Re: EV-enablement Request of Identrust

2020-08-03 Thread Ben Wilson via dev-security-policy
Based on the record in Bugzilla Case 1551703 and the CCADB Case 417 (
https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0417)
, and receiving no further comments, I have recommended approval of this
request to EV-enable the Identrust Commercial Root CA 1.  See
https://bugzilla.mozilla.org/show_bug.cgi?id=1551703#c13


On Fri, Jul 31, 2020 at 10:28 AM Ben Wilson  wrote:

> Today is the close of the comment period for the Identrust EV enablement
> request. I don't believe we have received any comments, and I intend to
> recommend that this request be approved unless there are any reasons why
> the request should be denied.
> Thanks,
> Ben
>
> On Fri, Jul 10, 2020 at 4:05 PM Ben Wilson  wrote:
>
>> This is a request to EV-enable the IdenTrust Commercial Root CA 1, as
>> documented here:
>>
>> https://bugzilla.mozilla.org/show_bug.cgi?id=1551703
>>
>> *  Summary of Information Gathered and Verified:
>>
>>
>> https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0417
>>
>> *  SHA2 hash for Root CA Certificate:
>> 5D56499BE4D2E08BCFCAD08A3E38723D50503BDE706948E42F55603019E528AE
>>
>> *  Root Certificate Download URL:
>>
>> http://validation.identrust.com/roots/commercialrootca1.p7c
>>
>> *  Identrust’s BR Self Assessment is located here:
>>
>> https://bugzilla.mozilla.org/attachment.cgi?id=9153636 (Excel
>> Spreadsheet Download)
>>
>> *  CPS:
>>
>>
>> https://www.identrust.com/sites/default/files/resources/identrust_trustid_cps_v4.7.3_06.15.2020.pdf
>>
>> *  Test Website:
>>
>> https://ev-valid.identrustssl.com/
>>
>> *  EV Policy OIDs:
>>
>> 2.16.840.1.113839.0.6.9,  2.23.140.1.1
>>
>> * CRL URL:
>>
>> http://validation.identrust.com/crl/commercialrootca1.crl
>>
>> *  OCSP URL:
>>
>> http://commercial.ocsp.identrust.com
>>
>> *  Audit:
>>
>> A period of time WebTrust EV annual audit report was provided on August
>> 16, 2019, by Schellman & Company, LLC, a licensed WebTrust auditor. That
>> and other WebTrust audit reports are available from the bottom of the
>> following applicant page:
>> https://www.identrust.com/support/documents/trustid.
>>
>>
>> I’ve reviewed the CPS, BR Self Assessment, and related information for
>> this inclusion request.  Comments and concerns regarding the CPS were
>> satisfactorily addressed as noted in
>> https://bugzilla.mozilla.org/show_bug.cgi?id=1551703.  I now recommend
>> that the IdenTrust Commercial Root CA 1 be enabled for Extended Validation
>> treatment.
>>
>>
>> This begins the 3-week comment period for this request.
>>
>>
>> I will greatly appreciate your thoughtful and constructive feedback on
>> Identrust’s request.
>>
>> Sincerely yours,
>>
>> Ben Wilson
>>
>>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy


Re: EV-enablement Request of Identrust

2020-07-31 Thread Ben Wilson via dev-security-policy
Today is the close of the comment period for the Identrust EV enablement
request. I don't believe we have received any comments, and I intend to
recommend that this request be approved unless there are any reasons why
the request should be denied.
Thanks,
Ben

On Fri, Jul 10, 2020 at 4:05 PM Ben Wilson  wrote:

> This is a request to EV-enable the IdenTrust Commercial Root CA 1, as
> documented here:
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=1551703
>
> *  Summary of Information Gathered and Verified:
>
>
> https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0417
>
> *  SHA2 hash for Root CA Certificate:
> 5D56499BE4D2E08BCFCAD08A3E38723D50503BDE706948E42F55603019E528AE
>
> *  Root Certificate Download URL:
>
> http://validation.identrust.com/roots/commercialrootca1.p7c
>
> *  Identrust’s BR Self Assessment is located here:
>
> https://bugzilla.mozilla.org/attachment.cgi?id=9153636 (Excel Spreadsheet
> Download)
>
> *  CPS:
>
>
> https://www.identrust.com/sites/default/files/resources/identrust_trustid_cps_v4.7.3_06.15.2020.pdf
>
> *  Test Website:
>
> https://ev-valid.identrustssl.com/
>
> *  EV Policy OIDs:
>
> 2.16.840.1.113839.0.6.9,  2.23.140.1.1
>
> * CRL URL:
>
> http://validation.identrust.com/crl/commercialrootca1.crl
>
> *  OCSP URL:
>
> http://commercial.ocsp.identrust.com
>
> *  Audit:
>
> A period of time WebTrust EV annual audit report was provided on August
> 16, 2019, by Schellman & Company, LLC, a licensed WebTrust auditor. That
> and other WebTrust audit reports are available from the bottom of the
> following applicant page:
> https://www.identrust.com/support/documents/trustid.
>
>
> I’ve reviewed the CPS, BR Self Assessment, and related information for
> this inclusion request.  Comments and concerns regarding the CPS were
> satisfactorily addressed as noted in
> https://bugzilla.mozilla.org/show_bug.cgi?id=1551703.  I now recommend
> that the IdenTrust Commercial Root CA 1 be enabled for Extended Validation
> treatment.
>
>
> This begins the 3-week comment period for this request.
>
>
> I will greatly appreciate your thoughtful and constructive feedback on
> Identrust’s request.
>
> Sincerely yours,
>
> Ben Wilson
>
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy