Root Store Policy 2.5 Published

Version 2.5 of Mozilla’s Root Store Policy has now been published. This document incorporates by reference the Common CCADB Policy 1.0.1.

With this update, we have mostly worked through the backlog of modernization proposals, and I’d call this a policy fit for a transparent, openly-run root program in 2017. That doesn’t mean that there’s not more that could be done, but we’ve come a long way from policy 2.2, which we were using until six months ago, and which hadn’t been substantively updated since 2012.

We also hope that, very soon, more root store operators will join the CCADB, which will reduce everyone’s costs and administrative burdens on all sides, and hopefully allow root programs to be more responsive to changing circumstances and requests for inclusion or change.

2 thoughts on “Root Store Policy 2.5 Published

  1. What puzzles me is that the CCADB is not using a certificate not even one from Let’s Encrypt…

    Seems to be contradictory, even although the site doesn’t seem to have a login or something like it…

    • I know it’s ironic, but Github Pages with a custom domain doesn’t support SSL. We can probably fix it by putting it behind Cloudflare, but that’s a separate step we haven’t got around to yet.