On April 21, 2025, we began a six-week, public discussion on the request from TrustAsia for inclusion of its root certificate(s):
- TrustAsia SMIME ECC Root CA <https://crt.sh/?q=436472C1009A325C54F1A5BBB5468A7BAEECCBE05DE5F099CB70D3FE41E13C16> - TrustAsia SMIME RSA Root CA <https://crt.sh/?q=C7796BEB62C101BB143D262A7C96A0C6168183223EF50D699632D86E03B8CC9B> - TrustAsia TLS ECC Root CA <https://crt.sh/?q=C0076B9EF0531FB1A656D67C4EBE97CD5DBAA41EF44598ACC2489878C92D8711> - TrustAsia TLS RSA Root CA <https://crt.sh/?q=06C08D7DAFD876971EB1124FE67F847EC0C7A158D3EA53CBE940E2EA9791F4C3> The public discussion period has now ended. We did not receive any objections or other questions or comments in opposition to TrustAsia’s request. We thank the community for its review and consideration during this period. Root Store Programs will make final inclusion decisions independently, on their own timelines, and based on each Root Store Member’s inclusion criteria. Further discussion may take place in the independently managed Root Store community forums (i.e., MDSP). Thank you -Chris, on behalf of the CCADB Steering Committee On Fri, May 23, 2025 at 8:51 AM Chris Clements <[email protected]> wrote: > All, > > This is a reminder that the public discussion period on the inclusion > application of TrustAsia will close on Monday June 2, 2025. > > Thank you > -Chris, on behalf of the CCADB Steering Committee > > On Mon, Apr 21, 2025 at 9:13 AM Chris Clements <[email protected]> > wrote: > >> All, >> >> This email commences a six-week public discussion of TrustAsia’s request >> to include the following certificates as publicly trusted root certificates >> in one or more CCADB Root Store’s program. This discussion period is >> scheduled to close on *June 2, 2025*. >> >> The purpose of this public discussion process is to promote openness and >> transparency. However, each Root Store makes its inclusion decisions >> independently, on its own timelines, and based on its own inclusion >> criteria. Successful completion of this public discussion process does not >> guarantee any favorable action by any root store. >> >> Anyone with concerns or questions is urged to raise them on this CCADB >> Public list by replying directly in this discussion thread. Likewise, a >> representative of the applicant must promptly respond directly in the >> discussion thread to all questions that are posted. >> >> CCADB Case Number: 00002095 >> <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00002095> >> >> Organization Background Information (listed in CCADB): >> >> - >> >> CA Owner Name: TrustAsia Technologies, Inc. >> - >> >> Website: https://www.trustasia.com/ >> - >> >> Address: 3201 Building B. New Caohejing International Business >> Center, 391 Guiping Rd, Shanghai, Shanghai, China, 200233 >> - >> >> Problem Reporting Mechanisms: [email protected] >> - >> >> Organization Type: Private Corporation >> - >> >> Repository URL: https://repository.trustasia.com/ >> >> Certificates Requesting Inclusion: >> >> >> 1. >> >> TrustAsia SMIME ECC Root CA: >> >> >> - >> >> Certificate download links: CA Repository >> >> <https://repository.trustasia.com/repo/certs/dedicated/TrustAsiaSMIMEECCRootCA.cer> >> / crt.sh >> >> <https://crt.sh/?q=436472C1009A325C54F1A5BBB5468A7BAEECCBE05DE5F099CB70D3FE41E13C16> >> - >> >> Intended use cases served/EKUs: >> - >> >> Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Test websites: N/A >> >> >> >> 2. >> >> TrustAsia SMIME RSA Root CA: >> - >> >> Certificate download links: CA Repository >> >> <https://repository.trustasia.com/repo/certs/dedicated/TrustAsiaSMIMERSARootCA.cer> >> / crt.sh >> >> <https://crt.sh/?q=C7796BEB62C101BB143D262A7C96A0C6168183223EF50D699632D86E03B8CC9B> >> - >> >> Intended use cases served/EKUs: >> - >> >> Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Test websites: N/A >> >> >> >> 3. >> >> TrustAsia TLS ECC Root CA: >> - >> >> Certificate download links: CA Repository >> >> <https://repository.trustasia.com/repo/certs/dedicated/TrustAsiaTLSECCRootCA.cer> >> / crt.sh >> >> <https://crt.sh/?q=C0076B9EF0531FB1A656D67C4EBE97CD5DBAA41EF44598ACC2489878C92D8711> >> - >> >> Intended use cases served/EKUs: >> - >> >> Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Test websites: >> - >> >> Valid: https://ev-ecctls-valid.trustasia.com >> - >> >> Revoked: https://ev-ecctls-revoked.trustasia.com >> - >> >> Expired: https://ev-ecctls-expired.trustasia.com >> >> >> >> 4. >> >> TrustAsia TLS RSA Root CA: >> - >> >> Certificate download links: CA Repository >> >> <https://repository.trustasia.com/repo/certs/dedicated/TrustAsiaTLSRSARootCA.cer> >> / crt.sh >> >> <https://crt.sh/?q=06C08D7DAFD876971EB1124FE67F847EC0C7A158D3EA53CBE940E2EA9791F4C3> >> - >> >> Intended use cases served/EKUs: >> - >> >> Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Test websites: >> - >> >> Valid: https://ev-rsatls-valid.trustasia.com >> - >> >> Revoked: https://ev-rsatls-revoked.trustasia.com >> - >> >> Expired: https://ev-rsatls-expired.trustasia.com >> >> Existing Publicly Trusted Root CAs from TrustAsia: >> >> 1. >> >> TrustAsia Global Root CA G3: >> - >> >> Certificate download links: (CA Repository >> >> <https://repository.trustasia.com/repo/certs/rsa-g3/TrustAsiaGlobalRootCAG3.cer> >> /crt.sh >> >> <https://crt.sh/?q=E0D3226AEB1163C2E48FF9BE3B50B4C6431BE7BB1EACC5C36B5D5EC509039A08> >> ) >> - >> >> Intended use cases served/EKUs: >> >> >> - >> >> Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 >> - >> >> Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Code Signing 1.3.6.1.5.5.7.3.3 >> - >> >> Document Signing AATL 1.2.840.113583.1.1.5 >> - >> >> Document Signing MS 1.3.6.1.4.1.311.10.3.12 >> - >> >> Time Stamping 1.3.6.1.5.5.7.3.8 >> >> >> - >> >> Certificate corpus: (legacy Censys Search >> >> <https://search.censys.io/search?resource=certificates&q=E0D3226AEB1163C2E48FF9BE3B50B4C6431BE7BB1EACC5C36B5D5EC509039A08%09+and+labels%3Dever-trusted> >> login required) (new Censys Platform >> >> <https://platform.censys.io/search?q=%28cert.labels+%3D+%22ever-trusted%22%29+and+cert.parsed.issuer.organization+%3D+%22TrustAsia+Technologies%2C+Inc.%22> >> login required and free accounts may be limited) >> - >> >> Included in: Mozilla >> >> >> 2. >> >> TrustAsia Global Root CA G4: >> - >> >> Certificate download links: (CA Repository >> >> <https://repository.trustasia.com/repo/certs/ecc-g4/TrustAsiaGlobalRootCAG4.cer> >> /crt.sh >> >> <https://crt.sh/?q=BE4B56CB5056C0136A526DF444508DAA36A0B54F42E4AC38F72AF470E479654C> >> ) >> - >> >> Intended use cases served/EKUs: >> >> >> - >> >> Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 >> - >> >> Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Code Signing 1.3.6.1.5.5.7.3.3 >> - >> >> Document Signing AATL 1.2.840.113583.1.1.5 >> - >> >> Document Signing MS 1.3.6.1.4.1.311.10.3.12 >> - >> >> Time Stamping 1.3.6.1.5.5.7.3.8 >> >> >> - >> >> Certificate corpus: (legacy Censys Search >> >> <https://search.censys.io/search?resource=certificates&q=BE4B56CB5056C0136A526DF444508DAA36A0B54F42E4AC38F72AF470E479654C%09+and+labels%3Dever-trusted> >> login required) (new Censys Platform >> >> <https://platform.censys.io/search?q=%28cert.labels+%3D+%22ever-trusted%22%29+and+cert.parsed.issuer.organization+%3D+%22TrustAsia+Technologies%2C+Inc.%22> >> login required and free accounts may be limited) >> - >> >> Included in: Mozilla >> >> Relevant Policy and Practices Documentation: >> >> - >> >> CP/CPS: >> >> https://repository.trustasia.com/repo/cps/TrustAsia-Global-CP-CPS_EN_V2.0.1.pdf >> >> >> Most Recent Self-Assessment: >> >> - >> >> >> >> https://repository.trustasia.com/repo/ccadb/TrustAsia_CCADB_Self_Assessment_v1.4.1_TrustAsia_202410.xlsx >> >> >> Audit Statements: >> >> - >> >> Auditor: Anthony Kam & Associates Ltd. >> - >> >> Audit Criteria: WebTrust >> - >> >> Recent Audit Statement(s): >> - >> >> Key Generation >> >> <https://repository.trustasia.com/repo/ccadb/TrustAsia_KGC_Report_20240614.pdf> >> (May 15, 2024) >> - >> >> Standard Audit >> >> <https://www.cpacanada.ca/api/getPDFWebTrust?attachmentId=d21a17b2-b089-4847-a9c6-f55239f76ed1> >> (Period: August 1, 2023 to July 31, 2024) >> - >> >> NetSec Audit >> >> <https://www.cpacanada.ca/api/getPDFWebTrust?attachmentId=e6fccae8-47f1-41da-a597-49f608d96ae7> >> (Period: August 1, 2023 to July 31, 2024) >> - >> >> TLS BR Audit >> >> <https://www.cpacanada.ca/api/getPDFWebTrust?attachmentId=a8e69828-d765-4fe1-81e9-15971621c7e2> >> (Period: August 1, 2023 to July 31, 2024) >> - >> >> TLS EVG Audit >> >> <https://www.cpacanada.ca/api/getPDFWebTrust?attachmentId=c1171bd1-4f04-4c3a-bb92-ef85f5e74573> >> (Period: August 1, 2023 to July 31, 2024) >> - >> >> S/MIME BR Audit >> >> <https://www.cpacanada.ca/api/getPDFWebTrust?attachmentId=ddc533c8-15c4-4789-abeb-9f5f10c7ac2d> >> (Period: August 1, 2023 to July 31, 2024) >> >> Incident Summary (Bugzilla incidents from previous 24 months): >> >> - >> >> None >> >> >> Thank you >> >> -Chris, on behalf of the CCADB Steering Committee >> >> -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mADYCFP_OXKf%2BT9uNx3%2BOCkr%3Db0tznUZc7J0mPxHW45kQ%40mail.gmail.com.
