{"id":2596,"date":"2020-05-08T10:05:34","date_gmt":"2020-05-08T17:05:34","guid":{"rendered":"https:\/\/blog.mozilla.org\/security\/?p=2596"},"modified":"2020-05-08T10:05:34","modified_gmt":"2020-05-08T17:05:34","slug":"may-2020-ca-communication","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/","title":{"rendered":"May 2020 CA Communication"},"content":{"rendered":"<p>Mozilla has sent a <a href=\"https:\/\/wiki.mozilla.org\/CA\/Communications#May_2020_CA_Communication\" rel=\"noopener noreferrer\" target=\"_blank\">CA Communication and Survey<\/a> to inform <a href=\"https:\/\/en.wikipedia.org\/wiki\/Certificate_authority\" rel=\"noopener noreferrer\" target=\"_blank\">Certification Authorities (CAs)<\/a> who have root certificates <a href=\"https:\/\/wiki.mozilla.org\/CA\/Included_Certificates\" rel=\"noopener noreferrer\" target=\"_blank\">included in Mozilla\u2019s program<\/a> about current expectations. Additionally this survey will collect input from CAs on potential changes to <a href=\"http:\/\/www.mozilla.org\/projects\/security\/certs\/policy\/\" rel=\"noopener noreferrer\" target=\"_blank\">Mozilla\u2019s Root Store Policy<\/a>. This CA communication and survey has been emailed to the <a href=\"https:\/\/wiki.mozilla.org\/CA\/Information_Checklist#CA_Primary_Point_of_Contact_.28POC.29\" rel=\"noopener noreferrer\" target=\"_blank\">Primary Point of Contact (POC)<\/a> and an <a href=\"http:\/\/ccadb.org\/policy#2-contact-information\" rel=\"noopener noreferrer\" target=\"_blank\">email alias<\/a> for each CA in Mozilla\u2019s program, and they have been asked to respond to the following items:<\/p>\n<ol>\n<li>Review <a href=\"https:\/\/wiki.mozilla.org\/CA\/Audit_Statements#Audit_Delay\" rel=\"noopener noreferrer\" target=\"_blank\">guidance<\/a> about actions a CA should take if they realize that mandated restrictions regarding COVID-19 will impact their audits or delay revocation of certificates.\n<\/li>\n<li>Inform Mozilla if their CA\u2019s ability to fulfill the commitments that they made in response to the <a href=\"https:\/\/wiki.mozilla.org\/CA\/Communications#January_2020_CA_Communication\" rel=\"noopener noreferrer\" target=\"_blank\">January 2020 CA Communication<\/a> has been impeded.\n<\/li>\n<li>Provide input into potential policy changes that are under consideration, such as limiting maximum lifetimes for TLS certificates and limiting the re-use of domain name verification.\n<\/li>\n<\/ol>\n<p>The full communication and survey can be read <a href=\"https:\/\/wiki.mozilla.org\/CA\/Communications#May_2020_CA_Communication\" rel=\"noopener noreferrer\" target=\"_blank\">here<\/a>. Responses to the survey will be automatically and immediately <a href=\"https:\/\/wiki.mozilla.org\/CA\/Communications#May_2020_Responses\" rel=\"noopener noreferrer\" target=\"_blank\">published by the CCADB<\/a>.<br \/>\n<br \/>\nWith this CA Communication, we reiterate that participation in Mozilla\u2019s CA Certificate Program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe. Nevertheless, we believe that the best approach to safeguard that security is to work with CAs as partners, to foster open and frank communication, and to be diligent in looking for ways to improve.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mozilla has sent a CA Communication and Survey to inform Certification Authorities (CAs) who have root certificates included in Mozilla\u2019s program about current expectations. Additionally this survey will collect input &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/\">Read more<\/a><\/p>\n","protected":false},"author":581,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69],"tags":[],"coauthors":[45544],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>May 2020 CA Communication - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kathleen Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/\",\"name\":\"May 2020 CA Communication - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2020-05-08T17:05:34+00:00\",\"dateModified\":\"2020-05-08T17:05:34+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"May 2020 CA Communication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\",\"name\":\"Kathleen Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"caption\":\"Kathleen Wilson\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"May 2020 CA Communication - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/","twitter_misc":{"Written by":"Kathleen Wilson","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/","url":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/","name":"May 2020 CA Communication - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2020-05-08T17:05:34+00:00","dateModified":"2020-05-08T17:05:34+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2020\/05\/08\/may-2020-ca-communication\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"May 2020 CA Communication"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063","name":"Kathleen Wilson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca","url":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","caption":"Kathleen Wilson"}}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/2596"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/581"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=2596"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/2596\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=2596"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=2596"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=2596"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=2596"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}