CA/Information Checklist: Difference between revisions

← Older edit

CA/Information Checklist (view source)

Revision as of 22:35, 17 October 2023

434 bytes removed , 17 October 2023

Updating to remove duplication with the ccadb.org website and instructions documents

Kathleen Wilson

Confirmed users, Administrators

5,526

edits

@@ Line 52: / Line 52: @@
 == CA Primary Point of Contact (POC) ==
-In addition to the information listed in the template and example above, CAs must provide the contact information for at least one person filling the role of Primary Point of Contact (POC), and may use a contractor as one of the POCs. The CA must have one or more people within the CA’s organization who jointly have authority to speak on behalf of the CA, and to direct whatever changes the review process or Mozilla’s CA Communications require.  At least one of the CA’s POCs should also be in a position to make commitments for the CA and be held accountable by the CA.
+Each CA organization in the CCADB must provide the contact information for at least one person filling the role of Primary Point of Contact (POC), as described in [https://www.ccadb.org/policy#2-contact-information section 2 of the CCADB Policy].
-The Primary POCs will:
+=== Provide or update POC information ===
+* Create an [https://www.ccadb.org/cas/contacts "Add/Update Contacts"] case.
+** Detailed Instructions: [https://docs.google.com/document/d/1QQ-wZYPJ_3p76Zc3RZPE929pKIResc5J4vjSGGi_NuE/edit?usp=sharing Add/Update Contacts]
+* Provide the updates in the CONTACTS tab.
+* Click on the "Submit to Root Store" button.
+=== Responsibilities of a Primary POC ===
 * Provide [http://ccadb.org/cas/updates annual updates] of CP/CPS documents, audit statements, and test websites.
 * Respond to [https://wiki.mozilla.org/CA/Communications CA Communications]
-* Input and maintain the CA’s data in the [http://ccadb.org/ Common CA Database (CCADB)]
+* Input and maintain the CA’s data in the [https://www.ccadb.org/cas/ CCADB].
 * [mailto:certificates@mozilla.org Inform Mozilla] when there is a change in the organization, ownership, CA policies, or in the POCs that Mozilla should be aware of, as per
-** [http://ccadb.org/policy#2-contact-information Common CCADB Policy]
+** [http://ccadb.org/policy#2-contact-information Section 2 of the CCADB Policy], and
-** [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#8-ca-operational-changes Mozilla's Root Store Pne number to a specific individual within the CA (must be one of the POCs).
+** [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#8-ca-operational-changes Section 8 of the Mozilla Root Store Policy].
-* CA Email Alias: An email alias is being requested so that more than one person in your organization will receive notifications in case the primary contact is out of the office or leaves the organiolicy]
+* Make sure the "CA Email Alias" field on the CA Owner page is correct.
-* [mailto:certificates@mozilla.org Provide Mozilla] with updated contact information if a new person becomes a POC.
+** An email alias is being requested so that more than one person in your organization will receive notifications in case the primary contact is out of the office or leaves the organization.
+** The CA Email Alias is updated via an "Add/Update Root Request" case.
-Required contact information:
+=== Authority ===
-* Direct E-mail address, full name (first and last name), and phozation. Mozilla CA Communications will be sent to both the POC direct email address(es) and the email alias.
+If the CA uses a contractor as a POC, then someone at the CA must also be a POC for the CA Owner record in the CCADB, and the POC from the CA must be CC’d on the root inclusion Bugzilla bug.
-* CA Phone Number: A main phone number from which Mozilla can reach the organization responsible for root certificates for the CA.
-* Title / Department: If Mozilla needed to call your main phone number, what Title/Department should the Mozilla representative ask for?
-If the CA uses a contractor as an additional POC, then someone at the CA must be CC’d on the root inclusion Bugzilla bug, CA Communications, and the CA’s responses to CA Communications.
 * An individual within the CA must also get a Bugzilla account and comment in the bug to say that they will be a POC for the CA, and that the contractor has indeed been hired by the CA to act as one of the POCs.
 To ensure that the POC(s) has the authority to perform the tasks listed above, a representative of Mozilla may do the following.
-# Use the CA’s website to contact a person at the CA to confirm that at least one of the POCs that have been provided does indeed have the authority to perform the responsibilities listed above on behalf of the CA.
+# Use the CA’s website to contact a person at the CA to confirm that the Primary POCs that have been provided do indeed have the authority to perform the responsibilities listed above on behalf of the CA.
-# Use the CA’s website, to confirm that the domain in the email address of at least one of the POCs is owned by the CA (e.g. @CAname.com).
+# Use the CA’s website, to confirm that the domain in the email address of at least one of the Primary POCs is owned by the CA (e.g. @CAname.com).
-# If a contractor is also used as a POC, then contact the POC that was previously verified to confirm that the CA has indeed enlisted the help of the contractor.
+# If a contractor is also used as a Primary POC, then contact the Primary POC that was previously verified to confirm that the CA has indeed enlisted the help of the contractor.