On 12/4/15 4:44 AM, Kurt Roeckx wrote:
On 2015-01-22 22:43, Kathleen Wilson wrote:
All,
As you know, we've moved the CA Program data from spreadsheets into
SalesForce.
We are now creating a program that will be run once per month to
automatically send email to CAs when audit statements are past due;
meaning that the audit statement date is over a year old.
What is the status of this?
The program is run on the 3rd Tuesday of each month, and automated email
is sent to CAs for whom we have audit statements that are over a year old.
The email also notes if they do not have a BR audit statement *and* have
the websites trust bit set.
We're now more than those 240 days later
and there still are CAs that don't even have a BR audit yet.
Correct. There are still a few CAs who have the websites trust bit set
for their root certs and do not yet have a BR audit statement. Some of
them have the BR audit in progress (had to go through budget approval
process before being able to add another audit), and some are phasing
out those root certs.
Kathleen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
