It seems like the list of topics to cover on the Responding to a Misissuance page: https://wiki.mozilla.org/CA/Responding_To_A_Misissuance#Incident_Report has become a de facto template for incident reports.
We've now had quite a few CAs use this outline to respond to issues. If people (CAs or others) have feedback on how this template could be improved, that would be a fine thing. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy