Confirm, administrator
5,526
edits
Changes
m
Added link to a good example of an incident report
= Incident Report =
[https://bugzilla.mozilla.org/show_bug.cgi?id=1690807#c2 Example Incident Report]<br />
The purpose of incident reporting is to help all of us work together to build a more secure web. Therefore, the incident report should share lessons learned that could be helpful to all CAs to build better systems. The incident report should explain how the systems failed, how was the mis-issuance or incident possible, and why the problem was not detected earlier. In addition to the timeline of responding to and resolving the incident, the incident report should explain how the CA's systems will be made more robust, and how other CAs may learn from the incident.
