Today is the close of the comment period for the Identrust EV enablement request. I don't believe we have received any comments, and I intend to recommend that this request be approved unless there are any reasons why the request should be denied. Thanks, Ben
On Fri, Jul 10, 2020 at 4:05 PM Ben Wilson <bwil...@mozilla.com> wrote: > This is a request to EV-enable the IdenTrust Commercial Root CA 1, as > documented here: > > https://bugzilla.mozilla.org/show_bug.cgi?id=1551703 > > * Summary of Information Gathered and Verified: > > > https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000417 > > * SHA2 hash for Root CA Certificate: > 5D56499BE4D2E08BCFCAD08A3E38723D50503BDE706948E42F55603019E528AE > > * Root Certificate Download URL: > > http://validation.identrust.com/roots/commercialrootca1.p7c > > * Identrust’s BR Self Assessment is located here: > > https://bugzilla.mozilla.org/attachment.cgi?id=9153636 (Excel Spreadsheet > Download) > > * CPS: > > > https://www.identrust.com/sites/default/files/resources/identrust_trustid_cps_v4.7.3_06.15.2020.pdf > > * Test Website: > > https://ev-valid.identrustssl.com/ > > * EV Policy OIDs: > > 2.16.840.1.113839.0.6.9, 2.23.140.1.1 > > * CRL URL: > > http://validation.identrust.com/crl/commercialrootca1.crl > > * OCSP URL: > > http://commercial.ocsp.identrust.com > > * Audit: > > A period of time WebTrust EV annual audit report was provided on August > 16, 2019, by Schellman & Company, LLC, a licensed WebTrust auditor. That > and other WebTrust audit reports are available from the bottom of the > following applicant page: > https://www.identrust.com/support/documents/trustid. > > > I’ve reviewed the CPS, BR Self Assessment, and related information for > this inclusion request. Comments and concerns regarding the CPS were > satisfactorily addressed as noted in > https://bugzilla.mozilla.org/show_bug.cgi?id=1551703. I now recommend > that the IdenTrust Commercial Root CA 1 be enabled for Extended Validation > treatment. > > > This begins the 3-week comment period for this request. > > > I will greatly appreciate your thoughtful and constructive feedback on > Identrust’s request. > > Sincerely yours, > > Ben Wilson > > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
