subject:"Public Discussion for Inclusion of e\-commerce monitoring's GLOBALTRUST 2020 Root"

Re: Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

2021-02-27 Thread Ben Wilson via dev-security-policy

On February 4, 2021, the public discussion period [Step 4 of the Mozilla
Root Store CA Application Process
] began on e-commerce
monitoring’s inclusion request.

No questions or concerns have been raised and there are no open action
items for e-commerce monitoring to complete under Steps 5-8 of the
application process.

This is notice that I am closing the public discussion period [Step 9] and
that it is Mozilla’s intent to approve e-commerce monitoring’s request for
inclusion [Step 10].

This begins a 7-day “last call” period for any final objections.

Thanks,

Ben

On Mon, Feb 22, 2021 at 1:51 PM Ben Wilson  wrote:

> Just a reminder that discussion is ongoing and scheduled to close this
> Friday, 26-Feb-2021.
>
> On Thu, Feb 4, 2021 at 4:39 PM Ben Wilson  wrote:
>
>> This is to announce the beginning of the public discussion phase (
>> https://wiki.mozilla.org/CA/Application_Process#Process_Overview, (Steps
>> 4 through 9)) of the Mozilla root CA inclusion process for e-commerce
>> monitoring GmbH’s GLOBALTRUST 2020 Root CA.
>>
>> e-commerce monitoring operates as "GlobalTrust", which was previously
>> operated by Austrian Society for Data Protection - Arge Daten. According
>> to the Applicant, Arge-Daten was the owner of the older "GlobalTrust"
>> roots, which are not part of this application. This application has been
>> tracked in the CCADB and in Bugzilla -
>> https://bugzilla.mozilla.org/show_bug.cgi?id=1627552.
>>
>> e-commerce monitoring’s GLOBALTRUST 2020 Root is proposed for inclusion
>> with the websites trust bit (with EV) and the email trust bit.
>>
>> Mozilla is considering approving e-commerce monitoring’s request. This
>> email begins the 3-week comment period, after which, if no concerns are
>> raised, we will close the discussion and the request may proceed to the
>> approval phase (Step 10).
>>
>> *A Summary of Information Gathered and Verified appears here in this
>> CCADB case:*
>>
>>
>> https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0568
>>
>> *Root Certificate Information:*
>>
>> GLOBALTRUST 2020 Root
>>
>> crt.sh -
>> https://crt.sh/?q=9A296A5182D1D451A2E37F439B74DAAFA267523329F90F9A0D2007C334E23C9A
>>
>>
>> Download - http://service.globaltrust.eu/static/globaltrust-2020.crt
>>
>>
>> *CP/CPS:*
>>
>> Current CP is Version 2.0h / 15th January 2021
>>
>> http://service.globaltrust.eu/static/globaltrust-certificate-policy.pdf
>>
>> Current CPS is Version 2.0h / 15th January 2021
>>
>>
>> http://service.globaltrust.eu/static/globaltrust-certificate-practice-statement.pdf
>>
>> Repository location:   https://globaltrust.eu/certificate-policy/
>>
>> *BR Self-Assessment* (PDF) is located here:
>>
>> https://bugzilla.mozilla.org/attachment.cgi?id=9138392
>>
>>
>> *Audits:*
>>
>> 2020 audits are attached to Bug # 1627552
>>  and include the
>> Key Generation Report, the EV Readiness Audit, and the ETSI Audit
>> Attestation, which covered the period from 06/11/2019 until 04/01/2020. The
>> next audit is due 04/01/2021.
>>
>> No misissuances were found under this root, and all subordinate
>> certificates passed technical tests satisfactorily.
>>
>> Again, this email begins a three-week public discussion period, which I’m
>> scheduling to close on or about 26-February-2021.
>>
>> Sincerely yours,
>>
>> Ben Wilson
>>
>> Mozilla Root Program
>>
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

2021-02-22 Thread Ben Wilson via dev-security-policy

Just a reminder that discussion is ongoing and scheduled to close this
Friday, 26-Feb-2021.

On Thu, Feb 4, 2021 at 4:39 PM Ben Wilson  wrote:

> This is to announce the beginning of the public discussion phase (
> https://wiki.mozilla.org/CA/Application_Process#Process_Overview, (Steps
> 4 through 9)) of the Mozilla root CA inclusion process for e-commerce
> monitoring GmbH’s GLOBALTRUST 2020 Root CA.
>
> e-commerce monitoring operates as "GlobalTrust", which was previously
> operated by Austrian Society for Data Protection - Arge Daten. According
> to the Applicant, Arge-Daten was the owner of the older "GlobalTrust"
> roots, which are not part of this application. This application has been
> tracked in the CCADB and in Bugzilla -
> https://bugzilla.mozilla.org/show_bug.cgi?id=1627552.
>
> e-commerce monitoring’s GLOBALTRUST 2020 Root is proposed for inclusion
> with the websites trust bit (with EV) and the email trust bit.
>
> Mozilla is considering approving e-commerce monitoring’s request. This
> email begins the 3-week comment period, after which, if no concerns are
> raised, we will close the discussion and the request may proceed to the
> approval phase (Step 10).
>
> *A Summary of Information Gathered and Verified appears here in this CCADB
> case:*
>
>
> https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0568
>
> *Root Certificate Information:*
>
> GLOBALTRUST 2020 Root
>
> crt.sh -
> https://crt.sh/?q=9A296A5182D1D451A2E37F439B74DAAFA267523329F90F9A0D2007C334E23C9A
>
>
> Download - http://service.globaltrust.eu/static/globaltrust-2020.crt
>
>
> *CP/CPS:*
>
> Current CP is Version 2.0h / 15th January 2021
>
> http://service.globaltrust.eu/static/globaltrust-certificate-policy.pdf
>
> Current CPS is Version 2.0h / 15th January 2021
>
>
> http://service.globaltrust.eu/static/globaltrust-certificate-practice-statement.pdf
>
> Repository location:   https://globaltrust.eu/certificate-policy/
>
> *BR Self-Assessment* (PDF) is located here:
>
> https://bugzilla.mozilla.org/attachment.cgi?id=9138392
>
>
> *Audits:*
>
> 2020 audits are attached to Bug # 1627552
>  and include the
> Key Generation Report, the EV Readiness Audit, and the ETSI Audit
> Attestation, which covered the period from 06/11/2019 until 04/01/2020. The
> next audit is due 04/01/2021.
>
> No misissuances were found under this root, and all subordinate
> certificates passed technical tests satisfactorily.
>
> Again, this email begins a three-week public discussion period, which I’m
> scheduling to close on or about 26-February-2021.
>
> Sincerely yours,
>
> Ben Wilson
>
> Mozilla Root Program
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

2021-02-04 Thread Ben Wilson via dev-security-policy

This is to announce the beginning of the public discussion phase (
https://wiki.mozilla.org/CA/Application_Process#Process_Overview, (Steps 4
through 9)) of the Mozilla root CA inclusion process for e-commerce
monitoring GmbH’s GLOBALTRUST 2020 Root CA.

e-commerce monitoring operates as "GlobalTrust", which was previously
operated by Austrian Society for Data Protection - Arge Daten. According to
the Applicant, Arge-Daten was the owner of the older "GlobalTrust" roots,
which are not part of this application. This application has been tracked
in the CCADB and in Bugzilla -
https://bugzilla.mozilla.org/show_bug.cgi?id=1627552.

e-commerce monitoring’s GLOBALTRUST 2020 Root is proposed for inclusion
with the websites trust bit (with EV) and the email trust bit.

Mozilla is considering approving e-commerce monitoring’s request. This
email begins the 3-week comment period, after which, if no concerns are
raised, we will close the discussion and the request may proceed to the
approval phase (Step 10).

*A Summary of Information Gathered and Verified appears here in this CCADB
case:*

https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=0568

*Root Certificate Information:*

GLOBALTRUST 2020 Root

crt.sh -
https://crt.sh/?q=9A296A5182D1D451A2E37F439B74DAAFA267523329F90F9A0D2007C334E23C9A


Download - http://service.globaltrust.eu/static/globaltrust-2020.crt


*CP/CPS:*

Current CP is Version 2.0h / 15th January 2021

http://service.globaltrust.eu/static/globaltrust-certificate-policy.pdf

Current CPS is Version 2.0h / 15th January 2021

http://service.globaltrust.eu/static/globaltrust-certificate-practice-statement.pdf

Repository location:   https://globaltrust.eu/certificate-policy/

*BR Self-Assessment* (PDF) is located here:

https://bugzilla.mozilla.org/attachment.cgi?id=9138392


*Audits:*

2020 audits are attached to Bug # 1627552
 and include the Key
Generation Report, the EV Readiness Audit, and the ETSI Audit Attestation,
which covered the period from 06/11/2019 until 04/01/2020. The next audit
is due 04/01/2021.

No misissuances were found under this root, and all subordinate
certificates passed technical tests satisfactorily.

Again, this email begins a three-week public discussion period, which I’m
scheduling to close on or about 26-February-2021.

Sincerely yours,

Ben Wilson

Mozilla Root Program
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

Re: Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

Public Discussion for Inclusion of e-commerce monitoring's GLOBALTRUST 2020 Root

3 matches

Site Navigation

Mail list logo

Footer information