On 11/6/14 11:37 AM, Kathleen Wilson wrote:
DSV Gruppe has applied to include the SHA-256 "S-TRUST Universal Root
CA" root certificate and enable the Email trust bit. DSV Gruppeās SHA-1
"S-TRUST Authentication and Encryption Root CA 2005:PN" root certificate
was included in NSS via Bugzilla Bug #370627.
Deutscher Sparkassen Verlag GmbH (DSV Gruppe) is a public corporation
that provides customers of the German Savings Bank Financial Group with
client-certificates for their signature enabled debit card (smartcard).
All German citizens are able to get one of these signature cards which
can be used for secure email communication, web access for online
banking, legally signing transactions, and accessing e-government
applications. S-TRUST is a trademark of DSV Gruppe.
The request is documented in the following bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1011182
And in the pending certificates list:
http://www.mozilla.org/projects/security/certs/pending/
Summary of Information Gathered and Verified:
https://bugzilla.mozilla.org/attachment.cgi?id=8506450
Noteworthy points:
* The primary documents are in German.
CPS: https://www.s-trust.de/stn-cps
* CA Hierarchy:
** This root has one internally-operated subordinate CA, "S-TRUST
Authentication and Encryption Class 3 CA"
* This request is to turn on the Email trust bit.
Does anyone have questions or comments about this request to include the
SHA-256 "S-TRUST Universal Root CA" root certificate and enable the
Email trust bit?
If not, I will recommend approval in the bug.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
