I’m proposing to make Wayne Thayer the new owner of the “CA Certificate Policy” module. In his role at Mozilla, Wayne has been driving updates to Mozilla’s Root Store Policy and has been enforcing Mozilla’s policies governing Certification Authorities (CAs) for the past year. Wayne led the effort to release versions 2.6 and 2.6.1 of Mozilla’s Root Store Policy[1], has helped resolve over 70 CA compliance bugs[2], and is actively pursuing resolution to over 50 open CA compliance bugs[3].
There are two modules related to Mozilla’s CA Program which govern the default set of certificates in Network Security Services (NSS) and distributed in Mozilla’s software products. They are: 1) Mozilla CA Certificate Policy[4] Description: Definition and enforcement of policies governing Certification Authorities, their root certificates included in Mozilla software products, and intermediate and end-entity certificates within those CA hierarchies. Current Owner: Kathleen Wilson -- Proposed Owner: Wayne Thayer Current Peer(s): Wayne Thayer -- Proposed Peer: Kathleen Wilson 2) CA Certificates[5] Description: Determine which root certificates should be included in Mozilla software products, which trust bits should be set on them, and which of them should be enabled for EV treatment. Evaluate requests from Certification Authorities (CAs) for inclusion or removal of root certificates, and for updating trust bit settings or enabling EV treatment for already included root certificates. Owner: Kathleen Wilson -- no change Peer(s): Ryan Sleevi, Wayne Thayer -- no change Thanks, Kathleen [1] https://blog.mozilla.org/security/2018/07/02/root-store-policy-updated/ [2] https://wiki.mozilla.org/CA/Closed_Incidents [3] https://wiki.mozilla.org/CA/Incident_Dashboard [4] https://wiki.mozilla.org/Modules/All#Mozilla_CA_Certificate_Policy [5] https://wiki.mozilla.org/Modules/All#CA_Certificates _______________________________________________ governance mailing list governance@lists.mozilla.org https://lists.mozilla.org/listinfo/governance
