On 3/4/14, 2:51 PM, Kathleen Wilson wrote:
On 1/28/14, 4:25 PM, Kathleen Wilson wrote:
DigiCert has applied to include 5 new root certificates that will
eventually replace the 3 DigiCert root certificates that were included
in NSS via bug #364568. The request is to turn on all 3 trust bits and
enable EV for all of the new root certs.
1) DigiCert Assured ID Root G2 -- This SHA-256 root will eventually
replace the SHA-1 “DigiCert Assured ID Root CA” certificate.
2) DigiCert Assured ID Root G3 -- The ECC version of the Assured ID root.
3) DigiCert Global Root G2 -- This SHA-256 root will eventually replace
the SHA-1 “DigiCert Global Root CA” certificate.
4) DigiCert Global Root G3 -- The ECC version of the Global root.
5) DigiCert Trusted Root G4 -- This SHA-384 root will eventually replace
the SHA-1 “DigiCert High Assurance EV Root CA” certificate.
DigiCert is a US-based commercial CA with headquarters in Utah. DigiCert
provides digital certification and identity assurance services
internationally to a variety of sectors including business, education,
and government.
The request is documented in the following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=908827
Thank you to those of you who have reviewed and commented on this
request from DigiCert.
Does anyone have any further questions about this request, or feel that
there is anything left to resolve from this discussion (regarding this
specific request)?
If not, I will close this discussion, and recommend that this request be
approved after I have confirmed receipt of DigiCert's BR audit statement.
Thanks,
Kathleen
Thank you to those of you who reviewed and contributed to this
discussion about the request from DigiCert to include 5 new root
certificates that will eventually replace the 3 DigiCert root
certificates that are currently included in NSS. The request is to turn
on all 3 trust bits and enable EV for all of the new root certs.
I believe that the concerns about this request that were raised during
this discussion have been addressed.
I am closing this discussion, and I will recommend approval in the bug,
with actual inclusion on hold pending confirmation of the upcoming BR
audit statement.
https://bugzilla.mozilla.org/show_bug.cgi?id=908827
Any further follow-up on this request should be added directly to the bug.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
