Hi Doug, You're right. My mistake. They would be April 15, 2028. Thanks, Ben
On Mon, Apr 28, 2025 at 1:36 PM Doug Beattie <[email protected]> wrote: > Hi Ben > > > > Those CAs have a not-before of 2002, so wouldn’t they be in the first > S/MIME removal date of April 15, 2028? Or perhaps this page is out of date? > > - https://wiki.mozilla.org/CA/Root_CA_Lifecycles > > > > Doug > > > > *From:* 'Ben Wilson' via [email protected] < > [email protected]> > *Sent:* Monday, April 28, 2025 2:55 PM > *To:* Arabella Barks <[email protected]> > *Cc:* [email protected] > *Subject:* Re: Websites Trust Bit Removal in 2026 > > > > Hi Arabella, > > According to my records, that root certificate only has the email trust > bit enabled, and that would not be distrusted after April 15, 2029. > > Thanks, > > Ben > > > > On Mon, Apr 28, 2025 at 12:45 PM Arabella Barks <[email protected]> > wrote: > > Hi Ben, > > > > I'm curious why [Certum CA](https://crt.sh/?caid=69) and ( > OISTE WISeKey Global Root GA CA)[https://crt.sh/?caid=578] aren't in the > removal list in 2026 or 2025? > > > > Thanks, > > Ara > > On Tuesday, April 29, 2025 at 12:49:11 AM UTC+8 Ben Wilson wrote: > > All, > > We have completed the 2025 websites trust bit removal for root CAs created > before 2006 (except for Chunghwa Telecom's ePKI Root CA, and we plan on > removing the websites trust bit for that root CA in Firefox Release 141). > > I have updated the Root CA Lifecycles wiki page > <https://wiki.mozilla.org/CA/Root_CA_Lifecycles#2026_Websites_Trust_Bit_Removals> > to list 14 roots that are due to have their websites trust bit removed next > April 15, 2026. They are as follows: > > > > certSIGN ROOT CA > > EAA962C4FA4A6BAFEBE415196D351CCD888D4F53F3FA8AE6D7C466A94E6042BB > > SwissSign Gold CA - G2 > > 62DD0BE9B9F50A163EA0F8E75C053B1ECA57EA55C8688F647C6881F2C8357B95 > > Secure Global CA > > 4200F5043AC8590EBB527D209ED1503029FBCBD41CA1B506EC27F15ADE7DAC69 > > SecureTrust CA > > F1C1B50AE5A20DD8030EC9F6BC24823DD367B5255759B4E71B61FCE9F7375D73 > > DigiCert Assured ID Root CA > > 3E9099B5015E8F486C00BCEA9D111EE721FABA355A89BCF1DF69561E3DC6325C > > DigiCert Global Root CA > > 4348A0E9444C78CB265E058D5E8944B4D84F9662BD26DB257F8934A443C70161 > > DigiCert High Assurance EV Root CA > > 7431E5F4C3C1CE4690774F0B61E05440883BA9A01ED00BA6ABD7806ED3B118CF > > QuoVadis Root CA 2 > > 85A0DD7DD720ADB7FF05F83D542B209DC7FF4528F7D677B18389FEA5E5C49E86 > > QuoVadis Root CA 3 > > 18F1FC7F205DF8ADDDEB7FE007DD57E3AF375A9C4D8D73546BF4F1FED1E18D35 > > Entrust Root Certification Authority > > 73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C > > COMODO Certification Authority > > 0C2CD63DF7806FA399EDE809116B575BF87989F06518F9808C860503178BAF66 > > Certigna > > E3B6A2DB2ED7CE48842F7AC53241C7B71D54144BFB40C11F3F1D0B42F5EEA12D > > TeliaSonera Root CA v1 > > DD6936FE21F8F077C123A1A521C12224F72255B73E03A7260693E8A24B0FA389 > > Izenpe.com > > 2530CC8E98321502BAD96F9B1FBA1B099E2D299E0F4548BB914F363BC0D4531F > > > > Thanks, > > Ben > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtabmnx7EBkoKLR3RFwFNv1mk69tAmbX4PZCRhCJXChL2Mw%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtabmnx7EBkoKLR3RFwFNv1mk69tAmbX4PZCRhCJXChL2Mw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaY8KM4_kLwKO%3DATKPGd9N20Aeu0GELwNC6Za%2B5O4Prwyw%40mail.gmail.com.
