Confirmed users
377
edits
CA/Subordinate CA Checklist: Difference between revisions
→Third-Party Subordinate CAs that are not Technically Constrained: Added bullet item for EV
(→Third-Party Subordinate CAs that are not Technically Constrained: Removed reference to object signing) |
(→Third-Party Subordinate CAs that are not Technically Constrained: Added bullet item for EV) |
||
| Line 65: | Line 65: | ||
#* DV: Organization attribute is not verified. Only the Domain Name referenced in the certificate is verified to be owned/controlled by the subscriber. | #* DV: Organization attribute is not verified. Only the Domain Name referenced in the certificate is verified to be owned/controlled by the subscriber. | ||
#* OV: Both the Organization and the ownership/control of the Domain Name are verified. | #* OV: Both the Organization and the ownership/control of the Domain Name are verified. | ||
#* EV: Extended validation was performed on the legal entity and its operational existence. | |||
# Review the CP/CPS for [http://wiki.mozilla.org/CA:Problematic_Practices Potentially Problematic Practices.] Provide further info when a potentially problematic practice is found. | # Review the CP/CPS for [http://wiki.mozilla.org/CA:Problematic_Practices Potentially Problematic Practices.] Provide further info when a potentially problematic practice is found. | ||
# If the root CA audits do not include this sub-CA, then for this sub-CA provide a publishable statement or letter from an auditor that meets the requirements of [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#3-documentation Mozilla's Root Store Policy.] | # If the root CA audits do not include this sub-CA, then for this sub-CA provide a publishable statement or letter from an auditor that meets the requirements of [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#3-documentation Mozilla's Root Store Policy.] | ||