All, Here is a comparison between version 2.7.1 and proposed version 2.8 (without language yet for sunsetting SHA1 and requiring CRLReason codes). https://github.com/mozilla/pkipolicy/compare/master...BenWilson-Mozilla:2.8 Ben
On Thu, Feb 3, 2022 at 2:56 PM Ben Wilson <[email protected]> wrote: > All, > > Below is a list of the current MRSP issues for version 2.8. I believe > we're getting closer to finalizing the language. > > > > There appear to be things to discuss for highlighted Issues #178 > (Sunsetting SHA1), #219 (Requiring ETSI Auditors to be ACAB'c members), > #226 (clarifying section 5.2), and #234 (CRL reason codes). > > > > Are there any others in the list that should still be considered open for > discussion? > > > > Also, besides the dates indicated below in the list, are there any other > effective dates or compliance deadlines that should accompany any of these > changes? > > > > Thanks, > > > Ben > > > > *Github* > > *Title / > Compliance Date* > > #131 <https://github.com/mozilla/pkipolicy/issues/131> > > Improve terminology and style / *Immediate* > > #138 <https://github.com/mozilla/pkipolicy/issues/138> > > Make it clear that precertificates are covered by Mozilla policy / > *Immediate* > > #155 <https://github.com/mozilla/pkipolicy/issues/155> > > Describe actions Mozilla may take upon receipt of a qualified audit / > *Immediate* > > #178 <https://github.com/mozilla/pkipolicy/issues/178> > > Sunset SHA-1 in S/MIME Certificates / *TBD* > > #184 <https://github.com/mozilla/pkipolicy/issues/184> > > Change Terminology from SSL to TLS / *Immediate* > > #185 <https://github.com/mozilla/pkipolicy/issues/185> > > Require publication of outdated CA policy documents / *Immediate* > > #195 <https://github.com/mozilla/pkipolicy/issues/195> > > Require public discussion when an organization receives a new subCA / > *Immediate* > > #198 <https://github.com/mozilla/pkipolicy/issues/198> > > Outline Policy Update Process / *Immediate* > > #219 <https://github.com/mozilla/pkipolicy/issues/219> > > Require ETSI auditors to be ACAB-c members / *Upon submission of next > audit* > > #226 <https://github.com/mozilla/pkipolicy/issues/226> > > Update the incorrect extensions item in section 5.2 /* Immediate* > > #227 <https://github.com/mozilla/pkipolicy/issues/227> > > Clarify Meaning of "CP/CPS" / *Immediate* > > #228 <https://github.com/mozilla/pkipolicy/issues/228> > > Clarify technically-constrained sub-CA extended key usages / *Immediate* > > #229 <https://github.com/mozilla/pkipolicy/pull/229> > > Disclose also TCSC to CCADB / *July 1, 2022* > > #230 <https://github.com/mozilla/pkipolicy/pull/230/files> > > Clarifying Trust Transfer / *Immediate* > > #233 <https://github.com/mozilla/pkipolicy/issues/233> > > Wiki page - process for reviewing externally operated CAs / *Immediate* > > #234 <https://github.com/mozilla/pkipolicy/issues/234> > > Add Policy about CRL Revocation Reason Codes / *September 1, 2022* > > #235 <https://github.com/mozilla/pkipolicy/issues/235> > > Require CCADB Disclosure of Full CRLs / *October 1, 2022* > > > > > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtabV%3D9QLpEYMgq8Zk%2Bd5t-VgpxoxOaOX3n%3D8EC%3DqPHYx5g%40mail.gmail.com.
