All, I'm getting ready to send the April 2017 CA Communication email.
I updated the wiki page to have the survey introduction text, and a (read-only) link to the full survey: https://wiki.mozilla.org/CA:Communications#April_2017 The survey in the Common CA Database is now open, with an expiration date of May 1. The text for the mass email is ready (see below). I have it set to be sent to the CA's email alias and CC'd to the Primary Points of Contact for each CA currently included in Mozilla's program. == Email Text == Subject: Mozilla CA Communication: Action requested by April 28, 2017 Message: Dear Certification Authority, This email requests a set of actions on your behalf, as a participant in Mozilla's CA Certificate Program, by April 28, 2017. Please login to the Common CA Database, click on the 'CA Communications (Page)' tab, select the 'April 2017 CA Communication' survey, and submit your initial response by April 28, 2017. Reference: https://wiki.mozilla.org/CA:CommonCADatabase A compiled list of CA responses to the survey action items will be automatically and immediately published by the Common CA Database here: https://wiki.mozilla.org/CA:Communications In addition to responding to the action items in this survey, we are instituting a program requirement that you follow discussions in the mozilla.dev.security.policy forum, which includes discussions about upcoming changes to Mozilla's CA Certificate Policy, questions and clarification about policy and expectations, root certificate inclusion/change requests, and certificates that are found to be non-compliant with the CA/Browser Forum's Baseline Requirements or other program requirements. You are not required to contribute to those discussions, only to be aware of them. However, we hope you will participate and help shape the future of Mozilla's CA Certificate Program. Participation in Mozilla's CA Certificate Program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe. Nevertheless, we believe that the best approach to safeguard that security is to work with CAs as partners, to foster open and frank communication, and to be diligent in looking for ways to improve. Thank you for your cooperation in this pursuit. Regards, Kathleen Wilson Mozilla CA Program Manager === _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
