On 10/23/14 11:50 AM, Kathleen Wilson wrote:
Staat der Nederlanden has applied to include the “Staat der Nederlanden
Root CA - G3” and “Staat der Nederlanden EV Root CA” root certificates;
turn on the Websites and Email trust bits for the “Staat der Nederlanden
Root CA - G3” root; turn on the Websites trust bit for the “Staat der
Nederlanden EV Root CA”; and enable EV treatment for the “Staat der
Nederlanden EV Root CA” root. The “Staat der Nederlanden Root CA - G3”
root will eventually replace the first and second generations of this
root that were included via Bugzilla Bug #243424 and Bug #436056.
Staat der Nederlanden is the Dutch government PKI (a.k.a. PKIoverheid),
designed for trustworthy electronic communication within and with the
Dutch government. Each root has one or more sub CAs known as domain CAs
or intermediate CAs. Each domain or intermediate CA services multiple
Certificate Service Providers (CSPs). The CSPs (commercial and
governmental organisations) issue several types of certificates, such as
authentication, encryption, non-repudiation and SSL, to end-users.
End-users can be companies and governmental organisations. The
PKIoverheid does not issue certificates directly to end-users, the
PKIoverheid only issues certificates to CSPs. The Ministry of the
Interior and Kingdom Relations (represented by Logius) is the owner of
the PKIoverheid. Logius supports the Dutch Minister of the Interior and
Kingdom Relations with the management and control of the PKI system.
The request is documented in the following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1016568
And in the pending certificates list:
http://www.mozilla.org/projects/security/certs/pending/
Summary of Information Gathered and Verified:
https://bugzilla.mozilla.org/attachment.cgi?id=8504870
Noteworthy points:
* The primary documents are in Dutch and English
Document Repository (Dutch):
https://www.logius.nl/ondersteuning/pkioverheid/aansluiten-als-csp/programma-van-eisen/
Document Repository (English):
https://www.logius.nl/languages/english/pkioverheid/
Thank you to those of you who reviewed and contributed to this
discussion about the request from Staat der Nederlanden to include the
“Staat der Nederlanden Root CA - G3” and “Staat der Nederlanden EV Root
CA” root certificates; turn on the Websites and Email trust bits for the
“Staat der Nederlanden Root CA - G3” root; turn on the Websites trust
bit for the “Staat der Nederlanden EV Root CA”; and enable EV treatment
for the “Staat der Nederlanden EV Root CA” root.
The questions and concerns that were raised during this discussion have
been addressed, and there are no resulting action items.
I am closing this discussion, and I will recommend approval in the bug.
https://bugzilla.mozilla.org/show_bug.cgi?id=1016568
Any further follow-up on this request should be added directly to the bug.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
