Re: Audit Reminder Email Summary

2021-03-16 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of March 2021 Audit Reminder Emails
Date: Tue, 16 Mar 2021 19:02:12 + (GMT)

Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239757

Standard Audit Period End Date: 2020-02-07
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239758

BR Audit Period End Date: 2020-02-07
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854

Standard Audit Period End Date: 2019-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855

BR Audit Period End Date: 2019-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 3**
   Hongkong Post Root CA 1**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238797

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238798

BR Audit Period End Date: 2019-12-31
EV Audit: https://www.ecert.gov.hk/ev/Webtrust_EVSSL_2019.pdf
EV Audit Period End Date: 2019-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239021

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239022

BR Audit Period End Date: 2019-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239023

EV Audit Period End Date: 2019-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   AC RAIZ FNMT-RCM SERVIDORES SEGUROS
   FNMT-RCM - SHA256
Standard Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf

Standard Audit Period End Date: 2020-01-12
BR Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%201%20ETSI%20319%20411-2%20PSC-2019-003%20-%20FNMT-v2.pdf

BR Audit Period End Date: 2020-01-12
BR Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf

BR Audit Period End Date: 2020-01-12
EV Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%201%20ETSI%20319%20411-2%20PSC-2019-003%20-%20FNMT-v2.pdf

EV Audit Period End Date: 2020-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
   TWCA Global Root CA**
   TWCA Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238799

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238800

BR Audit Period End Date: 2019-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238801

EV Audit Period End Date: 2019-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189

Standard Audit Period End Date: 2020-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
BR Audit Period End Date: 2020-01-15
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
   Certum Trusted Network CA 2
   Certum CA
   Certum Trusted Network CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239794

Standard Audit Period End Date: 2020-02-10
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239795

BR Audit Period End Date: 2020-02-10
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239796

EV Audit Period End Date: 2020-02-10
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden EV Root CA
Standard Audit:

Re: Audit Reminder Email Summary

2021-02-16 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of February 2021 Audit Reminder Emails
Date: Tue, 16 Feb 2021 20:01:02 + (GMT)


Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854

Standard Audit Period End Date: 2019-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855

BR Audit Period End Date: 2019-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 3
   Hongkong Post Root CA 1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238797

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238798

BR Audit Period End Date: 2019-12-31
EV Audit: https://www.ecert.gov.hk/ev/Webtrust_EVSSL_2019.pdf
EV Audit Period End Date: 2019-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239021

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239022

BR Audit Period End Date: 2019-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239023

EV Audit Period End Date: 2019-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf

Standard Audit Period End Date: 2020-01-12
BR Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf

BR Audit Period End Date: 2020-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238799

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238800

BR Audit Period End Date: 2019-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238801

EV Audit Period End Date: 2019-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189

Standard Audit Period End Date: 2020-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
BR Audit Period End Date: 2020-01-15
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden EV Root CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238851

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238852

BR Audit Period End Date: 2019-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238853

EV Audit Period End Date: 2019-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Amazon Trust Services
Root Certificates:
   Amazon Root CA 3
   Amazon Root CA 2
   Amazon Root CA 1
   Amazon Root CA 4
   Starfield Services Root Certificate Authority - G2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239088

Standard Audit Period End Date: 2020-01-15
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239089

BR Audit Period End Date: 2020-01-15
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239090

EV Audit Period End Date: 2020-01-15
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Buypass
Root Certificates:
   Buypass Class 2 Root CA**
   Buypass Class 3 Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

Standard Audit Period End Date: 2019-10-31
BR Audit:

Re: Audit Reminder Email Summary

2021-01-19 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of January 2021 Audit Reminder Emails
Date: Tue, 19 Jan 2021 20:00:30 + (GMT)

Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854

Standard Audit Period End Date: 2019-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855

BR Audit Period End Date: 2019-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 3
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238797

Standard Audit Period End Date: 2019-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238798

BR Audit Period End Date: 2019-12-31
EV Audit: https://www.ecert.gov.hk/ev/Webtrust_EVSSL_2019.pdf
EV Audit Period End Date: 2019-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Buypass
Root Certificates:
   Buypass Class 2 Root CA**
   Buypass Class 3 Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

Standard Audit Period End Date: 2019-10-31
BR Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

BR Audit Period End Date: 2019-10-31
EV Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

EV Audit Period End Date: 2019-10-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Dhimyotis / Certigna
Root Certificates:
   Certigna Root CA**
   Certigna**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://lsti-certification.fr/images/23_1377_AT_V10__LSTI_-_Attestation_letter_2020.pdf

Standard Audit Period End Date: 2019-10-18
BR Audit: 
https://lsti-certification.fr/images/23_1377_AT_V10__LSTI_-_Attestation_letter_2020.pdf

BR Audit Period End Date: 2019-10-18
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-12-15 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of December 2020 Audit Reminder Emails
Date: Tue, 15 Dec 2020 20:00:28 + (GMT)

Mozilla: Audit Reminder
CA Owner: DigiCert
Root Certificates:
   Symantec Class 2 Public Primary Certification Authority - G6
   Symantec Class 1 Public Primary Certification Authority - G6
   VeriSign Universal Root Certification Authority
   Baltimore CyberTrust Root
   Cybertrust Global Root
   DigiCert Assured ID Root CA
   DigiCert Assured ID Root G2
   GeoTrust Primary Certification Authority - G2
   DigiCert Trusted Root G4
   DigiCert Assured ID Root G3
   VeriSign Class 1 Public Primary Certification Authority - G3
   VeriSign Class 2 Public Primary Certification Authority - G3
Standard Audit: 
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123453

Standard Audit Period End Date: 2019-10-31
Standard Audit: 
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123443

Standard Audit Period End Date: 2019-10-31
Standard Audit: 
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123448

Standard Audit Period End Date: 2019-10-31
BR Audit:
BR Audit Period End Date:
BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123452
BR Audit Period End Date: 2019-10-31
BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123442
BR Audit Period End Date: 2019-10-31
BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123447
BR Audit Period End Date: 2019-10-31
EV Audit:
EV Audit Period End Date:
EV Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123454
EV Audit Period End Date: 2019-10-31
EV Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123445
EV Audit Period End Date: 2019-10-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: D-TRUST
Root Certificates:
   D-TRUST Root CA 3 2013**
   D-TRUST Root Class 3 CA 2 2009**
   D-TRUST Root Class 3 CA 2 EV 2009**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120301_D-TRUST_Root_CA3_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf

BR Audit Period End Date: 2019-10-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

BR Audit Period End Date: 2019-10-07
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

EV Audit Period End Date: 2019-10-07
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SwissSign AG
Root Certificates:
   SwissSign Gold CA - G2**
   SwissSign Platinum CA - G2**
   SwissSign Silver CA - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

Standard Audit Period End Date: 2019-10-02
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121901_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf

Standard Audit Period End Date: 2019-09-27
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

Standard Audit Period End Date: 2019-09-27
BR Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

BR Audit Period End Date: 2019-10-02
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

BR Audit Period End Date: 2019-09-27
EV Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

EV Audit Period End Date: 2019-10-02
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Buypass
Root Certificates:
   Buypass Class 2 Root CA
   Buypass Class 3 Root CA
Standard Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

Standard Audit Period End Date: 2019-10-31
BR Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf

BR Audit Period End Date: 2019-10-31
EV Audit:

Re: Audit Reminder Email Summary

2020-11-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of November 2020 Audit Reminder Emails
Date: Tue, 17 Nov 2020 20:01:50 + (GMT)

Mozilla: Audit Reminder
CA Owner: Google Trust Services LLC (GTS)
Root Certificates:
   GTS Root R2
   GTS Root R3
   GTS Root R4
   GTS Root R1
   GlobalSign
   GlobalSign
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236832

Standard Audit Period End Date: 2019-09-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236833

BR Audit Period End Date: 2019-09-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: D-TRUST
Root Certificates:
   D-TRUST Root CA 3 2013
   D-TRUST Root Class 3 CA 2 2009
   D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120301_D-TRUST_Root_CA3_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

Standard Audit Period End Date: 2019-10-07
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf

BR Audit Period End Date: 2019-10-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

BR Audit Period End Date: 2019-10-07
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf

EV Audit Period End Date: 2019-10-07
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: E-Tugra
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

Standard Audit Period End Date: 2019-07-26
BR Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

BR Audit Period End Date: 2019-07-26
EV Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

EV Audit Period End Date: 2019-07-26

CA Comments:  https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 -- 
audit delay due to Covid19.




Mozilla: Audit Reminder
CA Owner: SwissSign AG
Root Certificates:
   SwissSign Gold CA - G2
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

Standard Audit Period End Date: 2019-10-02
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121901_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf

Standard Audit Period End Date: 2019-09-27
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

Standard Audit Period End Date: 2019-09-27
BR Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

BR Audit Period End Date: 2019-10-02
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

BR Audit Period End Date: 2019-09-27
EV Audit: 
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

EV Audit Period End Date: 2019-10-02
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SecureTrust
Root Certificates:
   Secure Global CA
   SecureTrust CA
   Trustwave Global ECC P256 Certification Authority
   Trustwave Global Certification Authority
   Trustwave Global ECC P384 Certification Authority
   XRamp Global Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=237400

Standard Audit Period End Date: 2019-09-30
BR Audit: 
https://certs.securetrust.com/CA/2%20-%20SecureTrust%202019%20SSL%20BL%20Report.pdf

BR Audit Period End Date: 2019-09-30
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=237401

EV Audit Period End Date: 2019-09-30
CA Comments: Changed CA Name from Trustwave to SecureTrust on February 
1, 2019.





___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-10-20 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of October 2020 Audit Reminder Emails
Date: Tue, 20 Oct 2020 19:00:26 + (GMT)


Mozilla: Audit Reminder
CA Owner: Internet Security Research Group (ISRG)
Root Certificates:
   ISRG Root X1**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238186

Standard Audit Period End Date: 2019-08-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238187

BR Audit Period End Date: 2019-08-31
CA Comments: null



Mozilla: Your root is in danger of being removed
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority**
   USERTrust ECC Certification Authority**
   AAA Certificate Services**
   COMODO Certification Authority**
   COMODO ECC Certification Authority**
   USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1648593
Audit statements provided via Bugzilla. Waiting for WebTrust Seals



Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

Standard Audit Period End Date: 2019-07-26
BR Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

BR Audit Period End Date: 2019-07-26
EV Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

EV Audit Period End Date: 2019-07-26

CA Comments:  https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 -- 
audit delay due to Covid19.





Mozilla: Audit Reminder
CA Owner: Microsec Ltd.
Root Certificates:
   Microsec e-Szigno Root CA 2009
   e-Szigno Root CA 2017
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121301_Microsec-eSzignoRoot-CA-2009_V1.2_s.pdf

Standard Audit Period End Date: 2019-09-14
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121302_e-Szigno-Root-CA-2017_V1.1_s.pdf

Standard Audit Period End Date: 2019-09-14
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121301_Microsec-eSzignoRoot-CA-2009_V1.2_s.pdf

BR Audit Period End Date: 2019-09-14
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121302_e-Szigno-Root-CA-2017_V1.1_s.pdf

BR Audit Period End Date: 2019-09-14
CA Comments: null



Mozilla: Audit Reminder
CA Owner: NetLock Ltd.
Root Certificates:
   NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit: 
http://eng.matrix-tanusito.hu/wp-content/uploads/2019/11/I-NL19T2_TAN.EN_TAN.ME-01_signed.pdf

Standard Audit Period End Date: 2019-09-03
BR Audit: 
http://eng.matrix-tanusito.hu/wp-content/uploads/2019/11/I-NL19T2_TAN.EN_TAN.ME-01_signed.pdf

BR Audit Period End Date: 2019-09-03
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1**
   Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693

Standard Audit Period End Date: 2019-06-06
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694

BR Audit Period End Date: 2019-06-06
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695

EV Audit Period End Date: 2019-06-06

CA Comments: CA is updating the test websites



Mozilla: Audit Reminder
CA Owner: China Financial Certification Authority (CFCA)
Root Certificates:
   CFCA EV ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236836

Standard Audit Period End Date: 2019-07-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236837

BR Audit Period End Date: 2019-07-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236838

EV Audit Period End Date: 2019-07-31
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-09-18 Thread Kathleen Wilson via dev-security-policy 

On 9/15/20 3:21 PM, Kathleen Wilson wrote:

 Forwarded Message 
Subject: Summary of September 2020 Audit Reminder Emails





Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
    E-Tugra Certification Authority
Standard Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

Standard Audit Period End Date: 2019-07-26
BR Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

BR Audit Period End Date: 2019-07-26
EV Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

EV Audit Period End Date: 2019-07-26
CA Comments: null




E-Tugra's representative has reminded me that they filed 
https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 to inform us of 
audit delay due to Covid19.


Thanks,
Kathleen

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-09-15 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of September 2020 Audit Reminder Emails
Date: Tue, 15 Sep 2020 19:00:12 + (GMT)


Mozilla: Overdue Audit Statements
CA Owner: eMudhra Technologies Limited
Root Certificates:
   emSign Root CA - C1**
   emSign ECC Root CA - C3**
   emSign ECC Root CA - G3**
   emSign Root CA - G1**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196

BR Audit Period End Date: 2019-05-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204

EV Audit Period End Date: 2019-05-31

CA Comments: Audit statements pass ALV. Waiting for test website updates.



Mozilla: Your root is in danger of being removed
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority**
   USERTrust ECC Certification Authority**
   AAA Certificate Services**
   COMODO Certification Authority**
   COMODO ECC Certification Authority**
   USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31

CA Comments: Audit statements provided via Bugzilla. Waiting for 
WebTrust Seals




Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

Standard Audit Period End Date: 2019-07-26
BR Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

BR Audit Period End Date: 2019-07-26
EV Audit: 
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf

EV Audit Period End Date: 2019-07-26
CA Comments: null



Mozilla: Audit Reminder
CA Owner: GoDaddy
Root Certificates:
   Go Daddy Class 2 CA**
   Go Daddy Root Certificate Authority - G2**
   Starfield Class 2 CA**
   Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234200

Standard Audit Period End Date: 2019-06-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234201

BR Audit Period End Date: 2019-06-30
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234202

EV Audit Period End Date: 2019-06-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST Root CA X3
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236834

Standard Audit Period End Date: 2019-06-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236835

BR Audit Period End Date: 2019-06-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1**
   Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693

Standard Audit Period End Date: 2019-06-06
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694

BR Audit Period End Date: 2019-06-06
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695

EV Audit Period End Date: 2019-06-06
CA Comments: null



Mozilla: Audit Reminder
CA Owner: China Financial Certification Authority (CFCA)
Root Certificates:
   CFCA EV ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236836

Standard Audit Period End Date: 2019-07-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236837

BR Audit Period End Date: 2019-07-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236838

EV Audit Period End Date: 2019-07-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SSL.com
Root Certificates:
   SSL.com EV Root Certification Authority ECC
   SSL.com Root Certification Authority ECC
   SSL.com Root Certification Authority RSA
   SSL.com EV Root Certification Authority RSA R2
Standard Audit:

Re: Audit Reminder Email Summary

2020-08-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of August 2020 Audit Reminder Emails
Date: Tue, 18 Aug 2020 19:00:34 + (GMT)

Mozilla: Audit Reminder
CA Owner: eMudhra Technologies Limited
Root Certificates:
   emSign Root CA - C1
   emSign ECC Root CA - C3
   emSign ECC Root CA - G3
   emSign Root CA - G1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196

BR Audit Period End Date: 2019-05-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204

EV Audit Period End Date: 2019-05-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Chunghwa Telecom
Root Certificates:
   Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232565

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232566

BR Audit Period End Date: 2019-05-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority**
   USERTrust ECC Certification Authority**
   AAA Certificate Services**
   COMODO Certification Authority**
   COMODO ECC Certification Authority**
   USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: GoDaddy
Root Certificates:
   Go Daddy Class 2 CA
   Go Daddy Root Certificate Authority - G2
   Starfield Class 2 CA
   Starfield Root Certificate Authority - G2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234200

Standard Audit Period End Date: 2019-06-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234201

BR Audit Period End Date: 2019-06-30
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234202

EV Audit Period End Date: 2019-06-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST Root CA X3
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236834

Standard Audit Period End Date: 2019-06-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236835

BR Audit Period End Date: 2019-06-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693

Standard Audit Period End Date: 2019-06-06
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694

BR Audit Period End Date: 2019-06-06
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695

EV Audit Period End Date: 2019-06-06
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SSL.com
Root Certificates:
   SSL.com EV Root Certification Authority ECC
   SSL.com Root Certification Authority ECC
   SSL.com Root Certification Authority RSA
   SSL.com EV Root Certification Authority RSA R2
Standard Audit: 
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTCA-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf

Standard Audit Period End Date: 2019-06-30
BR Audit: 
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTBR-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf

BR Audit Period End Date: 2019-06-30
EV Audit: 
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTEV-SSL-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf

EV Audit Period End Date: 2019-06-30
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-07-27 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of July 2020 Audit Reminder Emails
Date: Tue, 21 Jul 2020 19:00:13 + (GMT)


Mozilla: Audit Reminder
CA Owner: eMudhra Technologies Limited
Root Certificates:
   emSign Root CA - C1
   emSign ECC Root CA - C3
   emSign ECC Root CA - G3
   emSign Root CA - G1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196

BR Audit Period End Date: 2019-05-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204

EV Audit Period End Date: 2019-05-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Actalis
Root Certificates:
   Actalis Authentication Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx

BR Audit Period End Date: 2019-05-31
EV Audit: 
https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx

EV Audit Period End Date: 2019-05-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Disig, a.s.
Root Certificates:
   CA Disig Root R2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://eidas.disig.sk/pdf/Audit2019_report.pdf
Standard Audit Period End Date: 2019-05-24
BR Audit: https://eidas.disig.sk/pdf/Audit2019_report.pdf
BR Audit Period End Date: 2019-05-24
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Chunghwa Telecom
Root Certificates:
   Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232565

Standard Audit Period End Date: 2019-05-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232566

BR Audit Period End Date: 2019-05-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority**
   USERTrust ECC Certification Authority**
   AAA Certificate Services**
   COMODO Certification Authority**
   COMODO ECC Certification Authority**
   USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: GlobalSign
Root Certificates:
   GlobalSign**
   GlobalSign**
   GlobalSign**
   GlobalSign Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231566

Standard Audit Period End Date: 2019-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9112465
BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231568

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat 
Valenciana (ACCV)

Root Certificates:
   ACCVRAIZ1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232656

Standard Audit Period End Date: 2019-04-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232657

BR Audit Period End Date: 2019-04-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Government of Taiwan, Government Root Certification Authority 
(GRCA)

Root Certificates:
   Government Root Certification Authority - Taiwan**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_XCA_WTCA_Audit_Report_2019.pdf

Standard Audit Period End Date: 2019-03-31
BR Audit: 
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_BR_Audit_Report_2019.pdf

BR Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Izenpe S.A.
Root Certificates:
   Izenpe.com
Standard Audit: 
http://lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_1652-127_V21_S_copie.pdf

Standard Audit Period End Date: 2019-05-24
BR Audit: 
http://lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_1652-127_V21_S_copie.pdf

BR Audit Period End Date: 2019-05-24
EV Audit:

Re: Audit Reminder Email Summary

2020-06-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of June 2020 Audit Reminder Emails
Date: Tue, 16 Jun 2020 19:00:31 + (GMT)


Mozilla: Audit Reminder
CA Owner: Shanghai Electronic Certification Authority Co., Ltd. (SHECA)
Root Certificates:
   UCA Extended Validation Root
   UCA Global G2 Root
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230630

Standard Audit Period End Date: 2019-04-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230631

BR Audit Period End Date: 2019-04-30
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230632

EV Audit Period End Date: 2019-04-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Atos
Root Certificates:
   Atos TrustedRoot 2011**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-D4601883F55A11E9B50B005056A04F41-_v2%5BdownloadKey%5D=ebe97140cee29a7c498ca32f1d76cc2143a5a383%5Baction%5D=downloadDocument=f86244b64421ebaad940

Standard Audit Period End Date: 2019-04-28
BR Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-D4601883F55A11E9B50B005056A04F41-_v2%5BdownloadKey%5D=ebe97140cee29a7c498ca32f1d76cc2143a5a383%5Baction%5D=downloadDocument=f86244b64421ebaad940

BR Audit Period End Date: 2019-04-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   USERTrust RSA Certification Authority
Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
BR Audit:
BR Audit Period End Date:
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
   EC-ACC
Standard Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-2%20PSC-CAOC_v4.pdf

Standard Audit Period End Date: 2019-03-28
BR Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-CAOC_v4.pdf

BR Audit Period End Date: 2019-03-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: GlobalSign
Root Certificates:
   GlobalSign
   GlobalSign
   GlobalSign
   GlobalSign Root CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231566

Standard Audit Period End Date: 2019-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9112465
BR Audit Period End Date: 2019-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231568

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat 
Valenciana (ACCV)

Root Certificates:
   ACCVRAIZ1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232656

Standard Audit Period End Date: 2019-04-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232657

BR Audit Period End Date: 2019-04-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Taiwan, Government Root Certification Authority 
(GRCA)

Root Certificates:
   Government Root Certification Authority - Taiwan
Standard Audit: 
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_XCA_WTCA_Audit_Report_2019.pdf

Standard Audit Period End Date: 2019-03-31
BR Audit: 
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_BR_Audit_Report_2019.pdf

BR Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: HARICA
Root Certificates:
   Hellenic Academic and Research Institutions RootCA 2011
   Hellenic Academic and Research Institutions ECC RootCA 2015
   Hellenic Academic and Research Institutions RootCA 2015
Standard Audit: 
https://repo.harica.gr/documents/HARICA-AUDIT_ATTESTATION_W_ANNEX_290617-7-R2-AA-text.pdf

Standard Audit Period End Date: 2019-03-29
BR Audit: 
https://repo.harica.gr/documents/HARICA-AUDIT_ATTESTATION_W_ANNEX_290617-7-R2-AA-text.pdf

BR Audit Period End Date: 2019-03-29
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Telia Company (formerly TeliaSonera)
Root Certificates:
   Sonera Class2 CA
   TeliaSonera Root CA v1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231161

Standard Audit

Re: Audit Reminder Email Summary

2020-05-19 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of May 2020 Audit Reminder Emails
Date: Tue, 19 May 2020 19:00:17 + (GMT)


Mozilla: Audit Reminder
CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly 
Guang Dong Certificate Authority (GDCA))

Root Certificates:
   GDCA TrustAUTH R5 ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229546

Standard Audit Period End Date: 2019-02-28
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229547

BR Audit Period End Date: 2019-02-28
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229548

EV Audit Period End Date: 2019-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: LuxTrust
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: 
https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf

Standard Audit Period End Date: 2019-03-29
BR Audit: 
https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf

BR Audit Period End Date: 2019-03-29
EV Audit: 
https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf

EV Audit Period End Date: 2019-03-29
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SK ID Solutions AS
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf

Standard Audit Period End Date: 2019-03-01
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf

BR Audit Period End Date: 2019-03-01
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Autoridad de Certificacion Firmaprofesional
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf

Standard Audit Period End Date: 2019-03-27
BR Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf

BR Audit Period End Date: 2019-03-27
EV Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf

EV Audit Period End Date: 2019-03-27
CA Comments: null



Mozilla: Audit Reminder
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230425

Standard Audit Period End Date: 2019-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9072794
BR Audit Period End Date: 2019-03-28
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236204

BR Audit Period End Date: 2019-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9072794
EV Audit Period End Date: 2019-03-28
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553

Standard Audit Period End Date: 2019-02-08
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551

BR Audit Period End Date: 2019-02-08
CA Comments: Audit statements provided, waiting for Seals to be provided 
by CPA Canada.




Mozilla: Audit Reminder
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   USERTrust RSA Certification Authority
Standard Audit: 
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178

Standard Audit Period End Date: 2019-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163

BR Audit Period End Date: 2019-03-31
BR Audit:
BR Audit Period End Date:
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
   EC-ACC
Standard Audit: 
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-2%20PSC-CAOC_v4.pdf

Standard Audit Period End Date: 2019-03-28
BR Audit:

Re: Audit Reminder Email Summary

2020-04-21 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of April 2020 Audit Reminder Emails
Date: Tue, 21 Apr 2020 19:00:09 + (GMT)


Mozilla: Audit Reminder
CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly 
Guang Dong Certificate Authority (GDCA))

Root Certificates:
   GDCA TrustAUTH R5 ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229546

Standard Audit Period End Date: 2019-02-28
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229547

BR Audit Period End Date: 2019-02-28
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229548

EV Audit Period End Date: 2019-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SK ID Solutions AS
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf

Standard Audit Period End Date: 2019-03-01
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf

BR Audit Period End Date: 2019-03-01
CA Comments: null



Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553

Standard Audit Period End Date: 2019-02-08
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551

BR Audit Period End Date: 2019-02-08
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Cybertrust Japan / JCSI
Root Certificates:
   SecureSign RootCA11**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229662

Standard Audit Period End Date: 2019-02-28
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229661

BR Audit Period End Date: 2019-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Entrust
Root Certificates:
   Entrust Root Certification Authority - EC1
   Entrust Root Certification Authority - G2
   Entrust Root Certification Authority - G4
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
   Entrust Root Certification Authority
   Entrust.net Certification Authority (2048)
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230012

Standard Audit Period End Date: 2019-02-28
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230013

Standard Audit Period End Date: 2019-02-28
BR Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/ecs/2019-entrust-baseline-requirements-report.pdf

BR Audit Period End Date: 2019-02-28
BR Audit: 
https://www.affirmtrust.com/wp-content/uploads/2019-AFT-Baseline-Requirements-report.pdf

BR Audit Period End Date: 2019-02-28
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230012

EV Audit Period End Date: 2019-02-28
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230013

EV Audit Period End Date: 2019-02-28
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Trustis
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305

Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1623472



Mozilla: Audit Reminder
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
   Certum Trusted Network CA 2
   Certum CA
   Certum Trusted Network CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234363

Standard Audit Period End Date: 2019-03-04
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234364

BR Audit Period End Date: 2019-03-04
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234365

EV Audit Period End Date: 2019-03-04
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-03-17 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of March 2020 Audit Reminder Emails
Date: Tue, 17 Mar 2020 19:00:22 + (GMT)

Mozilla: Audit Reminder
CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
   Staat der Nederlanden EV Root CA
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden Root CA - G2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224596

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224597

BR Audit Period End Date: 2018-12-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9119053
BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224598

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226440

Standard Audit Period End Date: 2018-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226441

BR Audit Period End Date: 2018-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553

Standard Audit Period End Date: 2019-02-08
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551

BR Audit Period End Date: 2019-02-08
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227627

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227628

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227629

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
   TWCA Global Root CA**
   TWCA Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225350

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225502

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225503

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305

Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798
Standard Audit Period End Date: 2019-01-12
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798
BR Audit Period End Date: 2019-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Amazon Trust Services
Root Certificates:
   Amazon Root CA 3
   Amazon Root CA 2
   Starfield Services Root Certificate Authority - G2
   Amazon Root CA 1
   Amazon Root CA 4
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227776

Standard Audit Period End Date: 2019-01-15
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=22

BR Audit Period End Date: 2019-01-15
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227778

EV Audit Period End Date: 2019-01-15
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-02-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of February 2020 Audit Reminder Emails
Date: Tue, 18 Feb 2020 20:00:10 + (GMT)


Mozilla: Audit Reminder
CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
   Staat der Nederlanden EV Root CA
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden Root CA - G2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224596

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224597

BR Audit Period End Date: 2018-12-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9119053
BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224598

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226440

Standard Audit Period End Date: 2018-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226441

BR Audit Period End Date: 2018-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 3
   Hongkong Post Root CA 1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225877

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225878

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.ecert.gov.hk/ev/Webtrust%20EV%20SSL%20Report%2020181219_FINAL%20(with%20Management%20Assertion%20Letter).pdf

EV Audit Period End Date: 2018-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227627

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227628

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227629

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225350

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225502

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225503

EV Audit Period End Date: 2018-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305

Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798
Standard Audit Period End Date: 2019-01-12
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798
BR Audit Period End Date: 2019-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Amazon Trust Services
Root Certificates:
   Amazon Root CA 3
   Amazon Root CA 2
   Starfield Services Root Certificate Authority - G2
   Amazon Root CA 1
   Amazon Root CA 4
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227776

Standard Audit Period End Date: 2019-01-15
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=22

BR Audit Period End Date: 2019-01-15
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227778

EV Audit Period End Date: 2019-01-15
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2020-01-21 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject:Summary of January 2020 Audit Reminder Emails
Date:   Tue, 21 Jan 2020 20:00:22 + (GMT)
From:   Mozilla CA Program Manager 
To: kwil...@mozilla.com 


Mozilla: Audit Reminder
CA Owner: Internet Security Research Group (ISRG)
Root Certificates:
   ISRG Root X1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224233

Standard Audit Period End Date: 2018-11-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224234

BR Audit Period End Date: 2018-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226440

Standard Audit Period End Date: 2018-12-18
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226441

BR Audit Period End Date: 2018-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Buypass
Root Certificates:
   Buypass Class 2 Root CA
   Buypass Class 3 Root CA
Standard Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf

Standard Audit Period End Date: 2018-10-31
BR Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf

BR Audit Period End Date: 2018-10-31
EV Audit: 
https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf

EV Audit Period End Date: 2018-10-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Dhimyotis / Certigna
Root Certificates:
   Certigna
   Certigna Root CA
Standard Audit: 
https://www.lsti-certification.fr/images/23-_1373_AT_V3_0.pdf

Standard Audit Period End Date: 2018-11-23
BR Audit: https://www.lsti-certification.fr/images/23-_1373_AT_V3_0.pdf
BR Audit Period End Date: 2018-11-23
CA Comments: null



Mozilla: Audit Reminder
CA Owner: DigiCert
Root Certificates:
   Symantec Class 1 Public Primary Certification Authority - G4
   Symantec Class 2 Public Primary Certification Authority - G4
   Symantec Class 2 Public Primary Certification Authority - G6
   GeoTrust Global CA
   GeoTrust Primary Certification Authority
   GeoTrust Primary Certification Authority - G2
   GeoTrust Primary Certification Authority - G3
   GeoTrust Universal CA
   GeoTrust Universal CA 2
   thawte Primary Root CA
   thawte Primary Root CA - G2
   thawte Primary Root CA - G3
   VeriSign Class 1 Public Primary Certification Authority - G3
   VeriSign Class 2 Public Primary Certification Authority - G3
   VeriSign Class 3 Public Primary Certification Authority - G3
   VeriSign Class 3 Public Primary Certification Authority - G4
   VeriSign Class 3 Public Primary Certification Authority - G5
   VeriSign Universal Root Certification Authority
   Symantec Class 1 Public Primary Certification Authority - G6
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224491

Standard Audit Period End Date: 2018-10-31
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224492

BR Audit Period End Date: 2018-10-31
EV Audit:
EV Audit Period End Date:
EV Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224493

EV Audit Period End Date: 2018-10-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 3
Standard Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225877

Standard Audit Period End Date: 2018-12-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225878

BR Audit Period End Date: 2018-12-31
EV Audit: 
https://www.ecert.gov.hk/ev/Webtrust%20EV%20SSL%20Report%2020181219_FINAL%20(with%20Management%20Assertion%20Letter).pdf

EV Audit Period End Date: 2018-11-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: SwissSign AG
Root Certificates:
   SwissSign Platinum CA - G2**
   SwissSign Silver CA - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122001_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf

Standard Audit Period End Date: 2018-09-28
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

Standard Audit Period End Date: 2018-09-28
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

BR Audit Period End Date:

Re: Audit Reminder Email Summary

2019-11-19 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of November 2019 Audit Reminder Emails
Date: Tue, 19 Nov 2019 20:00:22 + (GMT)

Mozilla: Audit Reminder
CA Owner: D-TRUST
Root Certificates:
   D-TRUST Root CA 3 2013
   D-TRUST Root Class 3 CA 2 2009
   D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120703_D-Trust_Root_CA3_s.pdf

Standard Audit Period End Date: 2018-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120702_D-Trust-Root_Class3_CA2_s.pdf

Standard Audit Period End Date: 2018-10-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf

Standard Audit Period End Date: 2018-10-07
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120702_D-Trust-Root_Class3_CA2_s.pdf

BR Audit Period End Date: 2018-10-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf

BR Audit Period End Date: 2018-10-07
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf

EV Audit Period End Date: 2018-10-07
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Microsec Ltd.
Root Certificates:
   Microsec e-Szigno Root CA 2009
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018121301_Microsec-eSzignoRoot-CA-2009_nonEV-CAs_s.pdf

Standard Audit Period End Date: 2018-09-14
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018121301_Microsec-eSzignoRoot-CA-2009_nonEV-CAs_s.pdf

BR Audit Period End Date: 2018-09-14
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SwissSign AG
Root Certificates:
   SwissSign Gold CA - G2
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

Standard Audit Period End Date: 2018-09-28
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122001_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf

Standard Audit Period End Date: 2018-09-28
Standard Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

Standard Audit Period End Date: 2018-09-28
BR Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

BR Audit Period End Date: 2018-09-28
BR Audit:
BR Audit Period End Date:
BR Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf

BR Audit Period End Date: 2018-09-28
EV Audit: 
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf

EV Audit Period End Date: 2018-09-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SecureTrust
Root Certificates:
   Secure Global CA
   SecureTrust CA
   XRamp Global Certification Authority
Standard Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223500

Standard Audit Period End Date: 2018-09-30
BR Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223501

BR Audit Period End Date: 2018-09-30
EV Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223502

EV Audit Period End Date: 2018-09-30
CA Comments: Changed CA Name from Trustwave to SecureTrust on February 
1, 2019.





___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-10-15 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of October 2019 Audit Reminder Emails
Date: Tue, 15 Oct 2019 19:00:07 + (GMT)


Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

Standard Audit Period End Date: 2018-08-03
BR Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

BR Audit Period End Date: 2018-08-03
EV Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

EV Audit Period End Date: 2018-08-03
CA Comments: null



Mozilla: Audit Reminder
CA Owner: NetLock Ltd.
Root Certificates:
   NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit: 
https://netlock.hu/download/etsi-certification-netlock/?wpdmdl=57340

Standard Audit Period End Date: 2018-09-03
BR Audit: 
https://netlock.hu/download/etsi-certification-netlock/?wpdmdl=57340

BR Audit Period End Date: 2018-09-03
CA Comments: null



Mozilla: Audit Reminder
CA Owner: China Financial Certification Authority (CFCA)
Root Certificates:
   CFCA EV ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223505

Standard Audit Period End Date: 2018-07-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223506

BR Audit Period End Date: 2018-07-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223507

EV Audit Period End Date: 2018-07-31
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-09-17 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of September 2019 Audit Reminder Emails
Date: Tue, 17 Sep 2019 19:00:10 + (GMT)


Mozilla: Your root is in danger of being removed
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root - 2008**
   Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13
CA Comments: null

Note: CA requested updated BR and EV audit statements from their auditor 
for these roots.




Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

Standard Audit Period End Date: 2018-08-03
BR Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

BR Audit Period End Date: 2018-08-03
EV Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf

EV Audit Period End Date: 2018-08-03
CA Comments: null



Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST Root CA X3
Standard Audit: 
https://bug1484318.bmoattachments.org/attachment.cgi?id=9006625

Standard Audit Period End Date: 2018-06-30
BR Audit: https://bug1484318.bmoattachments.org/attachment.cgi?id=9006626
BR Audit Period End Date: 2018-06-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1**
   Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222449

Standard Audit Period End Date: 2018-06-08
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222450

BR Audit Period End Date: 2018-06-08
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222451

EV Audit Period End Date: 2018-06-08
CA Comments: null

Note: Audit Case looks good from Mozilla's perspective.



Mozilla: Audit Reminder
CA Owner: China Financial Certification Authority (CFCA)
Root Certificates:
   CFCA EV ROOT
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223505

Standard Audit Period End Date: 2018-07-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223506

BR Audit Period End Date: 2018-07-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223507

EV Audit Period End Date: 2018-07-31
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-08-20 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of August 2019 Audit Reminder Emails
Date: Tue, 20 Aug 2019 19:00:34 + (GMT)


Mozilla: Overdue Audit Statements
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root - 2008**
   Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13
CA Comments: CA is requesting audit statement updates from their 
auditors, who are not available until first week of September.




Mozilla: Audit Reminder
CA Owner: GoDaddy
Root Certificates:
   Go Daddy Class 2 CA
   Go Daddy Root Certificate Authority - G2
   Starfield Class 2 CA
   Starfield Root Certificate Authority - G2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222460

Standard Audit Period End Date: 2018-06-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222461

BR Audit Period End Date: 2018-06-30
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222462

EV Audit Period End Date: 2018-06-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST Root CA X3
Standard Audit: 
https://bug1484318.bmoattachments.org/attachment.cgi?id=9006625

Standard Audit Period End Date: 2018-06-30
BR Audit: https://bug1484318.bmoattachments.org/attachment.cgi?id=9006626
BR Audit Period End Date: 2018-06-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222449

Standard Audit Period End Date: 2018-06-08
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222450

BR Audit Period End Date: 2018-06-08
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222451

EV Audit Period End Date: 2018-06-08
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
   Certum Trusted Network CA 2
   Certum CA
   Certum Trusted Network CA
Standard Audit: 
https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516

Standard Audit Period End Date: 2018-03-26
BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
BR Audit Period End Date: 2018-03-26
EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515
EV Audit Period End Date: 2018-03-26
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1566586
Update 8/16: "We are waiting for publication. We will update CCADB as 
soon as possible when we get information from EY Poland."



Mozilla: Audit Reminder
CA Owner: SSL.com
Root Certificates:
   SSL.com EV Root Certification Authority ECC**
   SSL.com Root Certification Authority ECC**
   SSL.com Root Certification Authority RSA**
   SSL.com EV Root Certification Authority RSA R2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTCA-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf

Standard Audit Period End Date: 2018-06-30
BR Audit: 
https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTBR-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf

BR Audit Period End Date: 2018-06-30
EV Audit: 
https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTEV-SSL-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf

EV Audit Period End Date: 2018-06-30
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-07-16 Thread Kathleen Wilson via dev-security-policy 

On 7/16/19 12:25 PM, Kurt Roeckx wrote:

On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via 
dev-security-policy wrote:

Mozilla: Overdue Audit Statements
CA Owner: LuxTrust

Standard Audit Period End Date: 2018-03-30


For the overdue statements, I always see a comment, ussually
something like:
| ** Audit Case in the Common CA Database is under review for this root
| certificate.

But this root CA doesn't seem to have have any comment. Nor does this one:


Mozilla: Overdue Audit Statements
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)

Standard Audit Period End Date: 2018-03-26



Will you open such audit cases? Is this just some timing problem
that the mails got sent before it could be opened?




Hi Kurt,

The comment "** Audit Case..." means that the CA has created an Audit 
Case providing updated audits for those root certs, but those audit 
statements have not yet reviewed/accepted by Mozilla.


https://ccadb.org/cas/updates

There was no commentary about LuxTrust and Asseco, because those CAs 
have not yet submitted their Audit Case.


Thanks to you for the reminder, I have filed the following CA Compliance 
bugs.


https://bugzilla.mozilla.org/show_bug.cgi?id=1566580
LuxTrust: Overdue Audit Statements 2019

https://bugzilla.mozilla.org/show_bug.cgi?id=1566586
Asseco/Certum: Overdue Audit Statements 2019


> I also miss things like the state in the intermediate summary you
> sent.

For intermediate certs, the CAs update the audit statements directly in 
the corresponding record in the CCADB. I do not currently review those 
audit statements, but I am working on adding Audit Letter Validation 
(ALV) to intermediate certs.



By the way:

Mozilla: Audit Reminder
CA Owner: Swisscom (Switzerland) Ltd
Root Certificates:
Swisscom Root CA 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8985611
Standard Audit Period End Date: 2018-03-31
CA Comments: null 


I filed
https://bugzilla.mozilla.org/show_bug.cgi?id=1566569
Remove Swisscom Root CA 2 root certificate
(per an email I had previously received from the CA)


Thanks,
Kathleen
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-07-16 Thread Kurt Roeckx via dev-security-policy 
On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via 
dev-security-policy wrote:
> Mozilla: Overdue Audit Statements
> CA Owner: LuxTrust
> Root Certificates:
>LuxTrust Global Root 2
> Standard Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> Standard Audit Period End Date: 2018-03-30
> BR Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> BR Audit Period End Date: 2018-03-30
> EV Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> EV Audit Period End Date: 2018-03-30
> CA Comments: null

For the overdue statements, I always see a comment, ussually
something like:
| ** Audit Case in the Common CA Database is under review for this root
| certificate.

But this root CA doesn't seem to have have any comment. Nor does this one:

> Mozilla: Overdue Audit Statements
> CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
> Root Certificates:
>Certum Trusted Network CA 2
>Certum CA
>Certum Trusted Network CA
> Standard Audit:
> https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516
> Standard Audit Period End Date: 2018-03-26
> BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
> BR Audit Period End Date: 2018-03-26
> EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515
> EV Audit Period End Date: 2018-03-26
> CA Comments: null

Will you open such audit cases? Is this just some timing problem
that the mails got sent before it could be opened?

I also miss things like the state in the intermediate summary you
sent.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-07-16 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of July 2019 Audit Reminder Emails
Date: Tue, 16 Jul 2019 19:00:29 + (GMT)

Mozilla: Overdue Audit Statements
CA Owner: LuxTrust
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

Standard Audit Period End Date: 2018-03-30
BR Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

BR Audit Period End Date: 2018-03-30
EV Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

EV Audit Period End Date: 2018-03-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root**
   Chambers of Commerce Root - 2008**
   Global Chambersign Root
   Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13
CA Comments: null

Comment: The new audit statements don't appear to cover all of these roots.



Mozilla: Audit Reminder
CA Owner: Chunghwa Telecom
Root Certificates:
   Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority
Standard Audit: 
https://bug1483068.bmoattachments.org/attachment.cgi?id=8999772

Standard Audit Period End Date: 2018-05-31
BR Audit: https://bug1483068.bmoattachments.org/attachment.cgi?id=8999773
BR Audit Period End Date: 2018-05-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: DigiCert
Root Certificates:
   Cybertrust Global Root**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124

Standard Audit Period End Date: 2018-03-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125

BR Audit Period End Date: 2018-03-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126

EV Audit Period End Date: 2018-03-31
CA Comments: null

Comment: ALV fails for Code Signing, so assigned Audit Case to 
Microsoft. Audits for this root look good from Mozilla's perspective.




Mozilla: Overdue Audit Statements
CA Owner: GlobalSign
Root Certificates:
   GlobalSign**
   GlobalSign**
   GlobalSign**
   GlobalSign Root CA**
   GlobalSign Extended Validation CA - SHA256 - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995395
Standard Audit Period End Date: 2018-03-31
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221720

Standard Audit Period End Date: 2018-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995396
BR Audit Period End Date: 2018-03-31
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221721

BR Audit Period End Date: 2018-03-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995398
EV Audit Period End Date: 2018-03-31
EV Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221722

EV Audit Period End Date: 2018-03-31
CA Comments: null

Comment: Waiting for WebTrust Seals



Mozilla: Audit Reminder
CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat 
Valenciana (ACCV)

Root Certificates:
   ACCVRAIZ1
Standard Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223215

Standard Audit Period End Date: 2018-04-30
BR Audit: 
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223216

BR Audit Period End Date: 2018-04-30
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Government of Taiwan, Government Root Certification Authority 
(GRCA)

Root Certificates:
   Government Root Certification Authority - Taiwan**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221221

Standard Audit Period End Date: 2018-03-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221222

BR Audit Period End Date: 2018-03-31
CA Comments: null

Comment: Test Website Validation fails for some of the test websites.



Mozilla: Audit Reminder
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit:

Re: Audit Reminder Email Summary

2019-06-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of June 2019 Audit Reminder Emails
Date: Tue, 18 Jun 2019 19:00:30 + (GMT)

Mozilla: Audit Reminder
CA Owner: LuxTrust
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

Standard Audit Period End Date: 2018-03-30
BR Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

BR Audit Period End Date: 2018-03-30
EV Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

EV Audit Period End Date: 2018-03-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Shanghai Electronic Certification Authority Co., Ltd. (SHECA)
Root Certificates:
   UCA Extended Validation Root
   UCA Global G2 Root
Standard Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221269

Standard Audit Period End Date: 2018-04-30
BR Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221270

BR Audit Period End Date: 2018-04-30
EV Audit: 
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221271

EV Audit Period End Date: 2018-04-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Autoridad de Certificacion Firmaprofesional
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: 
https://bug1412950.bmoattachments.org/attachment.cgi?id=9018966

Standard Audit Period End Date: 2018-03-27
BR Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
BR Audit Period End Date: 2018-03-27
EV Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
EV Audit Period End Date: 2018-03-27
CA Comments: null



Mozilla: Audit Reminder
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   UTN-USERFirst-Client Authentication and Email
   USERTrust RSA Certification Authority
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989406
Standard Audit Period End Date: 2018-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989407
BR Audit Period End Date: 2018-03-31
BR Audit:
BR Audit Period End Date:
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989408
EV Audit Period End Date: 2018-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
   EC-ACC**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013271
Standard Audit Period End Date: 2018-03-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013273
BR Audit Period End Date: 2018-03-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: DigiCert
Root Certificates:
   Baltimore CyberTrust Root
   Cybertrust Global Root
   DigiCert Assured ID Root CA
   DigiCert Assured ID Root G2
   DigiCert Assured ID Root G3
   DigiCert Trusted Root G4
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124

Standard Audit Period End Date: 2018-03-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125

BR Audit Period End Date: 2018-03-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126

EV Audit Period End Date: 2018-03-31
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Entrust
Root Certificates:
   Entrust Root Certification Authority - EC1**
   Entrust Root Certification Authority - G2**
   AffirmTrust Commercial**
   AffirmTrust Networking**
   AffirmTrust Premium**
   AffirmTrust Premium ECC
   Entrust Root Certification Authority**
   Entrust.net Certification Authority (2048)**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforca_2018.pdf

Standard Audit Period End Date: 2018-02-28
Standard Audit: 
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-CA-Report.pdf

Standard Audit Period End Date: 2018-02-28
BR

Re: Audit Reminder Email Summary

2019-05-21 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of May 2019 Audit Reminder Emails
Date: Tue, 21 May 2019 19:01:45 + (GMT)

Mozilla: Audit Reminder
CA Owner: LuxTrust
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

Standard Audit Period End Date: 2018-03-30
BR Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

BR Audit Period End Date: 2018-03-30
EV Audit: 
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

EV Audit Period End Date: 2018-03-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Autoridad de Certificacion Firmaprofesional
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: 
https://bug1412950.bmoattachments.org/attachment.cgi?id=9018966

Standard Audit Period End Date: 2018-03-27
BR Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
BR Audit Period End Date: 2018-03-27
EV Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
EV Audit Period End Date: 2018-03-27
CA Comments: null



Mozilla: Audit Reminder
CA Owner: AC Camerfirma, S.A.
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf

Standard Audit Period End Date: 2018-02-08
BR Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf

BR Audit Period End Date: 2018-02-08
CA Comments: The audit statements are reviewed and fine, just waiting 
for the Webtrust Seals to be provided.




Mozilla: Audit Reminder
CA Owner: Sectigo
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   UTN-USERFirst-Client Authentication and Email
   USERTrust RSA Certification Authority
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989406
Standard Audit Period End Date: 2018-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989407
BR Audit Period End Date: 2018-03-31
BR Audit:
BR Audit Period End Date:
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989408
EV Audit Period End Date: 2018-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
   EC-ACC
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013271
Standard Audit Period End Date: 2018-03-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013273
BR Audit Period End Date: 2018-03-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Cybertrust Japan / JCSI
Root Certificates:
   SecureSign RootCA11
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221213

Standard Audit Period End Date: 2018-02-28
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221212

BR Audit Period End Date: 2018-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: DigiCert
Root Certificates:
   Baltimore CyberTrust Root
   Cybertrust Global Root
   DigiCert Assured ID Root CA
   DigiCert Assured ID Root G2
   DigiCert Assured ID Root G3
   DigiCert Trusted Root G4
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124

Standard Audit Period End Date: 2018-03-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125

BR Audit Period End Date: 2018-03-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126

EV Audit Period End Date: 2018-03-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Entrust
Root Certificates:
   Entrust Root Certification Authority - EC1
   Entrust Root Certification Authority - G2
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
   Entrust Root Certification Authority
   Entrust.net Certification Authority (2048)
Standard Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforca_2018.pdf

Standard Audit Period End

Re: Audit Reminder Email Summary

2019-04-22 Thread Kathleen Wilson via dev-security-policy 
Here's the summary of the automated audit reminder email that was sent 
last week.



 Forwarded Message 
Subject: Summary of April 2019 Audit Reminder Emails
Date: Tue, 16 Apr 2019 19:00:28 + (GMT)

Mozilla: Audit Reminder
CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly 
Guang Dong Certificate Authority (GDCA))

Root Certificates:
   GDCA TrustAUTH R5 ROOT
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221127

Standard Audit Period End Date: 2018-02-28
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221128

BR Audit Period End Date: 2018-02-28
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221129

EV Audit Period End Date: 2018-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf

Standard Audit Period End Date: 2018-02-08
BR Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf

BR Audit Period End Date: 2018-02-08
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Cybertrust Japan / JCSI
Root Certificates:
   SecureSign RootCA11
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221213

Standard Audit Period End Date: 2018-02-28
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221212

BR Audit Period End Date: 2018-02-28
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Entrust
Root Certificates:
   Entrust Root Certification Authority - EC1
   Entrust Root Certification Authority - G2
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
   Entrust Root Certification Authority
   Entrust.net Certification Authority (2048)
Standard Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforca_2018.pdf

Standard Audit Period End Date: 2018-02-28
Standard Audit: 
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-CA-Report.pdf

Standard Audit Period End Date: 2018-02-28
BR Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_baselinerequirements_2018.pdf?la=en=BC08BAF5AE81B2EE66A2146EE7710FB2F4F33BA6

BR Audit Period End Date: 2018-02-28
BR Audit: 
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-BR-NetSec-Report.pdf

BR Audit Period End Date: 2018-02-28
EV Audit: 
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforevssl_2018.pdf?la=en=B7F759CB298E973AB9A53F28AAED22AD9C7BE145

EV Audit Period End Date: 2018-02-28
EV Audit: 
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-EVSSL-Report.pdf

EV Audit Period End Date: 2018-02-28
CA Comments: null



Mozilla: Overdue Audit Statements
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

Standard Audit Period End Date: 2018-01-12
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

BR Audit Period End Date: 2018-01-12
CA Comments: Findings in audit statement: 
https://bugzilla.mozilla.org/show_bug.cgi?id=1544586





___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-03-19 Thread Kathleen Wilson via dev-security-policy 
Here's the summary of Mozilla's audit reminder emails that were sent 
today by the CCADB.


Reminder: The date logic for sending these emails is documented in the 
following wiki page.


https://wiki.mozilla.org/CA/Email_templates#Audit_Reminder_Email_Templates

- Audit Reminder is sent when previous Audit Period End date is 1 year 
plus 31 days to 93 days old.


- Overdue Notice is sent when previous Audit Period End date is 1 year 
plus 93 days to 150 days old.


- Danger of being removed warning is sent when previous Audit Period End 
date is older than 1 year plus 150 days.



 Forwarded Message 
Subject: Summary of March 2019 Audit Reminder Emails
Date: Tue, 19 Mar 2019 19:00:09 + (GMT)


Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221051

Standard Audit Period End Date: 2017-12-18
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221052

BR Audit Period End Date: 2017-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf

Standard Audit Period End Date: 2018-02-08
BR Audit: 
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf

BR Audit Period End Date: 2018-02-08
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221092

Standard Audit Period End Date: 2017-12-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221093

BR Audit Period End Date: 2017-12-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221094

EV Audit Period End Date: 2017-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

Standard Audit Period End Date: 2018-01-12
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

BR Audit Period End Date: 2018-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Amazon Trust Services
Root Certificates:
   Amazon Root CA 3
   Amazon Root CA 2
   Starfield Services Root Certificate Authority - G2
   Amazon Root CA 1
   Amazon Root CA 4
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221192

Standard Audit Period End Date: 2018-01-15
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221193

BR Audit Period End Date: 2018-01-15
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221194

EV Audit Period End Date: 2018-01-15
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2019-02-25 Thread Kathleen Wilson via dev-security-policy 
Here's the summary of Mozilla's audit reminder emails that were sent 
last Tuesday. (I was on vacation last week).


Note that per previous discussion, the date logic for sending these 
emails has been updated, and is documented here:


https://wiki.mozilla.org/CA/Email_templates#Audit_Reminder_Email_Templates

- Audit Reminder is sent when previous Audit Period End date is 1 year 
plus 31 days to 93 days old.


- Overdue Notice is sent when previous Audit Period End date is 1 year 
plus 93 days to 150 days old.


- Danger of being removed warning is sent when previous Audit Period End 
date is older than 1 year plus 150 days.


Thanks,
Kathleen

 Forwarded Message 
Subject: Summary of February 2019 Audit Reminder Emails
Date: Tue, 19 Feb 2019 20:00:52 + (GMT)


Mozilla: Audit Reminder
CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
   Staat der Nederlanden EV Root CA
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden Root CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958479
Standard Audit Period End Date: 2017-12-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958475
BR Audit Period End Date: 2017-12-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958477
EV Audit Period End Date: 2017-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221051

Standard Audit Period End Date: 2017-12-18
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221052

BR Audit Period End Date: 2017-12-18
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Buypass
Root Certificates:
   Buypass Class 2 Root CA
   Buypass Class 3 Root CA
Standard Audit: 
https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295

Standard Audit Period End Date: 2017-11-30
BR Audit: https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295
BR Audit Period End Date: 2017-11-30
EV Audit: https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295
EV Audit Period End Date: 2017-11-30
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
   Hongkong Post Root CA 1
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221045

Standard Audit Period End Date: 2017-12-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221044

BR Audit Period End Date: 2017-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221092

Standard Audit Period End Date: 2017-12-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221093

BR Audit Period End Date: 2017-12-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221094

EV Audit Period End Date: 2017-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221109

Standard Audit Period End Date: 2017-12-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221112

BR Audit Period End Date: 2017-12-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=22

EV Audit Period End Date: 2017-12-31
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

Standard Audit Period End Date: 2018-01-12
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf

BR Audit Period End Date: 2018-01-12
CA Comments: null



Mozilla: Audit Reminder
CA Owner: Amazon Trust Services
Root Certificates:
   Amazon Root CA 3
   Amazon Root CA 2
   Starfield Services Root Certificate Authority - G2
   Amazon Root CA 1
   Amazon Root CA 4
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221192

Standard Audit Period End Date: 2018-01-15
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221193

BR Audit Period End Date: 2018-01-15
EV Audit:

Re: Late Certinomis Audit (Was: Audit Reminder Email Summary)

2019-01-03 Thread marc.maitre--- via dev-security-policy 

Franck Leroy explained that LSTI was about to deliver the audit letter to 
Certinomis, but regarding the recent issue with TUV-IT, LSTI decided to 
postpone any attestation letter and to do further investigation on all their 
PTC CA clients" 
Certinomis had to provide further information to the LSTI, before they would 
issue their audit statement.

In a second time,in December 2018, LSTI explained that the 3 months delay to 
provide the final audit statement result of an overload work of their auditors 
so they delayed the validation of the Audit



Le lundi 26 novembre 2018 22:39:45 UTC+1, Wayne Thayer a écrit :
> Update: I heard back from Certinomis quickly. They provided the following
> attestation statement from LSTI dated 23-November on the same day. The
> audit was conducted back in July, so we still need an explanation from
> Certinomis of why it took LSTI so long to provide the report.
> 
> https://bugzilla.mozilla.org/attachment.cgi?id=9027230
> 
> Unfortunately, the audit period listed in the report begins a week after
> the prior audit period ended. Certinomis says that this is a reporting
> mistake, so I have asked them to provide an updated attestation statement
> from LSTI.
> 
> - Wayne
> 
> On Tue, Nov 20, 2018 at 5:00 PM Wayne Thayer  wrote:
> 
> > Thanks for pointing this out Kurt. The Certinomis / Docapost audit report
> > is now almost one month late. Also, last week the Certinomis representative
> > informed root programs that he was leaving his post and two others would be
> > taking his place. I have just emailed the two new representatives and asked
> > them to explain when we will see the audit report. I'm also concerned about
> > their numerous compliance bugs.
> >
> > - Wayne
> >
> > On Tue, Nov 20, 2018 at 3:15 PM Kurt Roeckx via dev-security-policy <
> > dev-security-policy@lists.mozilla.org> wrote:
> >
> >> On Tue, Oct 23, 2018 at 02:35:37PM -0700, Kathleen Wilson via
> >> dev-security-policy wrote:
> >> > > > Mozilla: Audit Reminder
> >> > > > Root Certificates:
> >> > > > Certinomis - Root CA
> >> > > > Standard Audit:
> >> > > > https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> >> > > > Audit Statement Date: 2017-07-24
> >> > > > BR Audit:
> >> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> >> > > > BR Audit Statement Date: 2017-07-24
> >> > > > CA Comments: null
> >> > >
> >> > > This seems to be in French, and does not seem to even indicate
> >> > > when the audit was done, just that the report itself is valid for
> >> > > 2 years.
> >> >
> >> > Our official requirement for the audit statements to be in English is
> >> new in
> >> > version 2.6 of our policy (effective date July 1, 2018). Also, last
> >> July we
> >> > were still having difficulty getting the ETSI auditors on board with
> >> > specifying audit periods in their audit statements.
> >>
> >> So it seems nothing changed related to this in the last month,
> >> they are clearly late in providing a new audit statement.
> >>
> >>
> >> Kurt
> >>
> >>

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-12-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of December 2018 Audit Reminder Emails
Date: Tue, 18 Dec 2018 20:00:20 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   TrustCor RootCert CA-2
   TrustCor RootCert CA-1
   TrustCor ECA-1
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221175

Audit Statement Date: 2017-12-15
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221176

BR Audit Statement Date: 2017-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf

Audit Statement Date: 2017-11-24
BR Audit: 
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf

BR Audit Statement Date: 2017-11-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certigna
   Certigna Root CA
Standard Audit: 
https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405

Audit Statement Date: 2018-01-12
BR Audit: https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405
BR Audit Statement Date: 2018-01-12
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   Certinomis - Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Microsec e-Szigno Root CA 2009**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121401_Browser_Audit_Attestation_s.pdf

Audit Statement Date: 2017-12-14
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121402_Browser_Audit_Attestation_s.pdf

BR Audit Statement Date: 2017-12-14
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   Class 2 Primary CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1465629



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Gold CA - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

Audit Statement Date: 2017-11-30
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

BR Audit Statement Date: 2017-11-30
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

EV Audit Statement Date: 2017-11-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Secure Global CA**
   SecureTrust CA**
   XRamp Global Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221135

Audit Statement Date: 2017-11-17
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221136

BR Audit Statement Date: 2017-11-17
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221137

EV Audit Statement Date: 2017-11-17
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Late Certinomis Audit (Was: Audit Reminder Email Summary)

2018-11-26 Thread Wayne Thayer via dev-security-policy 
Update: I heard back from Certinomis quickly. They provided the following
attestation statement from LSTI dated 23-November on the same day. The
audit was conducted back in July, so we still need an explanation from
Certinomis of why it took LSTI so long to provide the report.

https://bugzilla.mozilla.org/attachment.cgi?id=9027230

Unfortunately, the audit period listed in the report begins a week after
the prior audit period ended. Certinomis says that this is a reporting
mistake, so I have asked them to provide an updated attestation statement
from LSTI.

- Wayne

On Tue, Nov 20, 2018 at 5:00 PM Wayne Thayer  wrote:

> Thanks for pointing this out Kurt. The Certinomis / Docapost audit report
> is now almost one month late. Also, last week the Certinomis representative
> informed root programs that he was leaving his post and two others would be
> taking his place. I have just emailed the two new representatives and asked
> them to explain when we will see the audit report. I'm also concerned about
> their numerous compliance bugs.
>
> - Wayne
>
> On Tue, Nov 20, 2018 at 3:15 PM Kurt Roeckx via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
>> On Tue, Oct 23, 2018 at 02:35:37PM -0700, Kathleen Wilson via
>> dev-security-policy wrote:
>> > > > Mozilla: Audit Reminder
>> > > > Root Certificates:
>> > > > Certinomis - Root CA
>> > > > Standard Audit:
>> > > > https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
>> > > > Audit Statement Date: 2017-07-24
>> > > > BR Audit:
>> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
>> > > > BR Audit Statement Date: 2017-07-24
>> > > > CA Comments: null
>> > >
>> > > This seems to be in French, and does not seem to even indicate
>> > > when the audit was done, just that the report itself is valid for
>> > > 2 years.
>> >
>> > Our official requirement for the audit statements to be in English is
>> new in
>> > version 2.6 of our policy (effective date July 1, 2018). Also, last
>> July we
>> > were still having difficulty getting the ETSI auditors on board with
>> > specifying audit periods in their audit statements.
>>
>> So it seems nothing changed related to this in the last month,
>> they are clearly late in providing a new audit statement.
>>
>>
>> Kurt
>>
>>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-11-20 Thread Wayne Thayer via dev-security-policy 
Thanks for pointing this out Kurt. The Certinomis / Docapost audit report
is now almost one month late. Also, last week the Certinomis representative
informed root programs that he was leaving his post and two others would be
taking his place. I have just emailed the two new representatives and asked
them to explain when we will see the audit report. I'm also concerned about
their numerous compliance bugs.

- Wayne

On Tue, Nov 20, 2018 at 3:15 PM Kurt Roeckx via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On Tue, Oct 23, 2018 at 02:35:37PM -0700, Kathleen Wilson via
> dev-security-policy wrote:
> > > > Mozilla: Audit Reminder
> > > > Root Certificates:
> > > > Certinomis - Root CA
> > > > Standard Audit:
> > > > https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > > Audit Statement Date: 2017-07-24
> > > > BR Audit:
> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > > BR Audit Statement Date: 2017-07-24
> > > > CA Comments: null
> > >
> > > This seems to be in French, and does not seem to even indicate
> > > when the audit was done, just that the report itself is valid for
> > > 2 years.
> >
> > Our official requirement for the audit statements to be in English is
> new in
> > version 2.6 of our policy (effective date July 1, 2018). Also, last July
> we
> > were still having difficulty getting the ETSI auditors on board with
> > specifying audit periods in their audit statements.
>
> So it seems nothing changed related to this in the last month,
> they are clearly late in providing a new audit statement.
>
>
> Kurt
>
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-11-20 Thread Kurt Roeckx via dev-security-policy 
On Tue, Oct 23, 2018 at 02:35:37PM -0700, Kathleen Wilson via 
dev-security-policy wrote:
> > > Mozilla: Audit Reminder
> > > Root Certificates:
> > > Certinomis - Root CA
> > > Standard Audit:
> > > https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > Audit Statement Date: 2017-07-24
> > > BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > BR Audit Statement Date: 2017-07-24
> > > CA Comments: null
> > 
> > This seems to be in French, and does not seem to even indicate
> > when the audit was done, just that the report itself is valid for
> > 2 years.
> 
> Our official requirement for the audit statements to be in English is new in
> version 2.6 of our policy (effective date July 1, 2018). Also, last July we
> were still having difficulty getting the ETSI auditors on board with
> specifying audit periods in their audit statements.

So it seems nothing changed related to this in the last month,
they are clearly late in providing a new audit statement.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-11-20 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of November 2018 Audit Reminder Emails
Date: Tue, 20 Nov 2018 20:00:09 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   TrustCor RootCert CA-2
   TrustCor RootCert CA-1
   TrustCor ECA-1
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221175

Audit Statement Date: 2017-12-15
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221176

BR Audit Statement Date: 2017-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: 
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf

Audit Statement Date: 2017-11-24
BR Audit: 
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf

BR Audit Statement Date: 2017-11-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   D-TRUST Root CA 3 2013**
   D-TRUST Root Class 3 CA 2 2009**
   D-TRUST Root Class 3 CA 2 EV 2009**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120703_Browser_Auidt_Attestation_s.pdf

Audit Statement Date: 2017-12-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120702_Browser_Audit_Attestation_s.pdf

Audit Statement Date: 2017-12-07
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf

Audit Statement Date: 2017-12-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120703_Browser_Auidt_Attestation_s.pdf

BR Audit Statement Date: 2017-12-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120702_Browser_Audit_Attestation_s.pdf

BR Audit Statement Date: 2017-12-07
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf

BR Audit Statement Date: 2017-12-07
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf

EV Audit Statement Date: 2017-12-07
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit: 
https://bug1262809.bmoattachments.org/attachment.cgi?id=8937952

Audit Statement Date: 2017-12-08
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8937952
BR Audit Statement Date: 2017-12-08
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Microsec e-Szigno Root CA 2009
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121401_Browser_Audit_Attestation_s.pdf

Audit Statement Date: 2017-12-14
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121402_Browser_Audit_Attestation_s.pdf

BR Audit Statement Date: 2017-12-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Class 2 Primary CA
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
CA Comments:
https://bugzilla.mozilla.org/show_bug.cgi?id=1465629
https://bugzilla.mozilla.org/attachment.cgi?id=9024032
Need CA to create Audit Case in CCADB



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Gold CA - G2
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

Audit Statement Date: 2017-11-30
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

BR Audit Statement Date: 2017-11-30
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf

EV Audit Statement Date: 2017-11-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Secure Global CA
   SecureTrust CA
   XRamp Global Certification Authority
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221135

Audit Statement Date: 2017-11-17
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221136

BR Audit Statement Date: 2017-11-17
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221137

EV Audit Statement Date: 2017-11-17
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CFCA EV ROOT
Standard Audit:

Re: Audit Reminder Email Summary

2018-10-16 Thread Kurt Roeckx via dev-security-policy 
On Tue, Oct 16, 2018 at 12:49:41PM -0700, Kathleen Wilson via 
dev-security-policy wrote:
>  Forwarded Message 
> Subject: Summary of October 2018 Audit Reminder Emails
> Date: Tue, 16 Oct 2018 19:00:37 + (GMT)
> 
> Mozilla: Audit Reminder
> Root Certificates:
>AC Raíz Certicámara S.A.
> Standard Audit: 
> http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203
> Audit Statement Date: 2017-08-09
> CA Comments: null

It covers the period of 2016-05-01 to 2017-04-30. They should have
a new audit report by now.

> Mozilla: Audit Reminder
> Root Certificates:
>Certinomis - Root CA
> Standard Audit:
> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> Audit Statement Date: 2017-07-24
> BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> BR Audit Statement Date: 2017-07-24
> CA Comments: null

This seems to be in French, and does not seem to even indicate
when the audit was done, just that the report itself is valid for
2 years.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-10-16 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of October 2018 Audit Reminder Emails
Date: Tue, 16 Oct 2018 19:00:37 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203

Audit Statement Date: 2017-08-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA**
   Go Daddy Root Certificate Authority - G2**
   Starfield Class 2 CA**
   Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

Audit Statement Date: 2017-08-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

BR Audit Statement Date: 2017-08-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

EV Audit Statement Date: 2017-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACCVRAIZ1
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221168

Audit Statement Date: 2017-07-28
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221169

BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be 
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158




Mozilla: Audit Reminder
Root Certificates:
   NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit: 
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf

Audit Statement Date: 2017-10-05
BR Audit: 
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf

BR Audit Statement Date: 2017-10-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CFCA EV ROOT
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221153

Audit Statement Date: 2017-11-10
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221154

BR Audit Statement Date: 2017-11-10
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221155

EV Audit Statement Date: 2017-11-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign
   GlobalSign
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221087

Audit Statement Date: 2017-10-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221088

BR Audit Statement Date: 2017-11-01
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-09-18 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of September 2018 Audit Reminder Emails
Date: Tue, 18 Sep 2018 19:00:14 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203

Audit Statement Date: 2017-08-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

Audit Statement Date: 2017-09-09
BR Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

BR Audit Statement Date: 2017-09-09
EV Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

EV Audit Statement Date: 2017-09-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA
   Go Daddy Root Certificate Authority - G2
   Starfield Class 2 CA
   Starfield Root Certificate Authority - G2
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

Audit Statement Date: 2017-08-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

BR Audit Statement Date: 2017-08-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

EV Audit Statement Date: 2017-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACCVRAIZ1
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221168

Audit Statement Date: 2017-07-28
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221169

BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be 
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158




Mozilla: Audit Reminder
Root Certificates:
   Izenpe.com
Standard Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

Audit Statement Date: 2017-07-25
BR Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

BR Audit Statement Date: 2017-07-25
EV Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

EV Audit Statement Date: 2017-07-25
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit: 
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf

Audit Statement Date: 2017-10-05
BR Audit: 
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf

BR Audit Statement Date: 2017-10-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1
   OpenTrust Root CA G2
   Certplus Root CA G1
   Class 2 Primary CA
   OpenTrust Root CA G3
   Certplus Root CA G2
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221101

Audit Statement Date: 2017-08-31
BR Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221098

BR Audit Statement Date: 2017-08-31
EV Audit: 
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221100

EV Audit Statement Date: 2017-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Visa eCommerce Root**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: http://enroll.visaca.com/WTCA%20eComm.pdf
Audit Statement Date: 2017-07-26
BR Audit: http://enroll.visaca.com/WTBR%20eComm.pdf
BR Audit Statement Date: 2017-07-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SSL.com EV Root Certification Authority ECC**
   SSL.com Root Certification Authority ECC**
   SSL.com Root Certification Authority RSA**
   SSL.com EV Root Certification Authority RSA R2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit:

Re: Audit Reminder Email Summary

2018-09-04 Thread Ryan Sleevi via dev-security-policy 
On Mon, Sep 3, 2018 at 8:54 AM reinhard.dietrich--- via dev-security-policy
 wrote:

> Dear all,
> as already mentioned above, qualified auditors (nat person/organization)
> have been selected which fulfil the points as listed in our previous
> response. The auditors fulfilled these relevant requirements. Even the
> organization of TÜV AUSTRIA CERT was accredited according to ISO 17065 by
> that time –the only thing missing was the formal acknowledgement of the
> Austrian Federal Ministry for Digital and Economy Affairs (BMDW) for
> amending that accreditation by the ETSI ENs.
>

I think this is an incredibly important and meaningful distinction, for all
CAs.

It appears that, even today, September 4, there's no way to independently
confirm or assess TUV AUSTRIA CERT's accreditation to ISO 17065 in any of
the related or appropriate standards. If a WebTrust audit was presented by
an auditor who was not licensed by WebTrust, or could not be independently
assessed as such, it would absolutely be rejected - and CPA Canada/AICPA
would likely pursue action through misuse of the term WebTrust.

That ETSI lacks this is already problematic, but equally problematic is the
lack of demonstration through the agreed-upon method of determining an
auditor's competence to perform audits. The process that is recognized for
the ETSI norms is to look through european-accreditation.org to determine
the NAB, and from the NAB, determine the appropriate CABs. With respect to
Section 8.2, I'm having trouble understanding how the information presented
can meet the requirements of Item 2, 4, and 6. As my previous mail
suggested, the ability to determine that, independently, has been lacking
since April.

Related to our own SwissSign audit which was required to be performed as
> soon as possible, we decided to ask the browsers before the audit was
> started, whether they would accept the audit performed by our auditors
> under that circumstances described above. Based on the Mozilla Root Policy,
> clause 3.2, para 2 Mozilla can decide to accept the auditor. On top we
> considered that as the auditors are well known in the community and have
> long term experience auditing several CA included in the Root Stores
> according ETSI and BRG, therefore they should easily be accepted to perform
> our audit.


My understanding here is that your use of the term "auditors" refers to the
individuals, not to the organization TUV Austria, is that correct?


> We discussed that with Mozilla and Microsoft and both finally agreed to a
> one time exception so that we decided to start the audit project. That
> given exception included an agreement that the Audit Attestations will be
> re-issued now, after the formal accreditation process is finalized – which
> will happen during the next few weeks. All the Browsers will receive an
> updated Audit Attestation then referring the amended accreditation
> documentation.
> On top of that and as already mentioned above, we will repeat all the
> audits during the next weeks in order to start over and synchronize the
> audit period for the complete PKI of SwissSign. At this time the expansion
> of TÜV AUSTRIA CERTS accreditation according ISO 17065 and  ETSI EN 319 403
> will certainly be visible.
>

As it stands, the information for TUV AUSTRIA CERTS still does not appear
to meet the requirements of Section 8.2. I appreciate that the promise is
that it's forthcoming, that it's BMDW's fault, that everything surely is in
order, but you can surely see how from an objective and consistent
application of policies, this fails to meet Section 8.2 even to this day.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-09-03 Thread reinhard.dietrich--- via dev-security-policy 
Dear all, 
as already mentioned above, qualified auditors (nat person/organization) have 
been selected which fulfil the points as listed in our previous response. The 
auditors fulfilled these relevant requirements. Even the organization of TÜV 
AUSTRIA CERT was accredited according to ISO 17065 by that time –the only thing 
missing was the formal acknowledgement of the Austrian Federal Ministry for 
Digital and Economy Affairs (BMDW) for amending that accreditation by the ETSI 
ENs. 
The accreditation audit had successfully been performed by the Ministry BMDW in 
June and a corresponding positive report had been issued to TÜV AUSTRIA CERT. 
That report had been forwarded immediately to the Browsers. Following this time 
frame,  at the time when our Audit Attestations were issued, the auditors 
already passed its accreditation audit.  Hereafter however, the formal 
completion of the accreditation process by the Ministry requires time until the 
accreditation certificate is finally issued. Now – after summer holiday season 
-, the accreditation certificate is expected to be delivered every day. Along 
with that all public lists will be updated so that TÜV AUSTRIA CERT’s ETSI 
expansion of their accreditation according to ISO 17065 will finally be 
visible. 

Related to our own SwissSign audit which was required to be performed as soon 
as possible, we decided to ask the browsers before the audit was started, 
whether they would accept the audit performed by our auditors under that 
circumstances described above. Based on the Mozilla Root Policy, clause 3.2, 
para 2 Mozilla can decide to accept the auditor. On top we considered that as 
the auditors are well known in the community and have long term experience 
auditing several CA included in the Root Stores according ETSI and BRG, 
therefore they should easily be accepted to perform our audit. We discussed 
that with Mozilla and Microsoft and both finally agreed to a one time exception 
so that we decided to start the audit project. That given exception included an 
agreement that the Audit Attestations will be re-issued now, after the formal 
accreditation process is finalized – which will happen during the next few 
weeks. All the Browsers will receive an updated Audit Attestation then 
referring the amended accreditation documentation.
On top of that and as already mentioned above, we will repeat all the audits 
during the next weeks in order to start over and synchronize the audit period 
for the complete PKI of SwissSign. At this time the expansion of TÜV AUSTRIA 
CERTS accreditation according ISO 17065 and  ETSI EN 319 403 will certainly be 
visible. 

Best Regards 

Reinhard Dietrich
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-08-29 Thread Ryan Sleevi via dev-security-policy 
On Mon, Aug 27, 2018 at 2:25 AM reinhard.dietrich--- via
dev-security-policy  wrote:

> Dear all
>
> This is a joint answer to Waynes' request.
>
> it was mentioned that the audit period was exceeded. We would like to
> explain the situation and what was undertaken to avoid such situation again.
>
> We all are aware that the audit period was exceeded by two months. However
> the conducted audit from April 2018 also covers the 2 months extension.  As
> you already mentioned, the reason is that SwissSign decided to change the
> auditors after 12 years for quality assurance reason. Additionally, it is a
> best practice within the IT security world or the financial sector to
> change the external auditors on a regular base.
> During the process, SwissSign defined some criteria in order to choose the
> new auditors these are:
>
> The auditors shall:
> - possess a knowledge and experience since years performing PKI audits as
> a full time job.
>
> - have experience in auditing different international CA which are also
> included in the Root Stores.
>
> - take their time to understand in detail the processes, infrastructure,
> implementations, etc. of SwissSign.
> - support SwissSign being conform over time between the annual audits,
> e.g. by pre-assessments of new solutions/processes/applications before
> these are going in live production.
> - be well known in the community.
> - be active in international and national working groups in order to keep
> their knowledge about requirements up-to-date.
> - are /going to be accredited to perform audit according the relevant
> standards.
> - Fullfills requirement according to BR 8.2 and BR 8.3
>

Could you explain a bit more about your selection process? The auditors you
selected did not meet BR 8.2 at the time you selected them, hence the
e-mail to multiple browser programs to accept audits from a non-accredited
entity, on the promise that the principals involved were respected and that
accreditation would be coming "soon".

In April, an attempt was made to determine the accreditation status of TUV
Austria Cert GMBH. Based on EA [1], the NAB for Austria is Akkreditierung
Austria's Federal Ministry for Digital and Economi Afairs (BMDW). The list
of CABs accredited by the NAB are available at [2]

Looking at the BRs, the expectation would be that the auditor is accredited
in the application of ISO 17065:2012 with the application of ETSI EN 319
403. Looking at the most recently updated list of Certification Bodies of
Products, Processes, and Services, according to EN ISO/IEC 17065:2012, TUV
Austria Cert GMBH's certification is [4], which doesn't cover that norm.

Looking at the eIDAS list of CABs [5], which is informational but updated
as of 2018-07-27, I don't see TUV Austria under AA either.

So it doesn't appear to meet either ISO/IEC 17065 or the eIDAS norms (of
which 17065 is effectively a pre-requisite).

Could you help me understand more how TUV Austria Cert GMBH meets the
criteria of BR 8.2 and 8.3?

[1] http://www.european-accreditation.org/ea-members
[2]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Seiten/AkkreditiertePIZ-Stellen.aspx
[3]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Documents/product%20certification%20bodies.pdf
[4]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Documents/AA_0943_17065_TueV_AUSTRIA_CERT_GMBH.pdf
[5]
https://ec.europa.eu/futurium/en/content/list-conformity-assessment-bodies-cabs-accredited-against-requirements-eidas-regulation
[6]
https://ec.europa.eu/futurium/en/system/files/ged/list_of_eidas_accredited_cabs-2018-07-27.pdf
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-08-27 Thread Wayne Thayer via dev-security-policy 
On Sun, Aug 26, 2018 at 11:25 PM reinhard.dietrich--- via
dev-security-policy  wrote:

> Dear all
>
> This is a joint answer to Waynes' request.
>
> it was mentioned that the audit period was exceeded. We would like to
> explain the situation and what was undertaken to avoid such situation again.
>
> We all are aware that the audit period was exceeded by two months. However
> the conducted audit from April 2018 also covers the 2 months extension.  As
> you already mentioned, the reason is that SwissSign decided to change the
> auditors after 12 years for quality assurance reason. Additionally, it is a
> best practice within the IT security world or the financial sector to
> change the external auditors on a regular base.
> During the process, SwissSign defined some criteria in order to choose the
> new auditors these are:
>
> The auditors shall:
> - possess a knowledge and experience since years performing PKI audits as
> a full time job.
>
> - have experience in auditing different international CA which are also
> included in the Root Stores.
>
> - take their time to understand in detail the processes, infrastructure,
> implementations, etc. of SwissSign.
> - support SwissSign being conform over time between the annual audits,
> e.g. by pre-assessments of new solutions/processes/applications before
> these are going in live production.
> - be well known in the community.
> - be active in international and national working groups in order to keep
> their knowledge about requirements up-to-date.
> - are /going to be accredited to perform audit according the relevant
> standards.
> - Fullfills requirement according to BR 8.2 and BR 8.3
>
>
> The whole process took its time because of the complexity of such a
> change. At the end, SwissSign decided to work together with the qualified
> auditors from TÜV Austria which will perform all audits for all PKI in the
> future. The upcoming audit for the Silver and Platinum PKI was performed as
> soon as the contract was agreed and signed.
> We would also like to point out that both PKI are maintained under exact
> the same physical, technical, organizational and logical conditions and
> measures as the Gold PKI which is was audited in October 2017.
> Additionally, the Platinum PKI is also audited according the Swiss Law on
> an annual base.
>
> In order to avoid such exceeding, the contract with the auditors was
> signed for the next several years, in order to ensure that the audits are
> planned and performed in time as required by the CA/B Forum and the Browser
> Root CA Policies. It is already planned that in September 2018 a new full
> audit for all PKI (Silver, Platinum and Gold G2 and G3) will be performed.
> After the audit for all three PKI, completely new audit attestations will
> be issued covering the period until the last audit day. This will be the
> start point for a full annual audit for all PKI together so that there is
> not any timely separation between them. Additionally, the audits for the
> next years are already planned, so that an exceeding of the audit period
> will be prevented.
>
> I'm glad to hear that planning is being done to prevent future audit
problems. Reinhard, what will be the period covered by the September 2018
audits?

It occurs to me that Mozilla could accept the recently submitted audit
statements that cover 14 months by ignoring the extra two months. The next
audit period would need to end no later than March 8, 2019. Does anyone
have concerns with this?

Reinhard, what is SwissSign planning to do regarding the point-in-time
audit for the Silver G3 root?

>
> We hope that this sheds some lights on the situation.
>
> Thanks and kindest regards
>
> Reinhard Dietrich
>
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-08-27 Thread reinhard.dietrich--- via dev-security-policy 
Dear all
 
This is a joint answer to Waynes' request.
 
it was mentioned that the audit period was exceeded. We would like to explain 
the situation and what was undertaken to avoid such situation again.
 
We all are aware that the audit period was exceeded by two months. However the 
conducted audit from April 2018 also covers the 2 months extension.  As you 
already mentioned, the reason is that SwissSign decided to change the auditors 
after 12 years for quality assurance reason. Additionally, it is a best 
practice within the IT security world or the financial sector to change the 
external auditors on a regular base. 
During the process, SwissSign defined some criteria in order to choose the new 
auditors these are:

The auditors shall:
- possess a knowledge and experience since years performing PKI audits as a 
full time job.

- have experience in auditing different international CA which are also 
included in the Root Stores.

- take their time to understand in detail the processes, infrastructure, 
implementations, etc. of SwissSign.
- support SwissSign being conform over time between the annual audits, e.g. by 
pre-assessments of new solutions/processes/applications before these are going 
in live production.
- be well known in the community.
- be active in international and national working groups in order to keep their 
knowledge about requirements up-to-date.
- are /going to be accredited to perform audit according the relevant standards.
- Fullfills requirement according to BR 8.2 and BR 8.3

 
The whole process took its time because of the complexity of such a change. At 
the end, SwissSign decided to work together with the qualified auditors from 
TÜV Austria which will perform all audits for all PKI in the future. The 
upcoming audit for the Silver and Platinum PKI was performed as soon as the 
contract was agreed and signed. 
We would also like to point out that both PKI are maintained under exact the 
same physical, technical, organizational and logical conditions and measures as 
the Gold PKI which is was audited in October 2017. Additionally, the Platinum 
PKI is also audited according the Swiss Law on an annual base. 
 
In order to avoid such exceeding, the contract with the auditors was signed for 
the next several years, in order to ensure that the audits are planned and 
performed in time as required by the CA/B Forum and the Browser Root CA 
Policies. It is already planned that in September 2018 a new full audit for all 
PKI (Silver, Platinum and Gold G2 and G3) will be performed. After the audit 
for all three PKI, completely new audit attestations will be issued covering 
the period until the last audit day. This will be the start point for a full 
annual audit for all PKI together so that there is not any timely separation 
between them. Additionally, the audits for the next years are already planned, 
so that an exceeding of the audit period will be prevented.
 

We hope that this sheds some lights on the situation. 
 
Thanks and kindest regards

Reinhard Dietrich
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-08-22 Thread Wayne Thayer via dev-security-policy 
Kurt,

Thank your for raising this issue.

As documented in the bug you referenced, there was a good deal of confusion
about Mozilla's acceptance (or not) of SwissSign's 2017 audit statements.
Mozilla rejected the first statements and then asked questions about the
second set of statements but never clearly rejected them.

A verbal agreement was reached that SwissSign would obtain new audits, but
it resulted in only one of their 3 included roots being re-audited later in
2017. Given the lack of documentation, I am willing to accept that as a
misunderstanding of scope between Mozilla and SwissSign. The result is that
we have 2017 audit statements in CCADB that are marked as having been
accepted despite the significant concerns that were raised in the bug you
referenced.

I believe the fact that the audit period extended for more than a year was
caused by SwissSign's (understandable) decision to use a different auditor
this year. However, I agree that this is a problem because it directly
contradicts BR section 8.1 which states "An audit period MUST NOT exceed
one year in duration" and Mozilla's requirement that "Full-surveillance
period-of-time audits MUST be conducted and updated audit information
provided no less frequently than annually". I believe these new audit
statements (both for the Platinum and Silver roots) should be rejected on
that basis, and I would also welcome a response from SwissSign and/or their
auditors. In addition, Kathleen is researching why this was not flagged by
CCADB when the audit cases were processed.

When choosing to switch auditors for 2018, SwissSign asked Mozilla to
permit them to use TUV Austria prior to the firm's formal eIDAS
accreditation. Given that the individuals performing the audits were
well-known as auditors for TUV Germany who moved to the Austrian entity,
Mozilla agreed to this exception as permitted under Root Store Policy
section 3.2. TUV Austria has since informed us that they have received
their accreditation.

Finally, the audit submitted for the (not yet included) SwissSign Silver G3
root is point-in-time, and thus not acceptable as documented in
https://bugzilla.mozilla.org/show_bug.cgi?id=1142323#c44 I have discussed
this with SwissSign's auditors, and their belief was that a point-in-time
report is appropriate when no certificates have been issued from a root
during the period. I do not agree with this interpretation and plan to have
further discussions with ETSI folks on this topic (WebTrust has already
confirmed that it is possible report on a root over a period-of-time even
when no issuance has occurred). Meanwhile, I believe that TUV Austria may
reissue the reports for this root as period-of-time since the audits
themselves covered the entire period.

- Wayne

On Wed, Aug 22, 2018 at 1:32 AM Kurt Roeckx via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On 2018-08-21 21:03, Kathleen Wilson wrote:
> > Mozilla: Overdue Audit Statements
> > Root Certificates:
> > SwissSign Platinum CA - G2**
> >
> > ** Audit Case in the Common CA Database is under review for this root
> > certificate.
> >
> > Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> > Audit Statement Date: 2017-03-30
> > BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> > BR Audit Statement Date: 2017-03-30
> > CA Comments: null
>
> Is this not properly marked in the database?
>
> I found https://bugzilla.mozilla.org/show_bug.cgi?id=1374381, which
> seems to be related to it, and was closed.
>
> The linked audits there:
> - For one claiming the period covering 2015: The statement does not
> state which period was covered.
> - For one claiming the period covering 2016: The statement does not
> state which period was covered. A previous report from the auditor for
> that period stated that it was a point in time audit.
> The changed report removed this sentence: "KPMG has performed a point in
> time audit. The reference date is 8 March 2017." and replaced
> "We were not engaged to and did not conduct an examination, the object
> of which would be the expression of an opinion on the Application for
> Extended Validation (EV) Certificate. Accordingly, we do not express
> such an opinion. Had we performed additional procedures, other matters
> might have come to our attention that would have been reported to you"
> with:
> "KPMG has assessed the architecture, operation and procedures on a
> sample approach although we have not assessed every configuration
> setting on technical devices."
> - The report from a new auditor covered the period: March, 9th 2017
> until June, 6th 2018, which is longer than 1 year.
>
>
> Kurt
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org

Re: Audit Reminder Email Summary

2018-08-22 Thread Kurt Roeckx via dev-security-policy 

On 2018-08-21 21:03, Kathleen Wilson wrote:

Mozilla: Overdue Audit Statements
Root Certificates:
    SwissSign Platinum CA - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null


Is this not properly marked in the database?

I found https://bugzilla.mozilla.org/show_bug.cgi?id=1374381, which 
seems to be related to it, and was closed.


The linked audits there:
- For one claiming the period covering 2015: The statement does not 
state which period was covered.
- For one claiming the period covering 2016: The statement does not 
state which period was covered. A previous report from the auditor for 
that period stated that it was a point in time audit.
The changed report removed this sentence: "KPMG has performed a point in 
time audit. The reference date is 8 March 2017." and replaced
"We were not engaged to and did not conduct an examination, the object 
of which would be the expression of an opinion on the Application for 
Extended Validation (EV) Certificate. Accordingly, we do not express 
such an opinion. Had we performed additional procedures, other matters 
might have come to our attention that would have been reported to you"

with:
"KPMG has assessed the architecture, operation and procedures on a 
sample approach although we have not assessed every configuration 
setting on technical devices."
- The report from a new auditor covered the period: March, 9th 2017 
until June, 6th 2018, which is longer than 1 year.



Kurt
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-08-21 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of August 2018 Audit Reminder Emails
Date: Tue, 21 Aug 2018 19:00:10 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2333=pdf
Audit Statement Date: 2017-08-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

Audit Statement Date: 2017-09-09
BR Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

BR Audit Statement Date: 2017-09-09
EV Audit: 
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf

EV Audit Statement Date: 2017-09-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA
   Go Daddy Root Certificate Authority - G2
   Starfield Class 2 CA
   Starfield Root Certificate Authority - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2332=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2332=pdf
BR Audit Statement Date: 2017-08-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2332=pdf
EV Audit Statement Date: 2017-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2299=pdf
Audit Statement Date: 2017-07-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2300=pdf
BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be 
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158




Mozilla: Audit Reminder
Root Certificates:
   IdenTrust Commercial Root CA 1**
   IdenTrust Public Sector Root CA 1**
   DST Root CA X3**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2331=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2334=pdf
BR Audit Statement Date: 2017-09-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Izenpe.com
Standard Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

Audit Statement Date: 2017-07-25
BR Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

BR Audit Statement Date: 2017-07-25
EV Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

EV Audit Statement Date: 2017-07-25
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1
   OpenTrust Root CA G2
   Certplus Root CA G1
   Class 2 Primary CA
   OpenTrust Root CA G3
   Certplus Root CA G2
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2321=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2323=pdf
BR Audit Statement Date: 2017-08-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2322=pdf
EV Audit Statement Date: 2017-08-31
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   SwissSign Platinum CA - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Visa eCommerce Root
Standard Audit: http://enroll.visaca.com/WTCA%20eComm.pdf
Audit Statement Date: 2017-07-26
BR Audit: http://enroll.visaca.com/WTBR%20eComm.pdf
BR Audit Statement Date: 2017-07-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SSL.com EV Root Certification Authority ECC
   SSL.com Root Certification Authority ECC
   SSL.com Root Certification Authority RSA
   SSL.com EV Root Certification Authority RSA R2
Standard Audit: 
https://www.ssl.com/app/uploads/2017/07/SSL-COM-WTCA-Indp-Accountant-Report-and-Mgmt-Assertion-FINAL-2017.pdf

Audit Statement Date: 2017-07-27
BR Audit:

Re: Audit Reminder Email Summary

2018-07-17 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of July 2018 Audit Reminder Emails
Date: Tue, 17 Jul 2018 19:00:10 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: 
https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf

Audit Statement Date: 2017-07-24
BR Audit: 
https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf

BR Audit Statement Date: 2017-07-24
EV Audit: 
https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf

EV Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Atos TrustedRoot 2011
Standard Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65%5Baction%5D=downloadDocument=f4c93332780df1788265

Audit Statement Date: 2017-06-14
BR Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65%5Baction%5D=downloadDocument=f4c93332780df1788265

BR Audit Statement Date: 2017-06-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://cert.webtrust.org/SealFile?seal=2283=pdf
Audit Statement Date: 2017-07-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2284=pdf
BR Audit Statement Date: 2017-07-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2285=pdf
EV Audit Statement Date: 2017-07-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2333=pdf
Audit Statement Date: 2017-08-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
Standard Audit: 
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169

Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   UTN-USERFirst-Client Authentication and Email
   USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2270=pdf
Audit Statement Date: 2017-06-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2274=pdf
BR Audit Statement Date: 2017-06-02
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2272=pdf
EV Audit Statement Date: 2017-06-02
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign
   GlobalSign
   GlobalSign Root CA
   GlobalSign Extended Validation CA - SHA256 - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2287=pdf
Audit Statement Date: 2017-07-26
BR Audit: https://cert.webtrust.org/SealFile?seal=2338=pdf
BR Audit Statement Date: 2017-09-22
EV Audit: https://cert.webtrust.org/SealFile?seal=2288=pdf
EV Audit Statement Date: 2017-07-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2299=pdf
Audit Statement Date: 2017-07-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2300=pdf
BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be 
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158




Mozilla: Audit Reminder
Root Certificates:
   Izenpe.com
Standard Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

Audit Statement Date: 2017-07-25
BR Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

BR Audit Statement Date: 2017-07-25
EV Audit: 
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf

EV Audit Statement Date: 2017-07-25
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1
   OpenTrust Root CA G2
   Certplus Root CA G1
   Class 2 Primary CA
   OpenTrust Root CA G3
   Certplus Root CA G2
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
EV Audit Statement Date: 2017-07-24
CA Comments: null

Re: Audit Reminder Email Summary

2018-06-19 Thread Kurt Roeckx via dev-security-policy 
On Tue, Jun 19, 2018 at 01:59:26PM -0700, Kathleen Wilson via 
dev-security-policy wrote:
> 
> Mozilla: Audit Reminder
> Root Certificates:
>SwissSign Platinum CA - G2
>SwissSign Silver CA - G2
> Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> Audit Statement Date: 2017-03-30
> BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> BR Audit Statement Date: 2017-03-30
> CA Comments: null

This was a point in time audit on 2017-03-08. They should have a
new report by now.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-06-19 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of June 2018 Audit Reminder Emails
Date: Tue, 19 Jun 2018 19:00:17 + (GMT)


Mozilla: Audit Reminder
Root Certificates:
   Atos TrustedRoot 2011
Standard Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65%5Baction%5D=downloadDocument=f4c93332780df1788265

Audit Statement Date: 2017-06-14
BR Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65%5Baction%5D=downloadDocument=f4c93332780df1788265

BR Audit Statement Date: 2017-06-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://cert.webtrust.org/SealFile?seal=2283=pdf
Audit Statement Date: 2017-07-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2284=pdf
BR Audit Statement Date: 2017-07-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2285=pdf
EV Audit Statement Date: 2017-07-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   UTN-USERFirst-Client Authentication and Email
   USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2270=pdf
Audit Statement Date: 2017-06-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2274=pdf
BR Audit Statement Date: 2017-06-02
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2272=pdf
EV Audit Statement Date: 2017-06-02
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ComSign CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1368471.bmoattachments.org/attachment.cgi?id=8872330

Audit Statement Date: 2017-04-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2252=pdf
Audit Statement Date: 2017-05-24
BR Audit: https://cert.webtrust.org/SealFile?seal=2253=pdf
BR Audit Statement Date: 2017-05-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hellenic Academic and Research Institutions RootCA 2011
   Hellenic Academic and Research Institutions ECC RootCA 2015
   Hellenic Academic and Research Institutions RootCA 2015
Standard Audit: 
https://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7.pdf

Audit Statement Date: 2017-06-29
BR Audit: 
https://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7.pdf

BR Audit Statement Date: 2017-06-29
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Sonera Class2 CA
   TeliaSonera Root CA v1
Standard Audit: 
https://support.partnergate.sonera.com/download/CA/WebTrust-Audit-Report-2017-06-30.pdf

Audit Statement Date: 2017-06-30
BR Audit: 
https://support.partnergate.sonera.com/download/CA/WebTrust-BR-Audit-Report-2017-06-30.pdf

BR Audit Statement Date: 2017-06-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Deutsche Telekom Root CA 2
   T-TeleSec GlobalRoot Class 2
   T-TeleSec GlobalRoot Class 3
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/Browser_Audit_Attestation_2017_V2.2_s.pdf

Audit Statement Date: 2017-06-30
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6760UE_s.pdf

BR Audit Statement Date: 2017-07-31
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf

BR Audit Statement Date: 2017-07-31
EV Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf

EV Audit Statement Date: 2017-07-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certum Trusted Network CA 2
   Certum CA
   Certum Trusted Network CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2301=pdf
Audit Statement Date: 2017-07-05
BR Audit: https://cert.webtrust.org/SealFile?seal=2298=pdf
BR Audit Statement Date: 2017-08-05
EV Audit: https://cert.webtrust.org/SealFile?seal=2296=pdf
EV Audit Statement Date: 2017-07-05
CA Comments: null




___

Re: Audit Reminder Email Summary

2018-05-15 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of May 2018 Audit Reminder Emails
Date: Tue, 15 May 2018 19:00:06 + (GMT)


Mozilla: Audit Reminder
Root Certificates:
   GDCA TrustAUTH R5 ROOT**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2231=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233=pdf
EV Audit Statement Date: 2017-04-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   UTN-USERFirst-Client Authentication and Email
   USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2270=pdf
Audit Statement Date: 2017-06-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2274=pdf
BR Audit Statement Date: 2017-06-02
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2272=pdf
EV Audit Statement Date: 2017-06-02
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ComSign CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1368471.bmoattachments.org/attachment.cgi?id=8872330

Audit Statement Date: 2017-04-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SecureSign RootCA11
Standard Audit: https://cert.webtrust.org/SealFile?seal=2251=pdf
Audit Statement Date: 2017-05-10
BR Audit: https://bug1369520.bmoattachments.org/attachment.cgi?id=8873589
BR Audit Statement Date: 2017-05-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Entrust Root Certification Authority - EC1
   Entrust Root Certification Authority - G2
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
   Entrust Root Certification Authority
   Entrust.net Certification Authority (2048)
Standard Audit: https://cert.webtrust.org/SealFile?seal=2248=pdf
Audit Statement Date: 2017-05-17
Standard Audit: 
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-WebTrust-for-CA.pdf

Audit Statement Date: 2017-06-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2248=pdf
BR Audit Statement Date: 2017-05-17
BR Audit: 
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-SSL-Baseline-Requirements..pdf

BR Audit Statement Date: 2017-06-12
EV Audit: https://cert.webtrust.org/SealFile?seal=2248=pdf
EV Audit Statement Date: 2017-05-17
EV Audit: 
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-WebTrust-for-EV-SSL.pdf

EV Audit Statement Date: 2017-06-12
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2252=pdf
Audit Statement Date: 2017-05-24
BR Audit: https://cert.webtrust.org/SealFile?seal=2253=pdf
BR Audit Statement Date: 2017-05-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399

Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1360184#c10




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-04-23 Thread Kathleen Wilson via dev-security-policy 
Here's the summary of the audit reminder email that was sent last 
Tuesday, while I was on Spring Break.


Kathleen

 Forwarded Message 
Subject:Summary of April 2018 Audit Reminder Emails
Date:   Tue, 17 Apr 2018 19:00:32 + (GMT)
From:   Mozilla CA Program Manager 
To: kwil...@mozilla.com 


Mozilla: Audit Reminder
Root Certificates:
   GDCA TrustAUTH R5 ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2231=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233=pdf
EV Audit Statement Date: 2017-04-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SZAFIR ROOT CA2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2239=pdf
Audit Statement Date: 2017-04-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2239=pdf
BR Audit Statement Date: 2017-04-12
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ComSign CA
Standard Audit: 
https://bug1368471.bmoattachments.org/attachment.cgi?id=8872330

Audit Statement Date: 2017-04-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SecureSign RootCA11
Standard Audit: https://cert.webtrust.org/SealFile?seal=2251=pdf
Audit Statement Date: 2017-05-10
BR Audit: https://bug1369520.bmoattachments.org/attachment.cgi?id=8873589
BR Audit Statement Date: 2017-05-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Baltimore CyberTrust Root
   Cybertrust Global Root
   DigiCert Assured ID Root CA
   DigiCert Assured ID Root G2
   DigiCert Assured ID Root G3
   DigiCert High Assurance EV Root CA
   DigiCert Trusted Root G4
Standard Audit: https://cert.webtrust.org/SealFile?seal=2228=pdf
Audit Statement Date: 2017-04-13
BR Audit: https://cert.webtrust.org/SealFile?seal=2229=pdf
BR Audit Statement Date: 2017-04-13
EV Audit: https://cert.webtrust.org/SealFile?seal=2230=pdf
EV Audit Statement Date: 2017-04-13
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399

Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Amazon Root CA 3**
   Amazon Root CA 2**
   Starfield Services Root Certificate Authority - G2**
   Amazon Root CA 1**
   Amazon Root CA 4**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2217=pdf
Audit Statement Date: 2017-03-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2218=pdf
BR Audit Statement Date: 2017-03-28
EV Audit: https://cert.webtrust.org/SealFile?seal=2219=pdf
EV Audit Statement Date: 2017-03-28
CA Comments: null





___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-03-20 Thread Weitsong Lin via dev-security-policy 
TWCA have been updated the CAADB.
Do we have to open the bug to update audit report status?

Thanks,
Robin Lin

Kathleen Wilson於 2018年3月21日星期三 UTC+8上午7時30分51秒寫道:
> On 3/20/18 12:43 PM, Kurt Roeckx wrote:
> > On Tue, Mar 20, 2018 at 12:07:54PM -0700, Kathleen Wilson via 
> > dev-security-policy wrote:
> >> Mozilla: Audit Reminder
> >> Root Certificates:
> >> Class 2 Primary CA
> >> Standard Audit:
> >> https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> >> Audit Statement Date: 2017-01-14
> >> BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> >> BR Audit Statement Date: 2017-01-14
> >> EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> >> EV Audit Statement Date: 2017-01-14
> >> CA Comments: null
> > 
> > The audit period was 2015-10-14 to 2016-10-14, we should already
> > have received a new audit statement.
> > 
> > 
> > Kurt
> > 
> 
> Bug filed: https://bugzilla.mozilla.org/show_bug.cgi?id=1447497
> 
> Thanks,
> Kathleen

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-03-20 Thread Kathleen Wilson via dev-security-policy 

On 3/20/18 12:43 PM, Kurt Roeckx wrote:

On Tue, Mar 20, 2018 at 12:07:54PM -0700, Kathleen Wilson via 
dev-security-policy wrote:

Mozilla: Audit Reminder
Root Certificates:
Class 2 Primary CA
Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
Audit Statement Date: 2017-01-14
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14
CA Comments: null


The audit period was 2015-10-14 to 2016-10-14, we should already
have received a new audit statement.


Kurt



Bug filed: https://bugzilla.mozilla.org/show_bug.cgi?id=1447497

Thanks,
Kathleen

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-03-20 Thread Kurt Roeckx via dev-security-policy 
On Tue, Mar 20, 2018 at 12:07:54PM -0700, Kathleen Wilson via 
dev-security-policy wrote:
> Mozilla: Audit Reminder
> Root Certificates:
>Class 2 Primary CA
> Standard Audit:
> https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> Audit Statement Date: 2017-01-14
> BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> BR Audit Statement Date: 2017-01-14
> EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> EV Audit Statement Date: 2017-01-14
> CA Comments: null

The audit period was 2015-10-14 to 2016-10-14, we should already
have received a new audit statement.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-03-20 Thread Kathleen Wilson via dev-security-policy 

 Forwarded Message 
Subject: Summary of March 2018 Audit Reminder Emails
Date: Tue, 20 Mar 2018 19:00:18 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   GDCA TrustAUTH R5 ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2231=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233=pdf
EV Audit Statement Date: 2017-04-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2239=pdf
Audit Statement Date: 2017-04-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2239=pdf
BR Audit Statement Date: 2017-04-12
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf

Audit Statement Date: 2017-02-08
BR Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf

BR Audit Statement Date: 2017-02-08
CA Comments: Previous audit statement date was same as audit period end 
date, Feb 8 2017. The 2018 audit period end date is Feb 7 2018, which 
means CertSign has until early May 2018 to provide their new audit 
statement.




Mozilla: Audit Reminder
Root Certificates:
   Baltimore CyberTrust Root
   Cybertrust Global Root
   DigiCert Assured ID Root CA
   DigiCert Assured ID Root G2
   DigiCert Assured ID Root G3
   DigiCert High Assurance EV Root CA
   DigiCert Trusted Root G4
Standard Audit: https://cert.webtrust.org/SealFile?seal=2228=pdf
Audit Statement Date: 2017-04-13
BR Audit: https://cert.webtrust.org/SealFile?seal=2229=pdf
BR Audit Statement Date: 2017-04-13
EV Audit: https://cert.webtrust.org/SealFile?seal=2230=pdf
EV Audit Statement Date: 2017-04-13
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hongkong Post Root CA 1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2208=pdf
Audit Statement Date: 2017-02-28
BR Audit: 
http://www.hongkongpost.gov.hk/product/cps/ecert/img/HKPCA_WebTrust_BR_2016-17.pdf

BR Audit Statement Date: 2017-02-28
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Class 2 Primary CA
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236

Audit Statement Date: 2017-01-14
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2223=pdf
Audit Statement Date: 2017-03-31
BR Audit: https://cert.webtrust.org/SealFile?seal==pdf
BR Audit Statement Date: 2017-03-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2221=pdf
EV Audit Statement Date: 2017-03-31
CA Comments: 
https://www.wisekey.com/investors_press-release/wisekey-sixwihn-signs-letter-of-intent-to-acquire-quovadis-consolidating-certification-authority-power-for-eidas-and-iot




Mozilla: Audit Reminder
Root Certificates:
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2197=pdf
Audit Statement Date: 2017-02-16
BR Audit: https://cert.webtrust.org/SealFile?seal=2195=pdf
BR Audit Statement Date: 2017-02-16
EV Audit: https://cert.webtrust.org/SealFile?seal=2196=pdf
EV Audit Statement Date: 2017-02-16
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399

Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8828490
Audit Statement Date: 2016-12-31
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6749UE_s.pdf

BR Audit Statement Date: 2016-12-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:

Re: Audit Reminder Email Summary

2018-02-20 Thread Kathleen Wilson via dev-security-policy 

Summary of audit statements that are due:

 Forwarded Message 
Subject: Summary of February 2018 Audit Reminder Emails
Date: Tue, 20 Feb 2018 20:00:05 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2193=pdf
Audit Statement Date: 2017-02-07
BR Audit: https://cert.webtrust.org/SealFile?seal=2194=pdf
BR Audit Statement Date: 2017-02-07
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Staat der Nederlanden EV Root CA
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden Root CA - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2204=pdf
Audit Statement Date: 2017-03-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2204=pdf
BR Audit Statement Date: 2017-03-03
EV Audit: https://cert.webtrust.org/SealFile?seal=2204=pdf
EV Audit Statement Date: 2017-03-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf

Audit Statement Date: 2017-02-08
BR Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf

BR Audit Statement Date: 2017-02-08
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Symantec Class 1 Public Primary Certification Authority - G4**
   Symantec Class 2 Public Primary Certification Authority - G4**
   Symantec Class 2 Public Primary Certification Authority - G6**
   VeriSign Class 1 Public Primary Certification Authority - G3**
   VeriSign Class 2 Public Primary Certification Authority - G3**
   VeriSign Class 3 Public Primary Certification Authority - G3**
   VeriSign Class 3 Public Primary Certification Authority - G4**
   VeriSign Class 3 Public Primary Certification Authority - G5**
   VeriSign Universal Root Certification Authority**
   Symantec Class 1 Public Primary Certification Authority - G6**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.symantec.com/content/en/us/about/media/repository/18_Symantec_STN_WTCA_period_end_11-30-2016.pdf

Audit Statement Date: 2017-02-28
BR Audit:
BR Audit Statement Date:
BR Audit: 
https://www.symantec.com/content/en/us/about/media/repository/21_Symantec_STN_WTBR_period_end_11-30-2016.pdf

BR Audit Statement Date: 2017-02-28
EV Audit:
EV Audit Statement Date:
EV Audit: 
https://www.symantec.com/content/en/us/about/media/repository/24_Symantec_STN_WTEV_period_end_11-30-2016.pdf

EV Audit Statement Date: 2017-02-28
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hongkong Post Root CA 1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2208=pdf
Audit Statement Date: 2017-02-28
BR Audit: 
http://www.hongkongpost.gov.hk/product/cps/ecert/img/HKPCA_WebTrust_BR_2016-17.pdf

BR Audit Statement Date: 2017-02-28
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Class 2 Primary CA
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236

Audit Statement Date: 2017-01-14
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2197=pdf
Audit Statement Date: 2017-02-16
BR Audit: https://cert.webtrust.org/SealFile?seal=2195=pdf
BR Audit Statement Date: 2017-02-16
EV Audit: https://cert.webtrust.org/SealFile?seal=2196=pdf
EV Audit Statement Date: 2017-02-16
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399

Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8828490
Audit Statement Date: 2016-12-31
BR Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6749UE_s.pdf

BR Audit Statement Date: 2016-12-31
CA Comments: null



___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-01-17 Thread Kathleen Wilson via dev-security-policy 

On 1/4/18 3:53 AM, Kurt Roeckx wrote:

On 2018-01-04 01:36, Kathleen Wilson wrote:


Mozilla: Audit Reminder
Root Certificates:
    AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null


The audit period of that is 2015-07-01 to 2016-04-30. They clearly 
overdue, instead of just a reminder.



Kurt



There are two root certs with
Certificate Issuer Common Name: AC Raíz Certicámara S.A.
Certificate Issuer Organization: Sociedad Cameral de Certificación 
Digital - Certicámara S.A.


One is included in Mozilla's program with only the Email trust bit 
enabled. The other is not yet included in Mozilla's program 
(https://bugzilla.mozilla.org/show_bug.cgi?id=1281002).


There had been a mistake in the way that the Audit Case was handled, so 
the root cert included in Mozilla's program had not been updated with 
the current audit statement.

https://cert.webtrust.org/SealFile?seal=2333=pdf

I have resolved this discrepency.

Thanks,
Kathleen
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-01-04 Thread Kurt Roeckx via dev-security-policy 

On 2018-01-04 01:36, Kathleen Wilson wrote:


Mozilla: Audit Reminder
Root Certificates:
    AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null


The audit period of that is 2015-07-01 to 2016-04-30. They clearly 
overdue, instead of just a reminder.



Kurt
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2018-01-03 Thread Kathleen Wilson via dev-security-policy 

Wishing all of you a happy 2018!

Below is the summary of the audit reminder email that was automatically 
sent by the CCADB in December.


PS: I am back at work as of today, but I will appreciate your patience 
while to catch up on my email inbox. If there is anything urgent, you 
might want to prepend URGENT to the subject and re-send to me.



 Forwarded Message 
Subject: Summary of December 2017 Audit Reminder Emails
Date: Tue, 19 Dec 2017 20:00:20 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   TrustCor RootCert CA-2
   TrustCor RootCert CA-1
   TrustCor ECA-1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2169=pdf
Audit Statement Date: 2016-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=2163=pdf
BR Audit Statement Date: 2016-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
Audit Statement Date: 2016-11-25
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
BR Audit Statement Date: 2016-11-25
CA Comments: null



Mozilla: Your root is in danger of being removed
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1412950 
Misunderstanding when switching from WebTrust to eIDAS/ETSI audit - 
resulted in point-in-time audit that Mozilla has not accepted. On 
October 31 CA requested 90 days to get period-of-time audits.




Mozilla: Audit Reminder
Root Certificates:
   CA Disig Root R2
Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   D-TRUST Root CA 3 2013**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6768UE_s.pdf

Audit Statement Date: 2016-11-21
BR Audit:
BR Audit Statement Date:
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit: 
https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839

Audit Statement Date: 2016-12-19
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
BR Audit Statement Date: 2016-12-19
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   OpenTrust Root CA G1**
   OpenTrust Root CA G2**
   Certplus Root CA G1**
   Class 2 Primary CA
   OpenTrust Root CA G3**
   Certplus Root CA G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476

Audit Statement Date: 2016-08-19
Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236

Audit Statement Date: 2017-01-14
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did 
not find reference to "Class 2 Primary CA" in the 2016 audit statements. 
Update: Audit of Class 2 Primary CA completed mid-October. Waiting for 
auditor to write attestation letter.




Mozilla: Audit Reminder
Root Certificates:
   Secure Global CA
   SecureTrust CA
   XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2138=pdf
Audit Statement Date: 2016-11-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2139=pdf
BR Audit Statement Date: 2016-11-18
EV Audit: https://cert.webtrust.org/SealFile?seal=2140=pdf
EV Audit Statement Date: 2016-11-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5
Standard Audit:

Re: Audit Reminder Email Summary

2017-11-21 Thread Kathleen Wilson via dev-security-policy 
Note to CAs: The indicator that an Audit Case is under review for 
particular root certs will only be added if there has been a 
corresponding Audit Root Case created for that particular root cert. If 
you have only created the Audit Case (and not the Audit Root Cases), 
that will not be indicated below.


http://ccadb.org/cas/updates
"CAs will create a single Audit Case for a particular set of audits 
(e.g. WebTrust CA, WebTrust BR, and WebTrust EV). Then the CA will 
create a set of corresponding Root Cases, one per root, to tell the 
CCADB which Root Certificate records the audit statements in that Audit 
Case apply to."



 Forwarded Message 
Subject: Summary of November 2017 Audit Reminder Emails
Date: Tue, 21 Nov 2017 20:00:14 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
Audit Statement Date: 2016-11-25
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
BR Audit Statement Date: 2016-11-25
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1412950 
Misunderstanding when switching from WebTrust to eIDAS/ETSI audit - 
resulted in point-in-time audit that Mozilla has not accepted. On 
October 31 CA requested 90 days to get period-of-time audits.




Mozilla: Audit Reminder
Root Certificates:
   CA Disig Root R1
   CA Disig Root R2
Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   D-TRUST Root CA 3 2013
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6768UE_s.pdf

Audit Statement Date: 2016-11-21
BR Audit:
BR Audit Statement Date:
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit: 
https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839

Audit Statement Date: 2016-12-19
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
BR Audit Statement Date: 2016-12-19
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   NetLock Arany (Class Gold) F?tanúsítvány**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
Audit Statement Date: 2016-10-20
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
BR Audit Statement Date: 2016-10-20
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1**
   OpenTrust Root CA G2**
   Certplus Root CA G1**
   OpenTrust Root CA G3**
   Certplus Root CA G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476

Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did 
not find reference to "Class 2 Primary CA" in the 2016 audit statements. 
Update: Audit of Class 2 Primary CA completed mid-October. Waiting for 
auditor to write attestation letter.




Mozilla: Audit Reminder
Root Certificates:
   Secure Global CA
   SecureTrust CA
   XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2138=pdf
Audit Statement Date: 2016-11-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2139=pdf
BR Audit Statement Date: 2016-11-18
EV Audit: https://cert.webtrust.org/SealFile?seal=2140=pdf
EV Audit Statement Date: 2016-11-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Visa eCommerce Root**

** Audit Case in the Common CA Database is under review for this root 
certificate.


Standard Audit: 
https://bug1301210.bmoattachments.org/attachment.cgi?id=8789076

Audit Statement Date: 2016-08-23
BR Audit:

Re: Audit Reminder Email Summary

2017-10-17 Thread Kathleen Wilson via dev-security-policy 
On Tuesday, October 17, 2017 at 2:44:11 PM UTC-7, Kathleen Wilson wrote:
> A lot of the delay this time is in regards to our new 
> Audit Case process. 
> We'll work to get this cleared up this month.


To those of you CAs who have correctly followed the instructions for providing 
your annual updates -- THANK YOU!!!
Many of you have done this successfully without any problems.


To the rest of the CAs, Please help us out here, by reading and following the 
instructions. 

http://ccadb.org/cas/updates

"The process for submitting an annual update is as follows: CAs will create a 
single Audit Case for a particular set of audits (e.g. WebTrust CA, WebTrust 
BR, and WebTrust EV). Then the CA will create a set of corresponding Root 
Cases, one per root, to tell the CCADB which Root Certificate records the audit 
statements in that Audit Case apply to."

We've had CAs file multiple Audit Cases for the same audit statements, with 
different information. Please don't do that. You only need to file one Audit 
Case for each set of audit statements. If you are unsure, please just create 
one Audit Case and then send email to me and Aaron so we can help you out.

Some CAs do not create the corresponding Root Cases to indicate which root 
certs were in scope of the audits and to provide the 3 test websites that are 
required by the BRs.

Many of the CAs unfortunately have not tested their 3 test websites to ensure 
that the TLS certs chain up to those root certs and have the correct results.

All of this is described in 
http://ccadb.org/cas/updates

We continue to work to improve the interface to make it more obvious what you 
need to do. But in the meantime please carefully read and follow the 
instructions.

Thanks,
Kathleen


___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2017-10-17 Thread Kathleen Wilson via dev-security-policy 
A lot of the delay this time is in regards to our new Audit Case process. We'll 
work to get this cleared up this month.

 Forwarded Message 
Subject: Summary of October 2017 Audit Reminder Emails
Date: Tue, 17 Oct 2017 19:00:06 + (GMT)

Mozilla: Overdue Audit Statements
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   CA Disig Root R1
   CA Disig Root R2
Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   Chambers of Commerce Root**
   Chambers of Commerce Root - 2008**
   Global Chambersign Root**
   Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2277=pdf
Audit Statement Date: 2016-11-04
BR Audit: https://cert.webtrust.org/SealFile?seal=2278=pdf
BR Audit Statement Date: 2016-11-04
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA**
   Go Daddy Root Certificate Authority - G2**
   Starfield Class 2 CA**
   Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   IdenTrust Commercial Root CA 1**
   IdenTrust Public Sector Root CA 1**
   DST ACES CA X6**
   DST Root CA X3**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2107=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106=pdf
BR Audit Statement Date: 2016-08-19
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   NetLock Arany (Class Gold) F?tanúsítvány
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
Audit Statement Date: 2016-10-20
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
BR Audit Statement Date: 2016-10-20
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1**
   OpenTrust Root CA G2**
   Certplus Root CA G1**
   OpenTrust Root CA G3**
   Certplus Root CA G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did not find 
reference to "Class 2 Primary CA" in the 2016 audit statements. Update: Audit 
of Class 2 Primary CA completed mid-October. Waiting for auditor to write 
attestation letter.



Mozilla: Audit Reminder
Root Certificates:
   Security Communication EV RootCA1
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
Audit Statement Date: 2016-08-22
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
BR Audit Statement Date: 2016-08-22
EV Audit:

Re: Audit Reminder Email Summary

2017-09-20 Thread Kathleen Wilson via dev-security-policy 
On Wednesday, September 20, 2017 at 6:34:04 AM UTC-7, Kurt Roeckx wrote:
> On 2017-09-20 01:09, Kathleen Wilson wrote:
> >  Forwarded Message 
> > Subject: Summary of September 2017 Audit Reminder Emails
> > Date: Tue, 19 Sep 2017 19:00:08 + (GMT)
> > 
> > Mozilla: Overdue Audit Statements
> > Root Certificates:
> > Autoridad de Certificacion Firmaprofesional CIF A62634068
> > Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
> > Audit Statement Date: 2016-04-11
> > BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
> > BR Audit Statement Date: 2016-08-05
> > EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
> > EV Audit Statement Date: 2016-08-05
> > CA Comments: BR and EV audits have happened, but there are action plans 
> > being presented to the auditors. Primary issues are use of UTF8 instead of 
> > PrintableString in jurisdictionOfIncorporation, and a recently repealed 
> > Spanish law that required privat
> 
> Does that mean the standard audit did not happen? The currently linked 
> one covered the period 2015-03-10 to 2016-03-09. The next period of 1 
> year is now over for more than 6 months.
> 
> If the audits happened, why don't we have the audit statement yet?
> 

I'll contact the CA, and ask them to respond.

I noticed that for the audit reminders the program was sending to the email 
alias only, so I've asked my Salesforce consultant to make sure the Primary 
POC(s) are always in the 'To' list for the emails. However, it is the CA's 
responsibility to provide their updated audit statements, so not receiving the 
audit reminder email does not excuse them.


> > Mozilla: Audit Reminder
> > Root Certificates:
> > Chambers of Commerce Root
> > Chambers of Commerce Root - 2008
> > Global Chambersign Root
> > Global Chambersign Root - 2008
> > Standard Audit: 
> > https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
> > Audit Statement Date: 2016-06-17
> > BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
> > BR Audit Statement Date: 2016-08-05
> > EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
> > EV Audit Statement Date: 2016-08-05
> > CA Comments: null
> 
> The standard audit was for the period of 2015-04-14 to 2016-04-13, and 
> so are also late with their audit.

I'll contact the CA...


> 
> > Mozilla: Audit Reminder
> > Root Certificates:
> > GlobalSign ECC Root CA - R5
> > Standard Audit: https://cert.webtrust.org/SealFile?seal=2287=pdf
> > Audit Statement Date: 2017-07-26
> > BR Audit: https://bug1388488.bmoattachments.org/attachment.cgi?id=8895040
> > BR Audit Statement Date: 2017-07-26
> > EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
> > EV Audit Statement Date: 2016-06-10
> > CA Comments: null
> 
> The EV period was from 2015-04-01 to 2013-03-31. The others are new, 
> maybe forgot to update something?


Bug in CCADB. I am waiting for my Salesforce consultant to confirm that she has 
replicated the bug in Sandbox, and then I will fix the data in Production.


> 
> > Mozilla: Audit Reminder
> > Root Certificates:
> > Certum Trusted Network CA 2**
> > Certum Trusted Network CA**
> > 
> > ** Audit Case in the Common CA Database is under review for this root 
> > certificate.
> > 
> > Standard Audit: https://cert.webtrust.org/SealFile?seal=2064=pdf
> > Audit Statement Date: 2016-06-10
> > BR Audit: https://cert.webtrust.org/SealFile?seal=2066=pdf
> > BR Audit Statement Date: 2016-06-10
> > EV Audit: https://cert.webtrust.org/SealFile?seal=2065=pdf
> > EV Audit Statement Date: 2016-06-10
> > CA Comments: null
> 

As noted by the '**' we have received the updated audit statements, and are 
working with the CA on their Audit Case. Since the Audit Case is a new process, 
there is a learning curve for most CAs. 


Kathleen

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2017-09-19 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of September 2017 Audit Reminder Emails
Date: Tue, 19 Sep 2017 19:00:08 + (GMT)

Mozilla: Overdue Audit Statements
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120=pdf
Audit Statement Date: 2016-09-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
Audit Statement Date: 2016-08-23
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
BR Audit Statement Date: 2016-08-23
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
Audit Statement Date: 2016-09-09
BR Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
BR Audit Statement Date: 2016-09-09
EV Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
EV Audit Statement Date: 2016-09-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R5
Standard Audit: https://cert.webtrust.org/SealFile?seal=2287=pdf
Audit Statement Date: 2017-07-26
BR Audit: https://bug1388488.bmoattachments.org/attachment.cgi?id=8895040
BR Audit Statement Date: 2017-07-26
EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA**
   Go Daddy Root Certificate Authority - G2**
   Starfield Class 2 CA**
   Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST ACES CA X6
   DST Root CA X3
Standard Audit: https://cert.webtrust.org/SealFile?seal=2107=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106=pdf
BR Audit Statement Date: 2016-08-19
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1
   OpenTrust Root CA G2
   Certplus Root CA G1
   OpenTrust Root CA G3
   Certplus Root CA G2
Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   PSCProcert
Standard Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
Audit Statement Date: 2016-08-02
BR Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
BR Audit Statement Date: 2016-08-02
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Security Communication EV RootCA1
   SECOM Trust.net - Security Communication RootCA1
   Security Communication RootCA2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
Audit Statement Date: 2016-08-22
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
BR Audit Statement Date: 2016-08-22
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235

Re: Audit Reminder Email Summary

2017-08-15 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of August 2017 Audit Reminder Emails
Date: Tue, 15 Aug 2017 19:00:07 + (GMT)

Mozilla: Overdue Audit Statements
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certinomis - Root CA
   Certinomis - Autorité Racine
Standard Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
Audit Statement Date: 2016-08-23
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
BR Audit Statement Date: 2016-08-23
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2115=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://cert.webtrust.org/SealFile?seal=2116=pdf
BR Audit Statement Date: 2016-06-30
EV Audit: https://cert.webtrust.org/SealFile?seal=2093=pdf
EV Audit Statement Date: 2016-06-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   E-Tugra Certification Authority
Standard Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
Audit Statement Date: 2016-09-09
BR Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
BR Audit Statement Date: 2016-09-09
EV Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
EV Audit Statement Date: 2016-09-09
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R5**
   GlobalSign Root CA - R3**
   GlobalSign Root CA**
   GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being 
treated as root during transition**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2056=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Go Daddy Class 2 CA
   Go Daddy Root Certificate Authority - G2
   Starfield Class 2 CA
   Starfield Root Certificate Authority - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2170=pdf
Audit Statement Date: 2016-08-17
BR Audit: https://cert.webtrust.org/SealFile?seal=2171=pdf
BR Audit Statement Date: 2016-08-17
CA Comments: Per CA request, Root CA Generalitat Valenciana will be removed via 
https://bugzilla.mozilla.org/show_bug.cgi?id=1272158



Mozilla: Audit Reminder
Root Certificates:
   IdenTrust Commercial Root CA 1
   IdenTrust Public Sector Root CA 1
   DST ACES CA X6
   DST Root CA X3
Standard Audit: https://cert.webtrust.org/SealFile?seal=2107=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106=pdf
BR Audit Statement Date: 2016-08-19
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   OpenTrust Root CA G1
   OpenTrust Root CA G2
   Certplus Root CA G1
   OpenTrust Root CA G3
   Certplus Root CA G2
Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19
CA Comments:

Re: Audit Reminder Email Summary

2017-07-18 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of July 2017 Audit Reminder Emails
Date:   Tue, 18 Jul 2017 19:00:05 + (GMT)


Mozilla: Audit Reminder
Root Certificates:
   LuxTrust Global Root 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
Audit Statement Date: 2016-07-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
BR Audit Statement Date: 2016-07-26
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
EV Audit Statement Date: 2016-07-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Atos TrustedRoot 2011
Standard Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d%5Baction%5D=downloadDocument=9653a97e7fec91c2194d
Audit Statement Date: 2016-07-11
BR Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d%5Baction%5D=downloadDocument=9653a97e7fec91c2194d
BR Audit Statement Date: 2016-07-11
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority**
   USERTrust ECC Certification Authority**
   AAA Certificate Services**
   AddTrust External CA Root**
   COMODO Certification Authority**
   COMODO ECC Certification Authority**
   UTN-USERFirst-Client Authentication and Email**
   USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root 
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2058=pdf
Audit Statement Date: 2016-06-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2060=pdf
BR Audit Statement Date: 2016-06-03
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2059=pdf
EV Audit Statement Date: 2016-06-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EC-ACC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2043=pdf
Audit Statement Date: 2016-05-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815404
BR Audit Statement Date: 2016-05-30
CA Comments: Per CA: ETSI-EIDAS audits to be released by the 1st of June 2017.



Mozilla: Audit Reminder
Root Certificates:
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2115=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://cert.webtrust.org/SealFile?seal=2116=pdf
BR Audit Statement Date: 2016-06-30
EV Audit: https://cert.webtrust.org/SealFile?seal=2093=pdf
EV Audit Statement Date: 2016-06-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R5
   GlobalSign Root CA - R3
   GlobalSign Root CA
   GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being 
treated as root during transition
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2050=pdf
Audit Statement Date: 2016-06-29
BR Audit: https://cert.webtrust.org/SealFile?seal=2051=pdf
BR Audit Statement Date: 2016-06-29
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hellenic Academic and Research Institutions ECC RootCA 2015
   Hellenic Academic and Research Institutions RootCA 2015

Re: Audit Reminder Email Summary

2017-06-20 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of June 2017 Audit Reminder Emails
Date: Tue, 20 Jun 2017 19:00:06 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   Atos TrustedRoot 2011
Standard Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d%5Baction%5D=downloadDocument=9653a97e7fec91c2194d
Audit Statement Date: 2016-07-11
BR Audit: 
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d%5Baction%5D=downloadDocument=9653a97e7fec91c2194d
BR Audit Statement Date: 2016-07-11
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   Chambers of Commerce Root
   Chambers of Commerce Root - 2008
   Global Chambersign Root
   Global Chambersign Root - 2008
Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   AddTrust Public CA Root
   AddTrust Qualified CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   Secure Certificate Services
   Trusted Certificate Services
   UTN-USERFirst-Client Authentication and Email
   UTN-USERFirst-Hardware
   UTN-USERFirst-Object
   USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2058=pdf
Audit Statement Date: 2016-06-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2060=pdf
BR Audit Statement Date: 2016-06-03
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2059=pdf
EV Audit Statement Date: 2016-06-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EC-ACC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2043=pdf
Audit Statement Date: 2016-05-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815404
BR Audit Statement Date: 2016-05-30
CA Comments: Per CA: ETSI-EIDAS audits to be released by the 1st of June 2017.



Mozilla: Audit Reminder
Root Certificates:
   AffirmTrust Commercial
   AffirmTrust Networking
   AffirmTrust Premium
   AffirmTrust Premium ECC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2115=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://cert.webtrust.org/SealFile?seal=2116=pdf
BR Audit Statement Date: 2016-06-30
EV Audit: https://cert.webtrust.org/SealFile?seal=2093=pdf
EV Audit Statement Date: 2016-06-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R5
   GlobalSign Root CA - R3
   GlobalSign Root CA
   GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being 
treated as root during transition
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2050=pdf
Audit Statement Date: 2016-06-29
BR Audit: https://cert.webtrust.org/SealFile?seal=2051=pdf
BR Audit Statement Date: 2016-06-29
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hellenic Academic and Research Institutions RootCA 2011
   Hellenic Academic and Research Institutions ECC RootCA 2015
   Hellenic Academic and Research Institutions RootCA 2015
Standard Audit: 
http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
Audit Statement Date: 2016-07-08
BR Audit: 
http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
BR Audit Statement Date: 2016-07-08
CA

Re: Audit Reminder Email Summary

2017-05-16 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of May 2017 Audit Reminder Emails
Date: Tue, 16 May 2017 19:00:29 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   COMODO RSA Certification Authority
   USERTrust ECC Certification Authority
   AAA Certificate Services
   AddTrust Class 1 CA Root
   AddTrust External CA Root
   AddTrust Public CA Root
   AddTrust Qualified CA Root
   COMODO Certification Authority
   COMODO ECC Certification Authority
   Secure Certificate Services
   Trusted Certificate Services
   UTN-USERFirst-Client Authentication and Email
   UTN-USERFirst-Hardware
   UTN-USERFirst-Object
   USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2058=pdf
Audit Statement Date: 2016-06-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2060=pdf
BR Audit Statement Date: 2016-06-03
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2059=pdf
EV Audit Statement Date: 2016-06-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ComSign CA
   ComSign Secured CA
Standard Audit: https://bug1269275.bmoattachments.org/attachment.cgi?id=8778667
Audit Statement Date: 2016-04-26
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EC-ACC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2043=pdf
Audit Statement Date: 2016-05-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815404
BR Audit Statement Date: 2016-05-30
CA Comments: Per CA: ETSI-EIDAS audits to be released by the 1st of June 2017.



Mozilla: Audit Reminder
Root Certificates:
   S-TRUST Universal Root CA
   TC TrustCenter Class 3 CA II
Standard Audit: 
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6778UE_s.pdf
Audit Statement Date: 2016-05-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Entrust Root Certification Authority - EC1
   Entrust Root Certification Authority - G2
   Entrust Root Certification Authority
   Entrust.net Certification Authority (2048)
Standard Audit: https://cert.webtrust.org/SealFile?seal=328=pdf
Audit Statement Date: 2016-05-18
BR Audit: 
https://www.entrust.com/wp-content/uploads/2016/06/2104-01-WebTrust-for-CA-SSL-Baseline-with-Network-Security-Report-002.pdf
BR Audit Statement Date: 2016-05-18
EV Audit: https://cert.webtrust.org/SealFile?seal=328=pdf
EV Audit Statement Date: 2016-05-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R5
   GlobalSign Root CA - R3
   GlobalSign Root CA
   GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being 
treated as root during transition
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GeoTrust Global CA 2
Standard Audit: 
https://www.symantec.com/content/en/us/about/media/repository/3_symantec_geotrust_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13
BR Audit: 
https://www.symantec.com/content/en/us/about/media/repository/6_symantec_geotrust_wtbr_6-15-2016.pdf
BR Audit Statement Date: 2016-05-13
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
BR Audit Statement Date: 2016-02-03
CA Comments: 2017 audit submitted via CCADB Audit Case is under review



Mozilla: Audit Reminder
Root Certificates:
   Certum Trusted Network CA 2
   Certum CA
   Certum Trusted Network CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2064=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2066=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2065=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   FNMT-RCM - SHA256
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8766584
Audit Statement Date: 2016-05-18
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8766583
BR Audit Statement Date: 2016-05-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   GlobalSign ECC Root CA - R4
   GlobalSign

Re: Audit Reminder Email Summary

2017-03-21 Thread Kathleen Wilson via dev-security-policy 
Here's a summary of the audit reminder email that was sent today.

Note that the email now tells CAs to provide their annual updates via the 
Common CA Database, as follows.

"Please provide your annual updates via the Common CA Database (CCADB), as 
described here:
https://wiki.mozilla.org/CA:CommonCADatabase#Updating_Audit_Information
"

Also note that for root certificates with the Websites trust bit enabled, the 
annual updates must include:
1) Current audit statements
2) Update CP/CPS documents*
3) Test websites (valid, revoked, expired)**

* Section 2 of the BRs: The CA SHALL develop, implement, enforce, and *annually 
update* a Certificate Policy and/or Certification Practice Statement that 
describes in detail how the CA implements the latest version of these 
Requirements.

** Section 2.2 of the BRs: The CA SHALL host test Web pages that allow 
Application Software Suppliers to test their software with Subscriber 
Certificates that chain up to each publicly trusted Root Certificate. At a 
minimum, the *CA SHALL host separate Web pages using Subscriber Certificates 
that are (i) valid, (ii) revoked, and (iii) expired.*


 Forwarded Message 
Subject:Summary of March 2017 Audit Reminder Emails
Date:   Tue, 21 Mar 2017 19:03:58 + (GMT)
From:   Mozilla CA Program Manager


Mozilla: Audit Reminder
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2018=pdf
Audit Statement Date: 2016-03-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2018=pdf
BR Audit Statement Date: 2016-03-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being 
presented to the auditors. Primary issues are use of UTF8 instead of 
PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish 
law that required privat



Mozilla: Audit Reminder
Root Certificates:
   Buypass Class 2 Root CA
   Buypass Class 3 Root CA
Standard Audit: 
http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
Audit Statement Date: 2016-03-23
BR Audit: 
http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
BR Audit Statement Date: 2016-03-23
EV Audit: 
http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
EV Audit Statement Date: 2016-03-23
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Cybertrust Global Root
   DigiCert Assured ID Root G2
   DigiCert Assured ID Root G3
   DigiCert Global Root G2
   DigiCert Global Root G3
   DigiCert High Assurance EV Root CA
   DigiCert Trusted Root G4
Standard Audit: https://cert.webtrust.org/SealFile?seal=2165=pdf
Audit Statement Date: 2016-10-24
Standard Audit: https://cert.webtrust.org/SealFile?seal=2020=pdf
Audit Statement Date: 2016-06-27
BR Audit: https://cert.webtrust.org/SealFile?seal=2016=pdf
BR Audit Statement Date: 2016-03-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2021=pdf
BR Audit Statement Date: 2016-06-27
EV Audit: https://cert.webtrust.org/SealFile?seal=2166=pdf
EV Audit Statement Date: 2016-10-24
EV Audit: https://cert.webtrust.org/SealFile?seal=2022=pdf
EV Audit Statement Date: 2016-04-07
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hongkong Post Root CA 1
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8732899
Audit Statement Date: 2016-02-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8746166
BR Audit Statement Date: 2016-03-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   QuoVadis Root CA 1 G3
   QuoVadis Root CA 2
   QuoVadis Root CA 2 G3
   QuoVadis Root CA 3
   QuoVadis Root CA 3 G3
   QuoVadis Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2013=pdf
Audit Statement Date: 2016-03-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2011=pdf
BR Audit Statement Date: 2016-03-28
EV Audit: https://cert.webtrust.org/SealFile?seal=2012=pdf
EV Audit Statement Date: 2016-03-28
CA Comments: 
https://www.wisekey.com/investors_press-release/wisekey-sixwihn-signs-letter-of-intent-to-acquire-quovadis-consolidating-certification-authority-power-for-eidas-and-iot



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Gold CA - G2
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
Audit Statement Date: 2016-03-18
BR Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
BR Audit

Re: Audit Reminder Email Summary

2017-02-23 Thread Kathleen Wilson via dev-security-policy 
 Forwarded Message 
Subject: Summary of February 2017 Audit Reminder Emails
Date: Tue, 21 Feb 2017 20:00:51 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Staat der Nederlanden EV Root CA
   Staat der Nederlanden Root CA - G3
   Staat der Nederlanden Root CA - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2010=pdf
Audit Statement Date: 2016-03-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2010=pdf
BR Audit Statement Date: 2016-03-02
EV Audit: https://cert.webtrust.org/SealFile?seal=2010=pdf
EV Audit Statement Date: 2016-03-02
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2018=pdf
Audit Statement Date: 2016-03-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2018=pdf
BR Audit Statement Date: 2016-03-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
Audit Statement Date: 2016-02-08
BR Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
BR Audit Statement Date: 2016-02-08
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Cybertrust Global Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=2165=pdf
Audit Statement Date: 2016-10-24
BR Audit: https://cert.webtrust.org/SealFile?seal=2016=pdf
BR Audit Statement Date: 2016-03-18
EV Audit: https://cert.webtrust.org/SealFile?seal=2166=pdf
EV Audit Statement Date: 2016-10-24
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   D-TRUST Root Class 3 CA 2 2009
   D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
Audit Statement Date: 2016-01-20
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
Audit Statement Date: 2016-01-20
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
BR Audit Statement Date: 2016-01-20
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
BR Audit Statement Date: 2016-01-20
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
EV Audit Statement Date: 2016-01-20
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Hongkong Post Root CA 1
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8732899
Audit Statement Date: 2016-02-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8746166
BR Audit Statement Date: 2016-03-31
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   StartCom Certification Authority
   StartCom Certification Authority
   StartCom Certification Authority G2
Standard Audit: https://www.startssl.com/ey-webtrust.pdf
Audit Statement Date: 2016-03-18
BR Audit: https://www.startssl.com/ey-webtrust-br.pdf
BR Audit Statement Date: 2016-03-18
EV Audit: https://www.startssl.com/ey-webtrust-ev.pdf
EV Audit Statement Date: 2016-03-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   SwissSign Gold CA - G2
   SwissSign Platinum CA - G2
   SwissSign Silver CA - G2
Standard Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
Audit Statement Date: 2016-03-18
BR Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
BR Audit Statement Date: 2016-03-18
EV Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
EV Audit Statement Date: 2016-03-18
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=1981=pdf
Audit Statement Date: 2016-02-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1985=pdf
BR Audit Statement Date: 2016-02-15
EV Audit: https://cert.webtrust.org/SealFile?seal=1986=pdf
EV Audit Statement Date: 2016-02-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
BR Audit Statement Date: 2016-02-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CA WoSign ECC Root
   Certification Authority of WoSign G2
   CA ?
   Certification Authority of WoSign
Standard Audit:

Re: Audit Reminder Email Summary

2017-01-17 Thread Kathleen Wilson 
 Forwarded Message 
Subject: Summary of January 2017 Audit Reminder Emails
Date: Tue, 17 Jan 2017 20:02:07 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Certigna
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8722744
Audit Statement Date: 2016-02-15
BR Audit: 
http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
BR Audit Statement Date: 2016-02-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   certSIGN ROOT CA
Standard Audit: 
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
Audit Statement Date: 2016-02-08
BR Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
BR Audit Statement Date: 2016-02-08
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   D-TRUST Root Class 3 CA 2 2009
   D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit: 
https://www.tuvit.de/en/zertifizierungssuchergebnisseite-1852.htm?group=SystemsInfrastructures=ETSITS=D-TRUST
Audit Statement Date: 2016-01-20
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
BR Audit Statement Date: 2016-01-20
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
EV Audit Statement Date: 2016-01-20
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Microsec e-Szigno Root CA
   Microsec e-Szigno Root CA 2009
Standard Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
Audit Statement Date: 2016-01-12
BR Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
BR Audit Statement Date: 2016-01-12
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TWCA Global Root CA
   TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=1981=pdf
Audit Statement Date: 2016-02-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1985=pdf
BR Audit Statement Date: 2016-02-15
EV Audit: https://cert.webtrust.org/SealFile?seal=1986=pdf
EV Audit Statement Date: 2016-02-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
BR Audit Statement Date: 2016-02-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H6
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? 2007
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
Audit Statement Date: 2015-12-16
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
BR Audit Statement Date: 2015-12-16
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
EV Audit Statement Date: 2015-12-16
CA Comments: null



___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Audit Reminder Email Summary

2016-12-20 Thread Kathleen Wilson 
 Forwarded Message 
Subject: Summary of December 2016 Audit Reminder Emails
Date: Tue, 20 Dec 2016 20:00:30 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: http://www.sk.ee/en/repository/audit/
Audit Statement Date: 2015-10-30
BR Audit: https://www.sk.ee/upload/files/53_Audit%20Attestation%202015.pdf
BR Audit Statement Date: 2015-10-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Cybertrust Global Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1971=pdf
Audit Statement Date: 2016-01-06
BR Audit: https://cert.webtrust.org/SealFile?seal=2016=pdf
BR Audit Statement Date: 2016-03-18
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8778393 and 
https://cert.webtrust.org/SealFile?seal=1969=pdf
EV Audit Statement Date: 2016-01-06
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜB?TAK UEKAE Kök Sertifika Hizmet Sa?lay?c?s? - Sürüm 3
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8738994
Audit Statement Date: 2015-12-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8738994
BR Audit Statement Date: 2015-12-28
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   Microsec e-Szigno Root CA
   Microsec e-Szigno Root CA 2009
Standard Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
Audit Statement Date: 2016-01-12
BR Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
BR Audit Statement Date: 2016-01-12
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H6
   TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? 2007
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
Audit Statement Date: 2015-12-16
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
BR Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
BR Audit Statement Date: 2015-12-16
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
EV Audit Statement Date: 2015-12-16
EV Audit:
EV Audit Statement Date:
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   WellsSecure Public Root Certificate Authority
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8710093
Audit Statement Date: 2015-12-21
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8710092
BR Audit Statement Date: 2015-12-21
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CFCA EV ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=1944=pdf
Audit Statement Date: 2015-10-16
BR Audit: https://cert.webtrust.org/SealFile?seal=1946=pdf
BR Audit Statement Date: 2015-10-16
EV Audit: https://cert.webtrust.org/SealFile?seal=1945=pdf
EV Audit Statement Date: 2015-10-16
CA Comments: null




___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Audit Reminder Email Summary

2016-11-15 Thread Kathleen Wilson 
Here's a summary of the audit reminder emails that were sent today. 

The following is now automatically generated when the audit reminder emails get 
sent.


 Forwarded Message 
Subject: Summary of November 2016 Audit Reminder Emails
Date: Tue, 15 Nov 2016 20:00:42 + (GMT)

Mozilla: Audit Reminder
Root Certificates:
   ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   EE Certification Centre Root CA
Standard Audit: http://www.sk.ee/en/repository/audit/
Audit Statement Date: 2015-10-30
BR Audit: https://www.sk.ee/upload/files/53_Audit%20Attestation%202015.pdf
BR Audit Statement Date: 2015-10-30
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CA Disig Root R1
   CA Disig Root R2
Standard Audit: http://www.disig.eu/_pdf/Audit2015_report.pdf
Audit Statement Date: 2015-10-28
BR Audit: http://www.disig.eu/_pdf/Audit2015_report.pdf
BR Audit Statement Date: 2015-10-28
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null



Mozilla: Overdue Audit Statements
Root Certificates:
   Root CA Generalitat Valenciana
Standard Audit: https://cert.webtrust.org/SealFile?seal=1908=pdf
Audit Statement Date: 2015-07-17
BR Audit: https://cert.webtrust.org/SealFile?seal=1908=pdf
BR Audit Statement Date: 2015-07-17
CA Comments: Per CA request, Root CA Generalitat Valenciana will be removed via 
https://bugzilla.mozilla.org/show_bug.cgi?id=1272158



Mozilla: Overdue Audit Statements
Root Certificates:
   Class 2 Primary CA
Standard Audit: 
http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
Audit Statement Date: 2015-04-09
BR Audit: https://bug1025095.bugzilla.mozilla.org/attachment.cgi?id=8590352
BR Audit Statement Date: 2015-04-09
EV Audit: 
http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
EV Audit Statement Date: 2015-04-09
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did not find 
reference to "Class 2 Primary CA" in the 2016 audit statements. Update: Audit 
of Class 2 Primary CA completed mid-October. Waiting for auditor to write 
attestation letter.



Mozilla: Audit Reminder
Root Certificates:
   Secure Global CA
   SecureTrust CA
   XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=1951=pdf
Audit Statement Date: 2015-11-16
BR Audit: https://cert.webtrust.org/SealFile?seal=1954=pdf
BR Audit Statement Date: 2015-11-16
EV Audit: https://cert.webtrust.org/SealFile?seal=1952=pdf
EV Audit Statement Date: 2015-11-16
CA Comments: null



Mozilla: Audit Reminder
Root Certificates:
   CFCA EV ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=1944=pdf
Audit Statement Date: 2015-10-16
BR Audit: https://cert.webtrust.org/SealFile?seal=1946=pdf
BR Audit Statement Date: 2015-10-16
EV Audit: https://cert.webtrust.org/SealFile?seal=1945=pdf
EV Audit Statement Date: 2015-10-16
CA Comments: null



___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy