On Tuesday, April 26, 2016, Microsoft will release a planned update to the Microsoft Trusted Root Certificate Program.
This release will add new roots for Digicert (Hotspot 2.0 Trust Root CA - 03); Certigna (Certigna Root CA); Trustcor (TrustCor RootCert CA-2, TrustCor ECA-1). This release will remove the following roots at our partners' request: CA Disig a.s.; CCA India 2011; TrustCor RootCert CA-1; TrustCor RootCert CA-2 (the root above replaces this one). Unlike past releases, however, Microsoft is implementing new functionality in Windows 10 that allows us to remove these roots while leaving existing Authenticode certificates as valid. Prior operating systems will be unaffected by this change. Finally, this release will modify several roots to remove EKUs at our partners' request. The roots to be modified are VeriSign Class 3 Public Primary CA, TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6, TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5, TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı. Microsoft will release these changes such that Windows 10 devices running the upcoming summer update will stop accepting the removed EKUs, but, in the event that the root is cross signed by another valid root, the OS will validate the certificate using the valid roots. As with the removals, older operating systems will not be affected by the removal of these EKUs. The update package is available for download and testing at http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/test Jody Cloutier Senior Security Program Manager Microsoft Trusted Root Certificate Program<http://aka.ms/rootcert> [cid:[email protected]]<sip:[email protected]>[cid:[email protected]]<tel:+1%20(425)%20705-7566>[cid:[email protected]]<mailto:[email protected]>[cid:[email protected]]<https://www.linkedin.com/in/jodycloutier> [https://brandtools.microsoft.com/Style%20Library/BT/Images/MicrosoftMasterLogo.png]<http://microsoft.com/>
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
