Confirm, administrator
5,526
edits
Changes
Updated the section about RFC 3647 based on input from discussion in m.d.s.policy
===== CP/CPS Structured According to RFC 3647 =====
CP/CPS documents must be structured according to RFC 3647. This requirement is stated in section 2.2 of the CA/Browser Forum Baseline Requirements, with the effective of 31 May 2018. Further, CP/CPS documents should include every component and subcomponent, and the placement of information should be aligned with the BRs; e.g. domain validation practices should be documented in section 3.2.2.4 of the CA’s CP/CPS.
* The words "''No Stipulation''" mean that the particular document imposes no requirements related to that section. Any CPS that falls within the scope of Mozilla’s program must not use the words “No stipulation” unless the corresponding section in the CA/Browser Forum Baseline Requirements state “No stipulation”, “Not applicable”, or is blank. * The words “Not applicable” "''Not applicable''" are acceptable to indicate that the CA’s policies forbid the practice that is the title of the section. Language similar to “We do not perform <subject of the section>” is preferred. * Sections MUST not be left blank. The purpose of "No Stipulation" is to make it clear that the omission of content was intentional.* If a full description of a section is repeated elsewhere in the document, language similar to “Refer to Section 1.2.3” is preferred. Cross-referencing between CP and CPS documents is acceptable as long as both documents are published on your CA's website, and the CP and CPS documents clearly indicate which root certificates they govern.
Examples:
