The CCADB record says, "Telia Finland Oyj, part of Telia Company AB", but I'll ask that a representative of Telia clarify this for us.
On Mon, Dec 6, 2021 at 12:32 AM md <[email protected]> wrote: > Hi, > > as Telia Company AB (Sweden) and Telia Oy (Finland) are two separate legal > persons, its not clear what is Telia? > > Actually the same clarification needed for all other countries listed in > the Bug. > > Thanks, > M.D. > > > > Sent from my Galaxy > > > -------- Original message -------- > From: Ben Wilson <[email protected]> > Date: 12/1/21 17:16 (GMT+02:00) > To: "[email protected]" <[email protected]> > Subject: Public Discussion: Inclusion of Telia Root CA v2 > > All, > > This is to announce the beginning of the public discussion phase of the > Mozilla root CA inclusion process ( > https://wiki.mozilla.org/CA/Application_Process#Process_Overview - Steps > 4 through 9) for Telia’s inclusion request for the Telia Root CA v2 ( > https://crt.sh/?id=1199641739). > > Mozilla is considering approving Telia’s request to add the root as a > trust anchor with the websites and email trust bits as documented in Bugzilla > #1664161 <https://bugzilla.mozilla.org/show_bug.cgi?id=1664161> and CCADB > Case #660 > <https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000660>. > > > This email begins the 3-week comment period, after which, if no concerns > are raised, we will close the discussion and the request may proceed to the > approval phase (Step 10). > > *Summary* > > This CA certificate for Telia Root CA v2 is valid from 29-Nov-2018 to > 29-Nov-2043. > > *SHA2 Certificate Hash:* > > 242B69742FCB1E5B2ABF98898B94572187544E5B4D9911786573621F6A74B82C > > *Root Certificate Downloads:* > > https://support.trust.telia.com/repository/teliarootcav2_selfsigned.cer > > https://support.trust.telia.com/repository/teliarootcav2_selfsigned.pem > > > *CP/CPS:* Effective October 14, 2021, the current CPS for the Telia Root > CA v2 may be downloaded here: > > https://cps.trust.telia.com/Telia_Server_Certificate_CPS_v4.4.pdf (v.4.4). > > Repository location: https://cps.trust.telia.com/ > > > *Test Websites:* > > Valid - https://juolukka.cover.telia.fi:10603/ > > Revoked - https://juolukka.cover.telia.fi:10604/ > > Expired - https://juolukka.cover.telia.fi:10605/ > > > > *BR Self Assessment* (PDF) is located here: > https://support.trust.telia.com/download/CA/Telia_CA_BR_Self_Assessment.pdf > > *Audits:* Annual audits are performed by KPMG. The most recent audits > were completed for the period ending March 31, 2021, according to WebTrust > audit criteria. The standard WebTrust audit (in accordance with v.2.2.1) > contained no adverse findings. The WebTrust Baseline Requirements audit > (in accordance with v.2.4.1) was qualified based on the fact that the Telia > Root CA v1 certificate <https://crt.sh/?id=989582> did not include > subject:countryName. (The Telia Root CA v2 contains a subject:countryName > of “FI”.) > > Attachment B to the WebTrust Baseline Requirements audit report listed > eight (8) Bugzilla bugs for incidents open during the 2020-2021 audit > period, which are now resolved as fixed. They were as follows: > > *Link to Bugzilla Bug* > > *Matter description* > > https://bugzilla.mozilla.org/show_bug.cgi?id=1614311 > > Two CA certificates not listed in 2020 WebTrust audit report > > https://bugzilla.mozilla.org/show_bug.cgi?id=1612332 > > Ambiguity on KeyUsage with ECC public key > > https://bugzilla.mozilla.org/show_bug.cgi?id=1551372 > > One Telia certificate containing a stateOrProvinceName of “Some-State” > > https://bugzilla.mozilla.org/show_bug.cgi?id=1649683 > > Two Telia’s pre-2012 rootCA certificates aren’t fully compliant with > Baseline Requirements > > https://bugzilla.mozilla.org/show_bug.cgi?id=1637854 > > AIA CA Issuer field pointing to PEM-encoded certificate > > https://bugzilla.mozilla.org/show_bug.cgi?id=1674536 > > Certificates with RSA keys where modulus is not divisible by 8 > > https://bugzilla.mozilla.org/show_bug.cgi?id=1565270 > > Subject field automatic check in CA system > > https://bugzilla.mozilla.org/show_bug.cgi?id=1689589 > > Disallowed curve (P-521) in leaf certificate > > > > Recent, open bugs/incidents are the following: > > *Link to Bugzilla Bug* > > *Matter description* > > https://bugzilla.mozilla.org/show_bug.cgi?id=1738207 > > Issued three precertificates with non-NIST EC curve > > https://bugzilla.mozilla.org/show_bug.cgi?id=1736020 > > Invalid email contact address was used for few domains > > https://bugzilla.mozilla.org/show_bug.cgi?id=1737808 > > Delayed revocation of 5 EE certificates in connection to id=1736020 > > > > I have no further questions or concerns about this inclusion request, > however I urge anyone with concerns or questions to raise them on this list > by replying directly in this discussion thread. Likewise, a representative > of Telia must promptly respond directly in the discussion thread to all > questions that are posted. > > Again, this email begins a three-week public discussion period, which I’m > scheduling to close on December 22, 2021. > > Sincerely yours, > > Ben Wilson > > Mozilla Root Program > > > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZZj87QS3jL7R_32JEnfPZeU4hBNBJ%2BGHWU_pUdqF%3Dbbg%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZZj87QS3jL7R_32JEnfPZeU4hBNBJ%2BGHWU_pUdqF%3Dbbg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZHED3guMdvpqh6hzdEq%3DkzcRwTKMBigRyduX-VTT4AKA%40mail.gmail.com.
