According to https://wiki.mozilla.org/Modules: "A module is a discrete
unit of code or activity. An owner is the person in charge of a module
or sub-module. A peer is a person whom the owner has appointed to help
them."
There are two modules associated with the CA Program.
Module #1
Name: Mozilla CA Certificate Policy
Owner: Kathleen Wilson
Peers: Gervase Markham, Johnathan Nightingale, Sid Stamm
URL: http://www.mozilla.org/projects/security/certs/policy/
Module #2
Name: CA Certificates
Description: Determine which root certificates should be included in
Mozilla software products, which trust bits should be set on them, and
which of them should be enabled for EV treatment. Evaluate requests from
Certification Authorities (CAs) for inclusion or removal of root
certificates, and for updating trust bit settings or enabling EV
treatment for already included root certificates.
Owner: Kathleen Wilson
Peer(s): Gervase Markham, Johnathan Nightingale, Sid Stamm
Bugzilla Component(s): mozilla.org::CA Certificates
I propose making the following changes to the Peers list for these modules.
1) Remove Johnathan from the Peers list of both modules. Johnathan
provided valuable guidance and insight over my first few years of
working on Mozilla’s CA program. But, alas, he has not been very
involved in Mozilla's CA program since he became VP of Firefox.
2) Add Richard Barnes to the Peers list of both modules. Richard has
been contributing to Mozilla's CA program and managing Mozilla's Crypto
Engineering team for the past year, and has been working (and managing
work) on related projects including OneCRL,
https://wiki.mozilla.org/CA:RevocationPlan,
https://wiki.mozilla.org/PKI:CT, ability to add name constraints to
built-in certificates, and research into SSL cert and CA root cert usage
(more about this later, stay tuned). Many of you also know Richard from
his work in the IETF.
3) Add Ryan Sleevi to the Peers list of the "CA Certificates" module.
Ryan has been an active contributor to the mozilla.dev.security.policy
forum for three years. He provided technical guidance and helped refine
the updates to versions 2.1 and 2.2 of Mozilla's CA Certificate Policy,
and he regularly contributes to discussions about root inclusion/change
requests. Many of you are also aware of Ryan's active involvement in the
NSS team, Google's root program, CT, and the CA/Browser forum.
I will appreciate your thoughtful and constructive feedback on these
proposed changes.
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
