Version 2.5 of Mozilla's CA Policy has now been published. You can find it here: https://github.com/mozilla/pkipolicy/blob/2.5/rootstore/policy.md
This document incorporates by reference the Common CCADB Policy 1.0.1: https://github.com/mozilla/pkipolicy/blob/2.5/ccadb/policy.md or http://ccadb.org/policy The previous Mozilla CCADB Policy document, which was very short, is now part of the main policy. Other than the requirement for using the Ten Blessed Methods (July 21 2017), and the requirement for constraints on email intermediates (January 15 2018 for existing intermediates), all of the new provisions are effective immediately. You can see the differences here: https://github.com/mozilla/pkipolicy/compare/2.4.1...2.5 There were a couple of changes post-review; I added a deadline, and we also made it clear in our policy what is clear elsewhere, that audits must be yearly, period-of-time, and contiguous. The copy of the policy on www.mozilla.org will be updated soon; this can take a few days. https://bugzilla.mozilla.org/show_bug.cgi?id=1375881 Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy