> ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a This appears to be TrustCor RootCert CA-1, and you can find more information about its removal here: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ
> b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c > 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 > e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 > ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 I can't find any certificates matching these hashes. They're all too short to be SHA1 hashes, though, so perhaps there was a copy/paste error. > 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 This appears to be E-Tugra Global Root CA ECC v3, and you can find more information about its removal here: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A/m/qDXcQu-hBAAJ On Mon, Nov 18, 2024 at 8:41 AM M THUG <[email protected]> wrote: > Dear Mozilla Firefox Team, > > I hope this message finds you well. > > I am writing to inquire about the removal of the following SSL/TLS > certificates from Firefox's trusted certificate store. These certificates > are identified by the following SHA1 fingerprints: > > SHA1 Fingerprint: > ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 > Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 > Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 > Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 > Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 > SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 > Could you kindly provide clarification as to why these specific > certificates were removed? Understanding the rationale behind this decision > will help us assess any potential impact on our systems and ensure that we > are adhering to the best practices for security. > > Thank you in advance for your attention to this matter. I look forward to > your response. > > Best regards, Vamsi > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/ffb4ca11-594d-486b-8b55-2f95f0c3eef0n%40mozilla.org > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/ffb4ca11-594d-486b-8b55-2f95f0c3eef0n%40mozilla.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAHP1u2izx2HBtu%3DnqJUgVodx9BdOhRkZKO1tfHHAriYYmRXGuQ%40mail.gmail.com.
