{"id":1974,"date":"2015-05-12T12:13:56","date_gmt":"2015-05-12T19:13:56","guid":{"rendered":"https:\/\/blog.mozilla.org\/security\/?p=1974"},"modified":"2016-09-30T02:49:01","modified_gmt":"2016-09-30T09:49:01","slug":"may-2015-ca-communication","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/","title":{"rendered":"May 2015 CA Communication"},"content":{"rendered":"<p>Mozilla has sent a <a title=\"CA Communication\" href=\"https:\/\/wiki.mozilla.org\/CA:Communications#May_2015\" target=\"_blank\">Communication<\/a> to the <a title=\"Certification Authority\" href=\"https:\/\/wiki.mozilla.org\/CA:FAQ#What_are_CAs.3F\" target=\"_blank\">Certification Authorities (CAs)<\/a> who have root certificates <a title=\"Mozilla Included CAs\" href=\"https:\/\/wiki.mozilla.org\/CA:IncludedCAs\" target=\"_blank\">included in Mozilla\u2019s program<\/a>. Mozilla\u2019s CA Certificate Program governs inclusion of root certificates in <a title=\"NSS\" href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Projects\/NSS\" target=\"_blank\">Network Security Services (NSS)<\/a>, a set of open source libraries designed to support cross-platform development of security-enabled client and server applications. The NSS root certificate store is not only used in Mozilla products such as the Firefox browser, but is also used by other companies in a variety of applications.<\/p>\n<p>The <a title=\"CA Communication\" href=\"https:\/\/wiki.mozilla.org\/CA:Communications#May_2015\" target=\"_blank\">CA Communication<\/a> has been emailed to the <a title=\"Primary Point of Contact\" href=\"https:\/\/wiki.mozilla.org\/CA:Information_checklist#CA_Primary_Point_of_Contact_.28POC.29\" target=\"_blank\">Primary Point of Contact (POC)<\/a> for each CA in Mozilla\u2019s program, and they have been asked to respond to 5 action items:<\/p>\n<ol>\n<li>Confirm that they are the current Primary POC, or give alternative details;<\/li>\n<li>Confirm that Mozilla has the correct link to their most recent <a title=\"Baseline Requirements\" href=\"https:\/\/cabforum.org\/baseline-requirements\/\" target=\"_blank\">Baseline Requirements<\/a> audit statement;<\/li>\n<li>Update us on their progress in <a title=\"Phasing out SHA-1 Cert Signature Algorithm\" href=\"https:\/\/blog.mozilla.org\/security\/2014\/09\/23\/phasing-out-certificates-with-sha-1-based-signature-algorithms\/\" target=\"_blank\">eliminating use of SHA-1<\/a> as a certificate signature algorithm;<\/li>\n<li>Inform us whether they are still issuing certificates with <a title=\"Things for CAs to Fix\" href=\"https:\/\/wiki.mozilla.org\/SecurityEngineering\/mozpkix-testing#Things_for_CAs_to_Fix\" target=\"_blank\">certain problems<\/a> identified when we moved to <a title=\"mozilla::pkix\" href=\"https:\/\/blog.mozilla.org\/security\/2014\/04\/24\/exciting-updates-to-certificate-verification-in-gecko\/\" target=\"_blank\">mozilla::pkix<\/a>; and<\/li>\n<li>Tell us about their support for <a title=\"IPv6\" href=\"http:\/\/www.google.com\/intl\/en\/ipv6\/index.html\" target=\"_blank\">IPv6<\/a>.<\/li>\n<\/ol>\n<p>The full action items can be read <a title=\"Survey Sample Link\" href=\"https:\/\/mozillacaprogram.secure.force.com\/Communications\/TakeSurvey?id=a04o000000M89RCAAZ&amp;cId=&amp;caId=none\" target=\"_blank\">here<\/a>. Responses to the survey will be collated using <a title=\"Salesforce\" href=\"https:\/\/www.salesforce.com\/\" target=\"_blank\">Salesforce<\/a> and the answers published in June.<\/p>\n<p>With this <a title=\"CA Communication\" href=\"https:\/\/wiki.mozilla.org\/CA:Communications#May_2015\" target=\"_blank\">CA Communication<\/a>, we re-iterate that participation in Mozilla&#8217;s CA Certificate Program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe. Nevertheless, we believe that the best approach to safeguard that security is to work with CAs as partners, to foster open and frank communication, and to be diligent in looking for ways to improve.<\/p>\n<p>Mozilla Security Team<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mozilla has sent a Communication to the Certification Authorities (CAs) who have root certificates included in Mozilla\u2019s program. Mozilla\u2019s CA Certificate Program governs inclusion of root certificates in Network Security &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/\">Read more<\/a><\/p>\n","protected":false},"author":581,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45538,69],"tags":[],"coauthors":[45544],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>May 2015 CA Communication - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kathleen Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/\",\"name\":\"May 2015 CA Communication - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2015-05-12T19:13:56+00:00\",\"dateModified\":\"2016-09-30T09:49:01+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"May 2015 CA Communication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\",\"name\":\"Kathleen Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"caption\":\"Kathleen Wilson\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"May 2015 CA Communication - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/","twitter_misc":{"Written by":"Kathleen Wilson","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/","url":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/","name":"May 2015 CA Communication - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2015-05-12T19:13:56+00:00","dateModified":"2016-09-30T09:49:01+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2015\/05\/12\/may-2015-ca-communication\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"May 2015 CA Communication"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063","name":"Kathleen Wilson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca","url":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","caption":"Kathleen Wilson"}}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/1974"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/581"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=1974"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/1974\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=1974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=1974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=1974"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=1974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}