To address Mozilla Policy Issue mozilla#206

This proposed modification is to address Issue mozilla#206.
BenWilson-Mozilla · Nov 30, 2020 · b7b53ee · b7b53ee
1 parent ee19ee8
commit b7b53ee
Showing 1 changed file with 4 additions and 6 deletions.
diff --git a/rootstore/policy.md b/rootstore/policy.md
@@ -94,13 +94,11 @@ CAs whose certificates are included in Mozilla's root program MUST:
 4.  prior to issuing certificates, verify certificate
     requests in a manner that we deem acceptable for the stated
     purpose(s) of the certificates;
-5.  verify that all of the information that is included in SSL
-    certificates remains current and correct;
-6.  perform domain validation pursuant to section 3.2.2.4 of the Baseline Requirements at intervals of
-    395 days or less;
-7.  otherwise operate in accordance with published criteria that we
+5.  verify that all of the information that is included in SSL certificates remains current and correct at intervals of 825 days or less;
+5.1. for subjectAltName verifications of dNSNames and IPAddresses performed on or after July 1, 2021, verify that each dNSName or IPAddress is current and correct at intervals of 398 days or less;
+6.  otherwise operate in accordance with published criteria that we
     deem acceptable; and
-8.  ensure that all certificates within the scope of this policy, 
+7.  ensure that all certificates within the scope of this policy, 
     as described in Section 1.1, adhere to this policy.
 
 CAs MUST follow and be aware of discussions in the