I've been looking at a request from Entrust (bug 416544) to (among other things) have its new Entrust Root Certification Authority root enabled for EV. This is a new Entrust root that was approved for inclusion last year by Gerv (bug 382352) and subsequently added to NSS (bug 387892).
(NOTE: This has nothing to do with Entrust legacy roots in NSS, and nothing to do with Entrust cross-signing of other CA's roots. AFAICT this root is used only for Entrust EV certificates. In bug 416544 Entrust has also requested EV status for its legacy roots, but I'm handling that as a separate issue.) Entrust recently completed and published a WebTrust EV audit for this root. (There's a WebTrust audit as well.) At first glance everything looks in order. I'm therefore opening up an initial public comment period for this request. At the end of that comment period I'll make a preliminary determination whether to approve the request or not, and then we'll have a final public comment period before I make a final decision. This idea of having two comment periods is one I think I mentioned previously in this forum. You can consider this a first call for comments, and then we'll have a last call if/when I do a preliminary approval. This is the first time we've done it this way, so I'll arbitrarily set the first comment period at 2 weeks, and the second one at 1 week; we can make these longer or shorter as needed. For more information about the Entrust EV request please see the pending list entry for Entrust: http://www.mozilla.org/projects/security/certs/pending/#Entrust For more information about the previous request from last year please see the Entrust entry in the included list: http://www.mozilla.org/projects/security/certs/included/#Entrust Note that I checked in Entrust-related updates for these list just a few minutes ago, so it may take an hour or two for them to show up on the site. Frank -- Frank Hecker [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
