fix fpki faq on certificates page#253
Merged
konklone merged 2 commits intoGSA:masterfrom Aug 31, 2018
lachellel:patch-1
Merged
Conversation
changed the links to point to fpki.idmanagement.gov pages updated to show that the mozilla application has been closed minor nit: there are non-USG operated publicly trusted root CAs that still create valid paths in some trust stores to federal pki issued certs. whether this is desirable or intentional is not addressed.
konklone
reviewed
Aug 31, 2018
pages/certificates.md
Outdated
| The [Federal PKI](https://fpki.idmanagement.gov) root is trusted by some browsers and operating systems, but is not contained in the [Mozilla Trusted Root Program](https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/). The Mozilla Trusted Root Program is used by Firefox, many Android devices, and a variety of other devices and operating systems. This means that the Federal PKI is not able to issue certificates for use in TLS/HTTPS that are trusted widely enough to secure a web service used by the general public. | ||
|
|
||
| The Federal PKI has an [open application](https://bugzilla.mozilla.org/show_bug.cgi?id=478418) to the Mozilla Trusted Root Program. However, even if the Federal PKI's application is accepted, it will take a significant amount of time for the Federal PKI's root certificate to actually be shipped onto devices and propagate widely around the world. | ||
| The Federal PKI and Mozilla have [closed the application](https://bugzilla.mozilla.org/show_bug.cgi?id=478418) to include the Federal PKI root in the Mozilla Trusted Root Program. |
Contributor
There was a problem hiding this comment.
I think we could actually just delete the paragraph altogether.
Contributor
|
@lachellel I removed the Mozilla paragraph altogether, since I don't think we need to acknowledge a closed bug now. Thank you for doing this! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
#252
@konklone