All, This request is to include the "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and enabled EV treatment.
In order to help get this discussion moving again, I asked GDCA to provide a side-by-side comparison of the latest version of the BRs with their CP/CPS documents. They provided this BR-self-assessment here: https://bugzilla.mozilla.org/attachment.cgi?id=8851230 The documents that were evaluated in this self-assessment are available on the CA's website. All of these documents contain both the original text in Chinese, and the translation into English. Document Repository: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/ GDCA CP v1.5: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/CPCPS-GDCA1.5GDCA-CP-V1.5/ GDCA CPS v4.4: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/CPCPS-GDCA4.4GDCA-CPS-V4.4/ GDCA EV CP v1.3: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/CPCPS-GDCA-EV1.3GDCA-EV-CP-V1.3/ GDCA EV CPS v1.4: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/CPCPS-GDCA-EV1.4GDCA-EV-CPS-V1.4/ I will greatly appreciate it if you all would take another look at this CA's request, review their self-assessment, and respond in this discussion to let me know if you believe that this CA has addressed all of your questions or concerns. Also, I would like to make this BR-self-assessment a standard part of Mozilla's root inclusion/change process. I will draft what that will look like, and start a separate discussion about it. Thanks, Kathleen _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
