Confirmed users, Administrators
5,526
edits
CA:MaintenanceAndEnforcement: Difference between revisions
→Potential Problems, Prevention, Response
| Line 50: | Line 50: | ||
= Potential Problems, Prevention, Response= | = Potential Problems, Prevention, Response= | ||
The following is an enumeration of some of the different kinds of problems that may occur, and what our | The following is an enumeration of some of the different kinds of problems that may occur, and what our prevention or immediate response to those problems should be. This is not about meting out punishment, and is not intended to be punitive. Rather, when there is evidence of one of the problems below with a certificate chaining up to a CA in Mozilla's CA Certificate program, we need to take the necessary steps to keep users safe. If a particular CA's inclusion only helps a marginal or small percentage of Mozilla users while putting all Mozilla users at risk, then that CA's root certificate(s) should be removed. | ||
[http://www.mozilla.org/projects/security/certs/policy/EnforcementPolicy.html Mozilla's Enforcement Policy] describes the steps that Mozilla may take to evaluate and respond to security concerns related to certificate operation and issuance. The following list may be used as a guideline of what to expect when certain types of issues are found, but this list is non-binding because the necessary actions and responses will vary depending on the situation. | [http://www.mozilla.org/projects/security/certs/policy/EnforcementPolicy.html Mozilla's Enforcement Policy] describes the steps that Mozilla may take to evaluate and respond to security concerns related to certificate operation and issuance. The following list may be used as a guideline of what to expect when certain types of issues are found, but this list is non-binding because the necessary actions and responses will vary depending on the situation. | ||