Re: Public Discussion of Firmaprofesional CA Inclusion Request

2024-03-25 Thread Ben Wilson 
 

On January 31, 2024, we began a six-week, public discussion[1] on the 
request from Firmaprofesional for inclusion of this root CA certificate:

FIRMAPROFESIONAL CA ROOT-A WEB 


The public discussion period ended on March 13, 2024.

We did not receive any objections or other questions or comments in 
opposition to Firmaprofesional’s request. We thank the community for its 
review and consideration during this period. Root Store Programs will make 
final inclusion decisions independently, on their own timelines, and based 
on each Root Store Member’s inclusion criteria. Further discussion may take 
place in the independently managed Root Store community forums (i.e., MDSP).
[1] 
https://groups.google.com/a/ccadb.org/g/public/c/3TXrvZC0isw/m/TMkE2rb_AAAJ 

On Monday, March 11, 2024 at 11:24:54 AM UTC-6 Ben Wilson wrote:

> All,
> This is just a reminder that the public discussion period ends this 
> Wednesday, March 13.
> Thanks,
> Ben
>
> On Wednesday, January 31, 2024 at 3:12:59 PM UTC-7 Ben Wilson wrote:
>
>> All,
>>
>> This email commences a six-week public discussion of Firmaprofesional’s 
>> request to include the “FIRMAPROFESIONAL CA ROOT-A WEB” as a publicly 
>> trusted root certificate in one or more CCADB Root Store Member’s program. 
>> This discussion period is scheduled to close on March 13, 2024.
>>
>> The purpose of this public discussion process is to promote openness and 
>> transparency. However, each Root Store makes its inclusion decisions 
>> independently, on its own timelines, and based on its own inclusion 
>> criteria. Successful completion of this public discussion process does not 
>> guarantee any favorable action by any root store.  
>>
>> Anyone with concerns or questions is urged to raise them on this CCADB 
>> Public list by replying directly in this discussion thread. Likewise, a 
>> representative of the applicant must promptly respond directly in the 
>> discussion thread to all questions that are posted.
>>
>> CCADB Case Number: 1044 
>> ;
>>  
>> Bugzilla: 1785215 
>>
>> Organization Background Information (listed in CCADB):
>>
>>- 
>>
>>CA Owner Name: Autoridad de Certificacion Firmaprofesional; 
>>Firmaprofesional S.A.
>>- 
>>
>>Website(s): https://www.firmaprofesional.com/
>>- 
>>
>>Address: Passeig de Gracia 50, 2º1º, Barcelona E-08007, Spain
>>- 
>>
>>Problem Reporting Mechanism(s): sop...@firmaprofesional.com
>>- 
>>
>>Organization Type: Firmaprofesional S.A. is a commercial entity in 
>>Spain (NIF A62634068)
>>- 
>>
>>Repository URL: 
>>https://www.firmaprofesional.com/certification-policies-and-practices/
>>
>> Certificates Requesting Inclusion:
>>
>>1. 
>>
>>FIRMAPROFESIONAL CA ROOT-A WEB:
>>- 
>>   
>>   Certificate download links: (CA Repository 
>>   , crt.sh 
>>   
>> 
>>   )
>>   - 
>>   
>>   Use cases served/EKUs: 
>>   - 
>>  
>>  Server Authentication 1.3.6.1.5.5.7.3.1
>>  - 
>>  
>>  Client Authentication 1.3.6.1.5.5.7.3.2
>>  - 
>>   
>>   Test websites:
>>   - 
>>  
>>  Valid: https://testsslev2022ec.firmaprofesional.com  
>>  - 
>>  
>>  Revoked: https://testrevokedsslev2022ec.firmaprofesional.com  
>>  - 
>>  
>>  Expired: https://testexpiredsslev2022ec.firmaprofesional.com 
>>  
>>
>> Existing Publicly Trusted Root CAs from Firmaprofesional S.A.:
>>
>>1. 
>>
>>Autoridad de Certificacion Firmaprofesional CIF A62634068:
>>
>>
>>- 
>>
>>Certificate download links: CA Repository 
>> (most recent),
>>- 
>>   
>>   crt.sh 
>>   
>> 
>>  
>>   (most recent root certificate, included in Google, Microsoft, and 
>> Mozilla)
>>   - 
>>   
>>   crt.sh 
>>   
>> 
>>  
>>   (prior root certificate, included in Apple, Microsoft)
>>   - 
>>
>>Use cases served/EKUs: 
>>- 
>>   
>>   Server Authentication 1.3.6.1.5.5.7.3.1
>>   - 
>>   
>>   Client Authentication 1.3.6.1.5.5.7.3.2
>>   - 
>>
>>Certificate Corpus (subCAs and OCSP): here 
>>
>> 
>>  
>>(requires

Re: Public Discussion of Firmaprofesional CA Inclusion Request

2024-03-11 Thread Ben Wilson 
All,
This is just a reminder that the public discussion period ends this 
Wednesday, March 13.
Thanks,
Ben

On Wednesday, January 31, 2024 at 3:12:59 PM UTC-7 Ben Wilson wrote:

> All,
>
> This email commences a six-week public discussion of Firmaprofesional’s 
> request to include the “FIRMAPROFESIONAL CA ROOT-A WEB” as a publicly 
> trusted root certificate in one or more CCADB Root Store Member’s program. 
> This discussion period is scheduled to close on March 13, 2024.
>
> The purpose of this public discussion process is to promote openness and 
> transparency. However, each Root Store makes its inclusion decisions 
> independently, on its own timelines, and based on its own inclusion 
> criteria. Successful completion of this public discussion process does not 
> guarantee any favorable action by any root store.  
>
> Anyone with concerns or questions is urged to raise them on this CCADB 
> Public list by replying directly in this discussion thread. Likewise, a 
> representative of the applicant must promptly respond directly in the 
> discussion thread to all questions that are posted.
>
> CCADB Case Number: 1044 
> ;
>  
> Bugzilla: 1785215 
>
> Organization Background Information (listed in CCADB):
>
>- 
>
>CA Owner Name: Autoridad de Certificacion Firmaprofesional; 
>Firmaprofesional S.A.
>- 
>
>Website(s): https://www.firmaprofesional.com/
>- 
>
>Address: Passeig de Gracia 50, 2º1º, Barcelona E-08007, Spain
>- 
>
>Problem Reporting Mechanism(s): sop...@firmaprofesional.com
>- 
>
>Organization Type: Firmaprofesional S.A. is a commercial entity in 
>Spain (NIF A62634068)
>- 
>
>Repository URL: 
>https://www.firmaprofesional.com/certification-policies-and-practices/
>
> Certificates Requesting Inclusion:
>
>1. 
>
>FIRMAPROFESIONAL CA ROOT-A WEB:
>- 
>   
>   Certificate download links: (CA Repository 
>   , crt.sh 
>   
> 
>   )
>   - 
>   
>   Use cases served/EKUs: 
>   - 
>  
>  Server Authentication 1.3.6.1.5.5.7.3.1
>  - 
>  
>  Client Authentication 1.3.6.1.5.5.7.3.2
>  - 
>   
>   Test websites:
>   - 
>  
>  Valid: https://testsslev2022ec.firmaprofesional.com  
>  - 
>  
>  Revoked: https://testrevokedsslev2022ec.firmaprofesional.com  
>  - 
>  
>  Expired: https://testexpiredsslev2022ec.firmaprofesional.com 
>  
>
> Existing Publicly Trusted Root CAs from Firmaprofesional S.A.:
>
>1. 
>
>Autoridad de Certificacion Firmaprofesional CIF A62634068:
>
>
>- 
>
>Certificate download links: CA Repository 
> (most recent),
>- 
>   
>   crt.sh 
>   
> 
>  
>   (most recent root certificate, included in Google, Microsoft, and 
> Mozilla)
>   - 
>   
>   crt.sh 
>   
> 
>  
>   (prior root certificate, included in Apple, Microsoft)
>   - 
>
>Use cases served/EKUs: 
>- 
>   
>   Server Authentication 1.3.6.1.5.5.7.3.1
>   - 
>   
>   Client Authentication 1.3.6.1.5.5.7.3.2
>   - 
>
>Certificate Corpus (subCAs and OCSP): here 
>
> 
>  
>(requires Censys account)
>- 
>
>Included in: Apple, Chrome, Microsoft, Mozilla
>
> Relevant Policy and Practices Documentation: 
>
>- 
>
>Firmaprofesional CPS in English 
>
> ,
>  
>version 230413
>- 
>
>Firmaprofesional Website Authentication Certificates CP in English 
>
> ,
>  
>version 230616
>
>
> Most Recent Self-Assessment:
>
>
>- 
>
>https://bugzilla.mozilla.org/attachment.cgi?id=9369465 (reviewed 
>12/19/2023)  
>
> Audit Statements:
>
>- 
>
>Auditor: DEKRA Testing and Certification, S.A.U. 
> (accredited by ENAC 
>
>)
>- 
>
>Audit Criteria: ETSI
>- 
>
>Date of Audit Issuance: June 1, 2023
>- 
>
>For Period Ending: March 27, 2023

Public Discussion of Firmaprofesional CA Inclusion Request

2024-01-31 Thread Ben Wilson 
All,

This email commences a six-week public discussion of Firmaprofesional’s
request to include the “FIRMAPROFESIONAL CA ROOT-A WEB” as a publicly
trusted root certificate in one or more CCADB Root Store Member’s program.
This discussion period is scheduled to close on March 13, 2024.

The purpose of this public discussion process is to promote openness and
transparency. However, each Root Store makes its inclusion decisions
independently, on its own timelines, and based on its own inclusion
criteria. Successful completion of this public discussion process does not
guarantee any favorable action by any root store.

Anyone with concerns or questions is urged to raise them on this CCADB
Public list by replying directly in this discussion thread. Likewise, a
representative of the applicant must promptly respond directly in the
discussion thread to all questions that are posted.

CCADB Case Number: 1044
;
Bugzilla: 1785215 

Organization Background Information (listed in CCADB):

   -

   CA Owner Name: Autoridad de Certificacion Firmaprofesional;
   Firmaprofesional S.A.
   -

   Website(s): https://www.firmaprofesional.com/
   -

   Address: Passeig de Gracia 50, 2º1º, Barcelona E-08007, Spain
   -

   Problem Reporting Mechanism(s): sopo...@firmaprofesional.com
   -

   Organization Type: Firmaprofesional S.A. is a commercial entity in Spain
   (NIF A62634068)
   -

   Repository URL:
   https://www.firmaprofesional.com/certification-policies-and-practices/

Certificates Requesting Inclusion:

   1.

   FIRMAPROFESIONAL CA ROOT-A WEB:
   -

  Certificate download links: (CA Repository
  , crt.sh
  

  )
  -

  Use cases served/EKUs:
  -

 Server Authentication 1.3.6.1.5.5.7.3.1
 -

 Client Authentication 1.3.6.1.5.5.7.3.2
 -

  Test websites:
  -

 Valid: https://testsslev2022ec.firmaprofesional.com
 -

 Revoked: https://testrevokedsslev2022ec.firmaprofesional.com
 -

 Expired: https://testexpiredsslev2022ec.firmaprofesional.com


Existing Publicly Trusted Root CAs from Firmaprofesional S.A.:

   1.

   Autoridad de Certificacion Firmaprofesional CIF A62634068:


   -

   Certificate download links: CA Repository
    (most recent),
   -

  crt.sh
  

  (most recent root certificate, included in Google, Microsoft, and Mozilla)
  -

  crt.sh
  

  (prior root certificate, included in Apple, Microsoft)
  -

   Use cases served/EKUs:
   -

  Server Authentication 1.3.6.1.5.5.7.3.1
  -

  Client Authentication 1.3.6.1.5.5.7.3.2
  -

   Certificate Corpus (subCAs and OCSP): here
   

   (requires Censys account)
   -

   Included in: Apple, Chrome, Microsoft, Mozilla

Relevant Policy and Practices Documentation:

   -

   Firmaprofesional CPS in English
   
,
   version 230413
   -

   Firmaprofesional Website Authentication Certificates CP in English
   
,
   version 230616


Most Recent Self-Assessment:


   -

   https://bugzilla.mozilla.org/attachment.cgi?id=9369465 (reviewed
   12/19/2023)

Audit Statements:

   -

   Auditor: DEKRA Testing and Certification, S.A.U.
    (accredited by ENAC
   
   )
   -

   Audit Criteria: ETSI
   -

   Date of Audit Issuance: June 1, 2023
   -

   For Period Ending: March 27, 2023
   -

   Audit Statement(s): https://www.dekra.com/media/2302-fpr-fr-aal.pdf

Incident Summary (Bugzilla incidents from previous 24 months):

Bugzilla

Title

Opened

1769240 

Firmaprofesional: 2022 - SSL certificates issued with wrong Organization ID
number 

2022-05-13

1771715 

Firmaprofesional: 2022 - StateorProvince field


2022-05-30

1771722 

Firmaprofesional: 2022 - Title field


2022-05-30

1771724