Confirm, administrator
5,526
edits
Changes
CA
,→Useful Information for CAs
=== Useful Information for CAs ===
* [http://www.mozilla.org/projects/security/certs/policy/ Mozilla's CA Certificate Policy]
** [[CA:Terminology | Terminology]]
** [http://spreadsheets.google.com/pub?key=ttwCVzDVuWzZYaDosdU6e3w&single=true&gid=0&output=html List of included root certificates]
* [[CA:How_to_apply|A guide for CAs]] wishing to apply for inclusion of their root CA certificates.
** [[CA:Information_checklist|Checklist of CA information]] required to process a CA's application** [[CA:Recommended_Practices|Recommended practices for CAs]] wishing to have their root CA certificates included in Mozilla products** [[CA:Problematic_Practices|Potentially problematic CA practices]]. This discusses CA practices that are not explicitly forbidden by the Mozilla CA policy, and do not necessarily pose security issues, but that some people have expressed concerns about and that may cause delays in evaluating and approving CA applications. Some of these practices may be addressed in future versions of the Mozilla CA policy.* [http://spreadsheets.google.com/pub?key=ttwCVzDVuWzZYaDosdU6e3w&single=true&gid=0&output=html List of included root certificates]* [[CA:Schedule|Queue for Public Discussion]] of CA evaluations* [[CA:EV_Revocation_Checking|EV certificates and revocation checking]]. This discusses how revocation checking via OCSP or CRLs affects the UI treatment of EV certificates.* [[CA:Glossary|Glossary of CA- and Mozilla-related terms]]. Useful for following Mozilla CA-related discussions.* [[CA:Certificate Download Specification|Certificate download specification]]. This document describes the data formats used by Mozilla products for installing certificates.
* [[CA:Recommendations_for_Roots|Technical recommendations for root certificates]]. This is a very first-cut attempt to outline what root certificates should contain, based on the relevant RFCs as supplemented by existing practices.
* [[CA:SubordinateCA_checklist|Checklist for Subordinate CAs and CSPs]] Information needed when subordinate CAs are operated by third parties.
* [[CA:Root_Change_Process|Root Change Process]]. This wiki page describes how to change a root certificate that is currently included in NSS. This includes the process for disabling or removing a root certificate from NSS.
** [[CA:EV_Revocation_Checking|EV certificates and revocation checking]]. This discusses how revocation checking via OCSP or CRLs affects the UI treatment of EV certificates.
* [[CA:Glossary|Glossary of CA- and Mozilla-related terms]]. Useful for following Mozilla CA-related discussions.
* [[CA:Certificate Download Specification|Certificate download specification]]. This document describes the data formats used by Mozilla products for installing certificates.
* [[CA:UserCertDB|User Root Certificate Settings]]. This wiki page describes how to override the default root settings in Mozilla products.
* [[CA:MD5and1024|Dates for Phasing out MD5-based signatures and 1024-bit moduli]]
