> The fourth fingerprint (e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2) is also one octet short, but I have been unable to identify what certificate it is supposed to match.
I think this should be E9:A8:5D:22:14:52:1C:5B:AA:0A:B4:BE:24:6A:23:8A:C9:BA:E2:A9 - E-Tugra Global Root CA RSA v3 https://crt.sh/?q=E9%3AA8%3A5D%3A22%3A14%3A52%3A1C%3A5B%3AAA%3A0A%3AB4%3ABE%3A24%3A6A%3A23%3A8A%3AC9%3ABA%3AE2%3AA9 On Mon, Nov 18, 2024 at 12:25 PM 'Aaron Gable' via [email protected] <[email protected]> wrote: > The certificate with > fingerprint ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a > (the first one listed) is TrustCor RootCert CA-1 > <https://crt.sh/?id=19392284>. You can see the email announcing Mozilla's > decision to remove TrustCor from their trust store here > <https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ>. > That email thread also contains most of the discussion and deliberation > around why TrustCor was removed, as well as messages from the Microsoft and > Chrome root programs announcing similar distrust decisions. > > The second fingerprint listed does not correspond to any known > certificate, but that is because you have accidentally truncated it by one > octet. I believe it was meant to > be b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c*:c0*, in > which case it matches TrustCor RootCert CA-2 <https://crt.sh/?id=19392278>, > which was distrusted at the same time as the above. > > The same goes for the third fingerprint. It should > be 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78*:bd*, for TrustCor > ECA-1 <https://crt.sh/?id=19392274>, which was also removed at the same > time as the above. > > The fourth fingerprint > (e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2) is also one > octet short, but I have been unable to identify what certificate it is > supposed to match. > > The certificate with > fingerprint 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 > (the fifth one listed) is E-Tugra Global Root CA ECC v3 > <https://crt.sh/?id=2605043398>. You can see the email announcing > Mozilla's decision to remove E-Tugra from their trust store here > <https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A/m/qDXcQu-hBAAJ> > . > > The sixth fingerprint is also missing its final octet. It should be > e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2*:a9* to match E-Tugra > Global Root CA RSA v3 <https://crt.sh/?id=2605037174>, which was removed > from the trust store at the same time as the one above. > > Aaron > > On Mon, Nov 18, 2024 at 8:41 AM M THUG <[email protected]> wrote: > >> Dear Mozilla Firefox Team, >> >> I hope this message finds you well. >> >> I am writing to inquire about the removal of the following SSL/TLS >> certificates from Firefox's trusted certificate store. These certificates >> are identified by the following SHA1 fingerprints: >> >> SHA1 Fingerprint: >> ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 >> Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 >> Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 >> Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 >> Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 >> SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 >> Could you kindly provide clarification as to why these specific >> certificates were removed? Understanding the rationale behind this decision >> will help us assess any potential impact on our systems and ensure that we >> are adhering to the best practices for security. >> >> Thank you in advance for your attention to this matter. I look forward to >> your response. >> >> Best regards, Vamsi >> >> -- >> You received this message because you are subscribed to the Google Groups >> "[email protected]" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion visit >> https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/ffb4ca11-594d-486b-8b55-2f95f0c3eef0n%40mozilla.org >> <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/ffb4ca11-594d-486b-8b55-2f95f0c3eef0n%40mozilla.org?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAEmnErcrE5Fbd%2BSVA9-WTCPYQmgQV4sisMsKtBVOa-XN_%3DJYyw%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAEmnErcrE5Fbd%2BSVA9-WTCPYQmgQV4sisMsKtBVOa-XN_%3DJYyw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAKh5S0Yobi0H5rBTJKDzr7gXy6wEbSZqP44whXpcD_0MhTsSqA%40mail.gmail.com.
