> This request from Amazon is to enable EV treatment for the > currently-included “Starfield Services Root Certificate > Authority - G2 certificate, and to include the following 4 new root > certificates, turn on the Email and Websites trust bits for them, > and enable EV treatment for all of them. > - Amazon Root CA 1 (RSA key with a 2048 bit long modulus) > - Amazon Root CA 2 (RSA key with a 4096 bit long modulus) > - Amazon Root CA 3 (EC key on the NIST P-256 curve) > - Amazon Root CA 4 (EC key on the NIST P-384 curve) > All 4 of these new Amazon root certificates have cross-signed with the > currently-included “Starfield Services Root Certificate Authority - G2” > certificate. > > > The request is documented in the following bug: > https://bugzilla.mozilla.org/show_bug.cgi?id=1172401
Thank you, Andrew, for your thorough review of this request from Amazon Trust Services. I did not see any show-stoppers, so I think it is OK to proceed with approval of this request in parallel with Amazon updating their CPS. Does anyone else have questions, comments, or concerns about this request? If not, then I will proceed with recommending approval. Thanks, Kathleen _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy