CA/Root Store Policy Archive: Difference between revisions

Revision as of 15:22, 11 December 2019

Policy document, Common CCADB Policy
Publication date: August 13, 2018
Effective (compliance) date: August 13, 2018, except:
- January 1, 2019: Separation of id-kp-serverAuth and id-kp-emailProtection KeyPurposeIds in newly created intermediate certificates as described in section 5.3
List of changes and diff

Policy document, Common CCADB Policy
Publication date: June 29, 2018
Effective (compliance) date: July 1, 2018, except:
- January 1, 2019: Separation of id-kp-serverAuth and id-kp-emailProtection KeyPurposeIds in newly created intermediate certificates as described in section 5.3
List of changes and diff

Policy document, Common CCADB Policy
The "Mozilla CCADB Policy" document is now part of the main Policy
Publication date: June 23, 2017
Compliance date: June 23, 2017, except:
- Technical constraints for email intermediates, which is (erratum) November 15, 2017 for existing non-qualifying intermediates to cease issuing, and April 15 2018 for them to be revoked or audited
- Using the Ten Blessed Methods for domain validation, which is July 21, 2017
List of changes and diff

Policy document, Common CCADB Policy, Mozilla CCADB Policy
Publication date: March 31, 2017
Compliance date: March 31, 2017 (except "CP/CPS in English", which is June 1, 2017)
This version has no changes in normative requirements over version 2.4; it is a rearrangement and reordering of the existing policy.

Policy document, Common CCADB Policy, Mozilla CCADB Policy
Publication date: February 28, 2017
Compliance date: February 28, 2017 (except "CP/CPS in English", which is June 1, 2017)
List of changes and diff

@@ Line 5: / Line 5: @@
 * Publication date: December 10, 2019
 * Effective (compliance) date: January 1, 2020, except:
-** April 1, 2020: CPs and CPSes MUST be structured according to RFC 3647 and MUST:
+** April 1, 2020: CPs and CPSes published after this date MUST be structured according to RFC 3647 and MUST:
-   * Include at least every section and subsection defined in RFC 3647; and,
+*** Include at least every section and subsection defined in RFC 3647; and,
-   * Only use the words "No Stipulation" to mean that the particular document imposes no requirements related to that section; and,
+*** Only use the words "No Stipulation" to mean that the particular document imposes no requirements related to that section; and,
-   * Contain no sections that are blank and have no subsections.
+*** Contain no sections that are blank and have no subsections.
 ** July 1, 2020: End-entity certificates MUST include an Extended Key Usage (EKU) extension containing KeyPurposeId(s) describing the intended usage(s) of the certificate, and the EKU extension MUST NOT contain the KeyPurposeId anyExtendedKeyUsage.
 * [https://github.com/mozilla/pkipolicy/compare/master@{12-09-19}...2.7 List of changes and diff]