All, Following the community’s recent iteration <https://groups.google.com/a/ccadb.org/g/public/c/GIBHz9FUjHY/m/XOOLNpOFCAAJ> and improvement on the updated CCADB Incident Reporting Guidelines <https://www.ccadb.org/cas/incident-report> (IRGs), the CCADB Steering Committee has collaborated on an updated draft of the CCADB Policy.
The set of proposed updates are available here <https://github.com/mozilla/www.ccadb.org/pull/198>. Objectives for this update include: - Clarifying Root Store Operator expectations related to CCADB disclosures. Some of these clarifications were motivated by public Incident Reports filed to Bugzilla over the past year. - Creating opportunities to (a) remove redundant/similar requirements located across root program policies related to CCADB disclosures and (b) encourage future simplicity. - Promoting simplicity and improving readability through a reorganization of normative and non-normative requirements. Additionally, minor updates are proposed to the IRGs (e.g., further streamlining the incident reporting closure process). These proposals should not be considered “final”, but instead a “work in-progress” that we hope to enhance through community contributions. We welcome your feedback on these proposed updates and recommendations by *May 23, 2025*. Please share your thoughts by replying to this email or, *preferably*, by suggesting edits directly on GitHub. Thank you -Chris, on behalf of the CCADB Steering Committee -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mBGdX37aqh2wmOvKf8EeQLngw%3Dc1qXA38A%3DqSkC%3DM2wHQ%40mail.gmail.com.
