Closed
Bug 590593
Opened 14 years ago
Closed 8 years ago
Add Collier Technologies LLC CA root certificate
Categories
(CA Program :: CA Certificate Root Program, task)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: cjac, Assigned: kwilson)
References
()
Details
(Whiteboard: Information incomplete)
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.11) Gecko/20100720 Iceweasel/3.5.10 (like Firefox/3.5.10) Build Identifier: We expect to have the required documents gathered and published by 1-1-2011. Please consider this bug a request for comments. Reproducible: Always Steps to Reproduce: $ ls /etc/ssl/certs/ | grep Collier | wc -l Expected Results: 1 I am also discussing inclusion with Microsoft's access & security team, Google's infrastructure team and debian's package maintainers.
Assignee | ||
Comment 1•14 years ago
|
||
For information about Mozilla's root inclusion process and timeline, see https://wiki.mozilla.org/CA:How_to_apply Please provide the information listed here: https://wiki.mozilla.org/CA:Information_checklist Please also see the following: http://www.mozilla.org/projects/security/certs/policy/ https://wiki.mozilla.org/CA:Recommended_Practices https://wiki.mozilla.org/CA:Problematic_Practices
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Reporter | ||
Comment 2•14 years ago
|
||
CA Name: Collier Technologies LLC URL: http://www.colliertech.org/ Type: Washington State Limited Liability Company Market: IPSec, https/SSL, Personal Identity Verification (more as time permits)
Assignee | ||
Updated•14 years ago
|
Summary: Application for inclusion of Collier Technologies LLC CA: 1-1-11 → Add Collier Technologies LLC CA root certificate
Assignee | ||
Updated•14 years ago
|
Whiteboard: Information incomplete
Reporter | ||
Comment 3•14 years ago
|
||
I've spoken with an auditor (Moss Adams) about reviewing my IT. They have not gotten back to me with an estimate yet. Today I contacted one of the WA State Licensed CAs about issuing Collier Technologies a certificate as required by 434-180-200 WAC
Reporter | ||
Comment 4•14 years ago
|
||
CRL: http://www.colliertech.org/state/19.34_RCW/CRL/ I checked with Moss Adams. They assure me that they are still looking into my request. Quis custodiet ipsos custodes? I hope they don't plan on charging me for learning debian.
Assignee | ||
Comment 5•13 years ago
|
||
Is this request still valid?
Reporter | ||
Comment 6•13 years ago
|
||
Still working on it. Sorry it's taking so long. Moss Adams hasn't been very proactive, but I have also not acquired a suitable guarantee (434-180-225 WAC) or come up with the $1400 for the application fee (434-180-130 WAC). http://www.colliertech.org/state/19.34_RCW/Operative_Personnel_Certification_2010_p2-lowres.png http://apps.leg.wa.gov/WAC/default.aspx?cite=434-180-200
Reporter | ||
Comment 7•13 years ago
|
||
I've scheduled a meeting with Coalfire Systems here in Seattle on the 10th. I'll update the ticket as more information becomes available.
Reporter | ||
Comment 8•13 years ago
|
||
We got a bid from Coalfire Systems. It looks like it will be about $10K to have the audit performed. We are now setting aside some capital for the expense.
Assignee | ||
Comment 9•13 years ago
|
||
Please note that Mozilla's CA Certificate Maintenance Policy requires an annual audit. http://www.mozilla.org/projects/security/certs/policy/MaintenancePolicy.html "4. We require that all CAs whose certificates are distributed with our software products provide us an updated statement annually of attestation of their conformance to the stated verification requirements and other operational criteria by a competent independent party or parties, as outlined in this policy. ..." Also please note in Mozilla's CA Certificate Inclusion Policy: http://www.mozilla.org/projects/security/certs/policy/InclusionPolicy.html "6. We require that all CAs whose certificates are distributed with our software products: - provide some service relevant to typical users of our software products;" Rather than applying to get your root certificate included in Mozilla products, have you thought about contacting one of the CAs who already have a root certificate included?
Reporter | ||
Comment 10•13 years ago
|
||
This is also a requirement of the State of Washington's Electronic Authentication Act (19.34 RCW). We will forward the audit report to Mozilla at the same time we forward it to the Secretary of State. http://apps.leg.wa.gov/wac/default.aspx?cite=434-180-240 We have considered applying to get the certificate included by a third party CA, but would instead prefer to be recognized as a trust anchor. Thank you for reviewing this bug. Mozilla's attention to detail is one of the reasons we are requesting recognition from you rather than a third party.
Reporter | ||
Comment 11•12 years ago
|
||
currently working with the folks at tycho.nsa.gov to bring our distribution (Debian) into compliance with common criteria requirements.
Assignee | ||
Comment 12•12 years ago
|
||
When you are ready to proceed, please update this bug to provide the information listed here: https://wiki.mozilla.org/CA:Information_checklist
Comment 13•8 years ago
|
||
There's no update from CA for more than 1.5 year. Closing this bug for now as Won't fix. If CA ever provide further information, this bug will be re-opened.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
Updated•7 years ago
|
Product: mozilla.org → NSS
Updated•1 year ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•