All, I plan to proceed with this list. I've already started discussion on Issue #258 - adoption of the S/MIME Baseline Requirements. I'll be posting the other issues for discussion here on dev-security-policy soon. Thanks, Ben
On Wed, May 31, 2023 at 9:25 PM Ben Wilson <[email protected]> wrote: > All, > > There are currently 59 issues listed in GitHub related to the Mozilla Root > Store Policy (MRSP), (https://github.com/mozilla/pkipolicy/issues). Below > is a list of 11 items that I have flagged to consider addressing in the > next version (2.9) of the MRSP, which I'd like to finalize in the next two > months. They are tagged with a "2.9" label in GitHub ( > https://github.com/mozilla/pkipolicy/labels/2.9). > > I will appreciate your input on this list. Are there MRSP issues in GitHub > that should be added, removed, or re-prioritized? > > Please respond here on the dev-security-policy list (MDSP) with general > comments or with pointers to the issue as it appears on GitHub. > > Based on the list, I will start a separate discussion thread on MDSP for > each issue. > > FWIW, I also created draft language in GitHub for these v.2.9 issues > (links below). Before I post the notice of each separate discussion on > MDSP, if you would like to begin in-depth, substantive discussions on the > resolution of these issues, you can do so on GitHub. In other words, feel > free to discuss these issues on GitHub until we launch a specific > discussion here on this list--which will be done with a subject line of, > e.g., "Policy 2.9: MRSP Issue #123", etc. > > *#123 - Annual Compliance Self Assessment > <https://github.com/mozilla/pkipolicy/issues/123>* > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..faf8a994105bf7dd9c3adf0799f0196199e9cf28 > > > *#232 - Add policy about old root certificates > <https://github.com/mozilla/pkipolicy/issues/232>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..80371c97c7e21565d772a9b9a1d899021cf136c6 > > *#239 - Audit Statement Content > <https://github.com/mozilla/pkipolicy/issues/239>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..8968d9b6fedc1f94f4afa6a59ce609b759f497e6 > > *#250 - Clarify MRSP 5.3.2 to expressly include revoked CA certificates > <https://github.com/mozilla/pkipolicy/issues/250>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..0c54728889ed3a541db1316063c7a0b70d5e82e0 > > *#252 - Add Requirements for Reporting CA Security Incidents > <https://github.com/mozilla/pkipolicy/issues/252>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..564e38720e88e09537511a39965412655060087e > > *#254 - Harmonize CRL Reason Codes with CA/B Forum Revocation Reasons > <https://github.com/mozilla/pkipolicy/issues/254>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..62b239bf39ed5c138bd65868d56530ddc8a6785c > > *#258 - SMIME Baseline Requirements > <https://github.com/mozilla/pkipolicy/issues/258>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..39d169886598553afb29eae492e6c1241fc504fb > > *#261 - Merge 5 and 5.1 in Section 2.1 > <https://github.com/mozilla/pkipolicy/issues/261>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..08ab6176c74be1033b5714099e8fc56f56e821c8 > > > *#263 - Clarify sentence prohibiting blank sections that also contain no > Subsections in CPs and CPSes > <https://github.com/mozilla/pkipolicy/issues/263>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..bd36e6c26583e3e090c2de83e0d61dc5698407d3 > > *#266 - Update 2.4 Incidents to reference > https://www.ccadb.org/cas/incident-report > <https://github.com/mozilla/pkipolicy/issues/266>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..004f6ca9fc8b69407f9022bde121f6b748a775d7 > > *#267 - Update WebTrust and ETSI audit criteria to current versions and > identifiers <https://github.com/mozilla/pkipolicy/issues/267>* > > > https://github.com/Mozilla/pkipolicy/compare/bf36841af0686676f0435769db8c641d7d17dfb3..444d1cfd4d54edafaa9581e71572280a7bb483a8 > > Thanks, > > Ben Wilson > > Mozilla Root Store > > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaYuox6QUXYS2QEm%3DLiixvZbgN1Dy1ycL14Hy%2BDAmjekPg%40mail.gmail.com.
