All, The public discussion period has ended for this EV-enablement request. We have received no negative comments. There does not appear any action item for Netlock to complete in order to move this request forward. This is notice that I am closing the public discussion period [Step 9 of the Application Process] and that it is Mozilla’s intent to approve the inclusion request [Step 10].
This begins a 7-day “last call” period (through Dec. 9, 2021) for any final objections. Thanks, Ben On Thu, Nov 11, 2021 at 11:08 AM Ben Wilson <bwil...@mozilla.com> wrote: > This is to announce the beginning of the public discussion phase of the > Mozilla root CA process (see > https://wiki.mozilla.org/CA/Application_Process#Process_Overview (Steps 4 > through 9) to EV-enable the NetLock Arany (Class Gold) Főtanúsítvány Root > CA, as outlined below. > > This EV enablement request has been tracked in the CCADB and in Bugzilla > as follows: > > > https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000488 > > https://bugzilla.mozilla.org/show_bug.cgi?id=1579454 > > Mozilla is considering approving Netlock’s request. This email begins a > 3-week comment period, after which, if no concerns are raised, we will > close the discussion and the request may proceed to the approval phase > (Step 10). > > *Root Certificate Information:* > > https://netlock.hu/tanusitvanykiadok/#arany-class-gold-fotanusitvany > > > https://crt.sh/?q=6C61DAC3A2DEF031506BE036D2A6FE401994FBD13DF9C8D466599274C446EC98 > > https://bugzilla.mozilla.org/attachment.cgi?id=365241 > > > > *CP/CPS:* > > Repository location: https://netlock.hu/aktualis-szabalyzatok/#english > > Current Qualified CPS – Ver. 20210716 (July 16, 2021) > > Current Non-Qualified CPS – Ver. 20200901 (Sept. 1, 2020) > > Current Non-EIDAS CPS (DV SSL) – Ver. 20200731 (July 31, 2020) > > Previous Mozilla CPS review (EV-only) - > https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c9 > > Netlock Responses to CPS Review - > https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c10 > > > > *Audits and Reported Incidents:* > > Netlock’s auditor is Certop Informatikai Tanúsítási Szolgáltatások Kft. ( > https://hu.certop.com/en/). Certop last audited Netlock in September > 2021. The 2021 audit may be downloaded here: > https://it.certop.com/wp-content/uploads/2021/10/Certop_cert_Netlock_with_annex_english_2021_final_sign.pdf > > Netlock’s Bugzilla-recorded incidents over the past year are: > > 1680378 <https://bugzilla.mozilla.org/show_bug.cgi?id=1680378> > > Replacement of enduser certificates after the EVGL 1.7.4 self-audit (Open) > > 1716874 <https://bugzilla.mozilla.org/show_bug.cgi?id=1716874> > > CA Certificate Missing from Audit Reports (Open) > > 1656882 <https://bugzilla.mozilla.org/show_bug.cgi?id=1656882> > > Failure to revoke noncompliant ICA within 7 days (Closed) > > 1676367 <https://bugzilla.mozilla.org/show_bug.cgi?id=1676367> > > Issuance of >398-day precertificates after 2020-09-01 (Closed) > > 1676440 <https://bugzilla.mozilla.org/show_bug.cgi?id=1676440> > > Cumulative report connected to EV verification (Closed) > > 1688844 <https://bugzilla.mozilla.org/show_bug.cgi?id=1688844> > > Delayed revocation report connected to ticket 1680378 (Closed) > > > > This email begins a three-week public discussion period, which I’m > scheduling to close on or about 2-December-2021. > > A representative of Netlock must promptly respond directly in the > discussion thread to all questions that are posted. > > > > Sincerely yours, > > Ben Wilson > > Mozilla Root Program > -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaY7YN9LSxoZr3ovq2MVMyEKr2LvYXyeorqk0h3K4A2S4Q%40mail.gmail.com.
