

@@ Line 1: / Line 1: @@
 = Mozilla Included CA Certificate List =
-Mozilla products ship with a '''[https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt default list of Certification Authority (CA) certificates]'''.
+The Mozilla CA Certificate Program's list of included root certificates is stored in a file called [https://hg.mozilla.org/releases/mozilla-beta/file/tip/security/nss/lib/ckfw/builtins/certdata.txt certdata.txt] in the Mozilla source code management system.
-* [https://mozillacaprogram.secure.force.com/CA/IncludedCACertificateReport Spreadsheet of Included CA Certificates]
+If you are '''choosing a CA to provide a certificate for your website''', we have a list of [https://ccadb.my.salesforce-sites.com/mozilla/CACertificatesInFirefoxReport all root certificates that Firefox trusts for SSL/TLS], together with contact information and geographical focus for the owning CA.
-** [https://mozillacaprogram.secure.force.com/CA/IncludedCACertificateReportCSVFormat CSV Format of Spreadsheet of Included CA Certificates]
-* [https://mozillacaprogram.secure.force.com/CA/UpcomingRootInclusionsReport Upcoming Root Inclusions]
+If you are '''embedding our root store''', you need to know that we have imposed some restrictions on certain CAs or certificates which are not encoded in certdata.txt. These are [[CA/Additional_Trust_Changes|documented]] on a best-efforts basis.
-** [https://mozillacaprogram.secure.force.com/CA/UpcomingRootInclusionsReportCSVFormat CSV Format of Report on Upcoming Root Inclusions]
+<br /><br />
+<big>[https://www.ccadb.org/rootstores/usage#ccadb-data-usage-terms CCADB Data Usage Terms]</big>
-CAs are parties who are trusted to attest to the identity of websites. Mozilla has a rigorous process for CAs to request inclusion of their certificates, the details of which are described in the following:
+* [[CA/FAQ#Can_I_use_Mozilla.27s_set_of_CA_certificates.3F|Can I use Mozilla's set of CA certificates?]]
-* [[CA|Process Overview]]
+** [https://ccadb.my.salesforce-sites.com/mozilla/IncludedRootsPEMTxt?TrustBitsInclude=Websites PEM of Root Certificates in Mozilla's Root Store with the Websites (TLS/SSL) Trust Bit Enabled] (TXT)
-* [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy]
+** [https://ccadb.my.salesforce-sites.com/mozilla/IncludedRootsPEMCSV?TrustBitsInclude=Websites PEM of Root Certificates in Mozilla's Root Store with the Websites (TLS/SSL) Trust Bit Enabled] (CSV)
-* [[CA:FAQ | General Background and FAQ on CAs and the Mozilla process]]
+** [https://ccadb.my.salesforce-sites.com/mozilla/IncludedRootsPEMTxt?TrustBitsInclude=Email PEM of Root Certificates in Mozilla's Root Store with the Email (S/MIME) Trust Bit Enabled] (TXT)
-* [[CA:How_to_apply | CA Inclusion Process in detail]]
+** [https://ccadb.my.salesforce-sites.com/mozilla/IncludedRootsPEMCSV?TrustBitsInclude=Email PEM of Root Certificates in Mozilla's Root Store with the Email (S/MIME) Trust Bit Enabled] (CSV)
-* [[CA:Schedule | Current queue of inclusion requests]]
+* [https://ccadb.my.salesforce-sites.com/mozilla/IncludedCACertificateReport Included CA Certificates] (HTML)
-* [[CA:Overview | Other useful information]]
+* [https://ccadb.my.salesforce-sites.com/mozilla/IncludedCACertificateReportCSVFormat Included CA Certificates] (CSV)
+* [https://ccadb.my.salesforce-sites.com/mozilla/IncludedCACertificateReportPEMCSV Included CA Certificates] (CSV with PEM of raw certificate data)
+* [https://ccadb.my.salesforce-sites.com/mozilla/UpcomingRootInclusionsReport Root Inclusions in Progress] (HTML)
+* [https://ccadb.my.salesforce-sites.com/mozilla/UpcomingRootInclusionsReportCSVFormat Root Inclusions in Progress] (CSV)