January 2020 CA Communication

ACTION 6: Incident Reporting Incident report requirements have been clarified in section 2.4 of Mozilla’s Root Store Policy. A few changes have been made to our wiki page providing guidance on incident reporting. Please ensure that you are aware of Mozilla’s expectations and are prepared to provide good incident reports (Here is an example).
ACTION 6 COMMENTS

CA Owner Response Response
AC Camerfirma, S.A. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Actalis We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Amazon Trust Services We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Asseco Data Systems S.A. (previously Unizeto Certum) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Atos We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Autoridad de Certificacion Firmaprofesional We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Buypass We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Certisign Certificadora Digital We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
China Financial Certification Authority (CFCA) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Chunghwa Telecom We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
ComSign We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Cybertrust Japan / JCSI We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
D-TRUST We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
DarkMatter LLC We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Deutsche Telekom Security GmbH We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Dhimyotis / Certigna We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
DigiCert We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Disig, a.s. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
E-Tugra We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Entrust We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA)) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
GlobalSign nv-sa We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
GoDaddy We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Google Trust Services LLC We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of Hong Kong (SAR), Hongkong Post, Certizen We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of Taiwan, Government Root Certification Authority (GRCA) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of The Netherlands, PKIoverheid (Logius) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Government of Turkey, Kamu Sertifikasyon Merkezi (Kamu SM) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
HARICA We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
IdenTrust Services, LLC We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Internet Security Research Group We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Izenpe S.A. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Krajowa Izba Rozliczeniowa S.A. (KIR) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
LuxTrust We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Microsec Ltd. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Microsoft Corporation We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
NETLOCK Kft. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
OISTE We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
QuoVadis We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
SECOM Trust Systems CO., LTD. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
SK ID Solutions AS We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
SSL.com We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Sectigo We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
SecureTrust We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Shanghai Electronic Certification Authority Co., Ltd. We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
SwissSign AG We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Swisscom (Switzerland) Ltd Other (please describe below) Swisscom Certificates are not in the root store any more. Nevertheless we received the "Mozilla CA Communication: Action requested by January 31, 2020" mail from Wayne. Was this an error or is there something additional Swisscom needs to do in order not to receive the root store communications?
Taiwan-CA Inc. (TWCA) We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Telia Company We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
TrustCor Systems We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Trustis We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
Web.com We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
certSIGN We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident
eMudhra Technologies Limited We are aware of the requirements for incident reporting and have the appropriate processes in place to meet Mozilla’s expectations in the event of an incident