Confirmed users, Administrators
5,526
edits
CA:MaintenanceAndEnforcement: Difference between revisions
m
→Actively Distrusting a Certificate
| Line 110: | Line 110: | ||
The steps to distrust a root certificate are as follows. | The steps to distrust a root certificate are as follows. | ||
# Report security concern | # Report security concern | ||
#* When a serious security concern is noticed, such as a | #* When a serious security concern is noticed, such as a root or intermediate certificate compromise, it should be treated as a security-sensitive bug, and the [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla Policy for Handling Security Bugs] should be followed. | ||
#* As per [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla's Policy for Handling Security Bugs] a security concern may be reported by sending email to [mailto:security@mozilla.org security@mozilla.org] or by [https://bugzilla.mozilla.org/enter_bug.cgi?alias=&product=Core&component=Security&bug_severity=critical filing a bug.] | #* As per [http://www.mozilla.org/projects/security/security-bugs-policy.html Mozilla's Policy for Handling Security Bugs] a security concern may be reported by sending email to [mailto:security@mozilla.org security@mozilla.org] or by [https://bugzilla.mozilla.org/enter_bug.cgi?alias=&product=Core&component=Security&bug_severity=critical filing a bug.] | ||
# Decide on course of action | # Decide on course of action | ||