mozilla/pkipolicy

Issues

• TLS-specific and S/MIME-specific Root CAs

  #279 opened 3 months ago by BenWilson-Mozilla
  0

• Consider requiring MarkDown for CPs and CPSes

  #282 opened a month ago by BenWilson-Mozilla
  1

• OCSP response issuance latency for certificates/pre-certificates

  #280 opened 3 months ago by BenWilson-Mozilla
  8

• Add P-521 as currently supported

  #281 opened 3 months ago by BenWilson-Mozilla
  0

• Address Delayed Revocation

  #276 opened 4 months ago by BenWilson-Mozilla
  2

• Add Linting Requirements

  #278 opened 4 months ago by BenWilson-Mozilla
  0

• 删除 bjca 根证书

  #277 opened 4 months ago by superarts
  1

• Consider replacing "CA operator" with "CA owner"

  #260 opened 2 years ago by BenWilson-Mozilla
  3

• Updating Incident Reports

  #271 opened a year ago by BenWilson-Mozilla
  0

• Emphasize period-of-time key lifecycle management in MRSP § 3.1.3

  #275 opened 9 months ago by BenWilson-Mozilla
  0

• Initial Incident Report Timeframe

  #270 opened a year ago by BenWilson-Mozilla
  0

• Clarify sentence prohibiting blank sections that also contain no Subsections in CPs and CPSes

  #263 opened 2 years ago by BenWilson-Mozilla
  6

• Update WebTrust and ETSI audit criteria to current versions and identifiers

  #267 opened a year ago by WilsonKathleen
  4

• Update 2.4 Incidents to reference https://www.ccadb.org/cas/incident-report

  #266 opened a year ago by WilsonKathleen
  0

• Harmonize CRL Reason Codes with CA/B Forum Revocation Reasons

  #254 opened a year ago by BenWilson-Mozilla
  1

• SMIME Baseline Requirements

  #258 opened a year ago by BenWilson-Mozilla
  8

• Merge 5 and 5.1 in Section 2.1

  #261 opened a year ago by BenWilson-Mozilla
  0

• Clarify MRSP 5.3.2 to expressly include revoked CA certificates

  #250 opened a year ago by BenWilson-Mozilla
  1

• Add Requirements for Reporting CA Security Incidents

  #252 opened a year ago by BenWilson-Mozilla
  3

• Audit Statement Content

  #239 opened a year ago by bcmorton
  0

• Add policy about old root certificates

  #232 opened a year ago by WilsonKathleen
  7

• Require more detail in CPSes re: CA ownership and control

  #237 opened 3 years ago by BenWilson-Mozilla
  1

• Revisit TCSCs in next version of MRSP

  #241 opened 3 years ago by BenWilson-Mozilla
  1

• Replace "three months" with number of days in section 3.1.3

  #262 opened 2 years ago by BenWilson-Mozilla
  2

• Require annual submission of self-assessments

  #240 opened a year ago by BenWilson-Mozilla
  2

• CABF EV OID must appear 1st in End Entity Certificates

  #248 opened 2 years ago by BenWilson-Mozilla
  5

• Change year/annual to 365 days

  #243 opened 2 years ago by BenWilson-Mozilla
  2

• Edit 3.3 Item 7 to Require "all" CPs and CPSes

  #249 opened 2 years ago by BenWilson-Mozilla
  3

• Edit MRSP 4.1 to clarify full CRL publication issues in the CCADB

  #251 opened 2 years ago by BenWilson-Mozilla
  4

• Requirement to disclose DCV method subsection should not be "SHOULD"

  #253 opened 2 years ago by AGWA
  2

• Clarify policy about CRL shards listing their own URI in the issuingDistributionPoint extension

  #256 opened 2 years ago by WilsonKathleen
  10

• Mention CCADB Public List in MRSP 2.1

  #257 opened 2 years ago by BenWilson-Mozilla
  1

• Should BRG 6.2.6 forbidden?

  #222 opened 4 years ago by RufusJWB
  8

• Consider Requiring Auditor Rotation

  #259 opened 2 years ago by BenWilson-Mozilla
  0

• Consider Requiring Logging in Certificate Transparency

  #255 opened 2 years ago by BenWilson-Mozilla
  1

• Continuing refinements of MRSP v2.8 Section 6.1.1 (Revocation Reasons)

  #247 opened 2 years ago by aarongable
  5

• Mandate ISO8601/RFC3339 formatted dates in incident reports

  #236 opened 3 years ago by BenWilson-Mozilla
  2

• Clarify that CAs can generate their own keys

  #238 opened 2 years ago by timfromdigicert
  3

• Rephrase "included certificate" in MRSP 5.2

  #242 opened 2 years ago by BenWilson-Mozilla
  1

• Require CCADB Disclosure of Full CRLs (or equivalent JSON array) for CRLite

  #235 opened 2 years ago by WilsonKathleen
  3

• Add link to wiki page documenting process for reviewing externally operated subordinate CAs

  #233 opened 2 years ago by WilsonKathleen
  3

• Add Policy about CRL Revocation Reason Codes

  #234 opened 2 years ago by WilsonKathleen
  3

• Update the incorrect extensions item in section 5.2

  #226 opened 2 years ago by WilsonKathleen
  3

• Clarify Meaning of "CP/CPS"

  #227 opened 2 years ago by BenWilson-Mozilla
  0

• Clarify technically-constrained sub-CA extended key usages

  #228 opened 2 years ago by sleevi
  2

• Require ETSI auditors to be ACAB-c members

  #219 opened 2 years ago by WilsonKathleen
  1

• Section 2.1.{6,7} indentation is wrong

  #224 opened 3 years ago by mimi89999
  2

• Clarify "CAs MUST NOT generate the key pairs" section

  #225 opened 3 years ago by mimi89999
  4

• Wrong hyperlink for "Material Change" in MRSP Section 8

  #221 opened 4 years ago by BenWilson-Mozilla
  1

• Require the entire CA Hierarchy to be audited against each purpose the root is trusted for

  #220 opened 4 years ago by WilsonKathleen
  2