As per the CA Schedule at https://wiki.mozilla.org/CA:Schedule ComSign is the next request in the queue for public discussion.
ComSign (a private company owned by Comda, Ltd. in Israel) has applied to add two new root CA certificates to the Mozilla root store, as documented in the following bug: https://bugzilla.mozilla.org/show_bug.cgi?id=420705 and in the pending certificates list here: http://www.mozilla.org/projects/security/certs/pending/#ComSign Summary of Information Gathered and Verified: https://bugzilla.mozilla.org/attachment.cgi?id=363931 Some quick comments regarding noteworthy points: * The ComSign CA root has six internally-operated subordinate CAs that are used for issuing digital ID's to individuals and corporations in accordance with the Israeli Electronic Signature Law. The request is to only enable the email trust bit for this root. * The ComSign Secured CA has two internally-operated subordinate CAs that are used for issuing certificates for SSL and for code-signing. The request is to enable the websites and code signing trust bits for this root. * The CPS documents have been provided in English. * CRL issue: Current CRLs result in the ffffe009 error code when downloading into Firefox. ComSign has removed the critical flag from the CRL, and the new CRLs will be generated in April. * ComSign is a registered CA of the State of Israel – Ministry of Justice as per Israel Electronic Signature Law. ComSign is audited annually as per the Israel Electronic Signature Law. Auditor Sharony- Shefler & CO (independent certified public accountant in Israel) provided a statement dated 11/9/2008 that says that ComSign is a qualified licensed CA operating under charter of the government of the State of Israel as per the Israeli Electronic Signature Law, and declaring that the audit criteria are at least equivalent to ETSI TS 101 456. This begins the one-week discussion period. After that week, I will provide a summary of issues noted and action items. If there are no outstanding issues, then this request can be approved for inclusion. If there are outstanding issues or action items, then an additional discussion may be needed as follow-up. Kathleen -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
