Hi everyone, We would like to reinvigorate the process of developing the next version of Mozilla's root policy. Kathleen has been wrestling with it for some time now, but her time is limited and her tasks are many. Other obstructions include the "big bang" model of change we were using, the lack of collaboration tools, and the method of tracking issues in a big wiki page.
So, thanks to the magic of pandoc, I have converted the current policy (version 2.2) to a single Markdown document which now lives here, on the "2.2" branch: https://github.com/mozilla/pkipolicy/blob/2.2/rootstore/policy.md (I know there was another github repo with 2.3 work; I've started over again because I wanted to start from a clean 2.2, and make it into a single document from the beginning, for easier diffing. The repo name is also more generic, leaving room for CT policy and perhaps CCADB policy.) It would be useful if people checked it over to make sure I have not made any mistakes in conversion. The original is here, in four pages: https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ Secondly, I have implemented all the agreed decisions from this list: https://wiki.mozilla.org/CA:CertificatePolicyV2.3 on top of version 2.2 to make a current draft of version 2.3. Reviewing all these changes, they all seem to be sensible updates to reflect changes elsewhere, or things which are permissive. Kathleen has also commented elsewhere that people have been permitted to follow what the 2.3 draft says for some time. Therefore, it seems to me that we could ship the current draft version as version 2.3 immediately, with immediate applicability. Diff: https://github.com/mozilla/pkipolicy/compare/2.2...master We would then start work on 2.4. Does anyone see a problem with that? Thirdly, I have converted all of the proposed changes from that page into Github issues in the pkipolicy repository. https://github.com/mozilla/pkipolicy/issues Please make sure your favourite issue is present and well-explained, and file new ones if not. Fourthly, I have triaged the issues and marked those I think are urgent and achievable in a reasonably short time frame with the "2.4" milestone. That list is here: https://github.com/mozilla/pkipolicy/milestone/1 Please dispute my triage, either in or out, here on this list :-) So the proposal is to ship the current draft immediately as 2.3, then implement the urgent changes as soon as possible and ship that as 2.4, and then retriage the remaining issues to see what to do next. Comments, as always, are welcome. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
