Closed
Bug 1019860
Opened 10 years ago
Closed 10 years ago
Disclosure of Intermediate CAs: Symantec - GeoTrust
Categories
(CA Program :: CA Certificate Root Program, task)
CA Program
CA Certificate Root Program
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: rick_andrews, Assigned: kathleen.a.wilson, NeedInfo)
Details
Attachments
(1 file)
41.64 KB,
text/plain
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 (Beta/Release) Build ID: 20140506152807 Steps to reproduce: See attached file
Assignee | ||
Comment 1•10 years ago
|
||
Closing this bug as resolved, but this bug will continue to be used to provide information about Symantec/GeoTrust publicly disclosed and audited subordinate CAs, as per item #10 of http://www.mozilla.org/about/governance/policies/security-group/certs/policy/inclusion/
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WORKSFORME
Hi, The following certificate seems to have been missed. You included the DSA RapidSSL Enterprise intermediary but not the RSA one. Is this the only omission in the list? -----BEGIN CERTIFICATE----- MIIELTCCAxWgAwIBAgIDAjpbMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYT AlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVz dCBHbG9iYWwgQ0EwHhcNMTEwMzA4MTk1MjU2WhcNMjEwMzA1MTk1MjU2WjBn MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xHjAcBgNV BAsTFUZvciBJbnRlcm5hbCBVc2UgT25seTEfMB0GA1UEAxMWUmFwaWRTU0wg RW50ZXJwcmlzZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALp95UbN095bMH/3DK0rFZRxhzeo/HGZI5xzzmFR3iq5xd43IHBYR4mPyyuD 0CjIAHbOASbRqtq3o84edNP2MA3dns/KSK90K8T4lMueLV4eUU8VMs06PXy4 /uUvNym2KfjpMqD1brNg6XofLkFLfCNiaUC4NZD2nlOSEl4EenrKho91CEBU Wx2dgwAKf4760bRtl+k8aSs+xf+5dHxBH97vZjqTDEmXX8iqIanH+odbZplz 3y+bUQuO8lCoGZldW820vVAPhysAp+o0O595p9xQHfcFMbMEZ9EP/dvB0Mii 0O5hMwGWg3FfRSJUdZjLwnNInC1elxOk2K6bwnJKSisCAwEAAaOCAQUwggEB MB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4ysxOMB0GA1UdDgQWBBTl Dw09QB0ZeDGT1R8EAKrDQ75ClDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1Ud DwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3Ry dXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYwJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTApBgNVHREEIjAg pB4wHDEaMBgGA1UEAxMRVmVyaVNpZ25NUEtJLTItNTgwDQYJKoZIhvcNAQEF BQADggEBAA9i561VwbiRS9WBDMKX/wcsVKIivRviygPNaBKsv3O5VYCGhwi4 IBeML0JBwfLHJM8M+nlHaZTObQPK0O7uOHMA6V8oMKSxPupf0STrFIPVNMDl 7pYJoWhehJhyaef692HD3o/DiU43aZMcNv6PPhgp/eAjvFTLBnEyAIZehrQl 0bArhcaEr3bDHfuh9oWM6wqY6NvBl3Ue93g32ryU3Ql2DU+xguL/PDlPMhZR HieTNMt+sraUj1fGHGzjZwC6gL3vVj/XVY+Qb7Dcg4YwDm7e7yAXjKuwP/wC IcuEKWz6JRRBonNvN3tHXwBMrZVTZMYSWYQ0wvqvvigtWA+F/N0= -----END CERTIFICATE-----
Reporter | ||
Comment 3•10 years ago
|
||
Yes, it appears that I missed that one. I'll investigate how that happened to see if I missed any others.
Reporter | ||
Comment 4•10 years ago
|
||
I didn't miss these; we recently created these SHA-2 intermediates so I'm adding them to your pile: -----BEGIN CERTIFICATE----- MIIEJTCCAw2gAwIBAgIDAjp3MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwODI5MjEzOTMyWhcNMjIwNTIwMjEzOTMyWjBHMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wg U0hBMjU2IENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv VJvZWF0eLFbG1eh/9H0WA//Qi1rkjqfdVC7UBMBdmJyNkA+8EGVf2prWRHzAn7Xp SowLBkMEu/SW4ib2YQGRZjEiwzQ0Xz8/kS9EX9zHFLYDn4ZLDqP/oIACg8PTH2lS 1p1kD8mD5xvEcKyU58Okaiy9uJ5p2L4KjxZjWmhxgHsw3hUEv8zTvz5IBVV6s9cQ DAP8m/0Ip4yM26eO8R5j3LMBL3+vV8M8SKeDaCGnL+enP/C1DPz1hNFTvA5yT2AM QriYrRmIV9cE7Ie/fodOoyH5U/02mEiN1vi7SPIpyGTRzFRIU4uvt2UevykzKdkp YEj4/5G8V1jlNS67abZZAgMBAAGjggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7 qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUw5zz/NNGCDS7zkZ/oHxb8+IIy1kwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCig JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUF BwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARF MEMwQQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3Ry dXN0LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQCjWB7GQzKs rC+TeLfqrlRARy1+eI1Q9vhmrNZPc9ZE768LzFvB9E+aj0l+YK/CJ8cW8fuTgZCp fO9vfm5FlBaEvexJ8cQO9K8EWYOHDyw7l8NaEpt7BDV7o5UzCHuTcSJCs6nZb0+B kvwHtnm8hEqddwnxxYny8LScVKoSew26T++TGezvfU5ho452nFnPjJSxhJf3GrkH uLLGTxN5279PURt/aQ1RKsHWFf83UTRlUfQevjhq7A6rvz17OQV79PP7GqHQyH5O ZI3NjGFVkP46yl0lD/gdo0p0Vk8aVUBwdSWmMy66S6VdU5oNMOGNX2Esr8zvsJmh gP8L8mJMcCaY -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIERDCCAyygAwIBAgIDAjp4MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwODI5MjIyNDU4WhcNMjIwNTIwMjIyNDU4WjBmMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh bGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEc0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30GUetr35DFDtuoBG1zOY+r6 baPZau4tmnX51ZxbvTTf2BzJbdgEiNputbe18DCuQNZd+sRTwdQinQROEaaV1UV8 QQVY4Ezd+e5VvV9G3K0TCJ0s5PeC5gcrng6MNKHOxKHggXCGAAY/Lep8myiuGyiL OQnT5/BFpLG6EWeQVXuP3u04XKHh44PEw3KRT5juHMKAqmSlPoNiHMzgnvhawBMS faKni6PnnyrXm8rL7ZcBnCiEUQRQQby0/HjpG88U6h8P/C4BMo22NcsKGDvsWj48 G9OZQx4v973zWxK5B17tPtGph8x3cifU2XWiY0uTNr3lXNe/X3kNszKnC7JjIwID AQABo4IBHTCCARkwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYD VR0OBBYEFAtQ7HfvKpv/7AOhCv+txuQqGMc+MBIGA1UdEwEB/wQIMAYBAf8CAQAw DgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNi LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYw MzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz L2NwczANBgkqhkiG9w0BAQsFAAOCAQEAMyTVkKopDDW5L8PHQpPAxhBLAwh2hBCi 4OdTEifyCtp/Otz9XHlajxd0Q1Ox1dFdWbmmhGTK8ToKWZYQv6mBV4tch9x/4+S7 BXqgMgkTThCBKB+cA2K89AG1KYNGB7nnuF3I6dHdrTv4NNvB0ZWpkRjtPCw3EU3M /lM+UEP5w1ZBrFObbAWymuLgWVcwMrYmThMlzfpIcA91VWAR9TvVXlo8i1sPD2JC SGGFixD0wYi/f1+KwtfNK5RcHzRKCK/rromoSHVVlR27wJoBufQDIj7U5lIwDWe5 wJH9LUwwjr2MpQSRu6Srfw/Yb/BmAMmjXPWwj4PmnFrmtrnFvL7kAg== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEIjCCAwqgAwIBAgIDAjp5MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwOTA4MjA0MTEwWhcNMjIwNTIwMjA0MTEwWjBEMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg U1NMIENBIC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCafZho EUDBX3LsVbOxY/MyInKRxhYFuwiCMbT27tQYOREvLtpH/lExblvyqQrrL7v1YVll VwLNgP/HcDJUif3brply1E8MJrkuYzB93hRbatdSeCH5v7xQ1VQSWdi1NtkhR7g/ algdjHLhl5XT4UWo8Vrlvv7jU3yl8FLgzzmUDBlx8sAlB0h9HObxOSUvmHlD6Bhy 9GWGmFoABEfaS1gefIaxSzWmIAAczRs7Il3RkygzEiOUCKrDOvXRxox+mdMYoK2d GM9JrRAD95kzJoZGmi+gumxuyIgCt276ep6YSu6aMX0ZFGAM7I8gIzzalya26oBs ileeIO5vFyVKMq01AgMBAAGjggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7qwVk DBF9qn1luMrMTjAdBgNVHQ4EFgQUrDLtWsng3jCckFhVJmP2cqZUX+MwEgYDVR0T AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCigJoYk aHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUFBwEB BCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARFMEMw QQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0 LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQBhQK0hDwO7ldyJ /KPLBXHpHFmXNcL6awWkFsZWRjd0GxvxPizoNxm3lNIPDsW/FAcrNM1btI3HVp0Z /AK0npAx+qRExnXd3R8lVKMwTKzb/sSI9zEmGEeuTCAZGseuPpgKFj3SwqZdDS4p fbKdx0EyF8qdrjm/kZje50TilZyUXGxCG1nJe2gTqJYJdO5AFKTV18l7M6MPWmmc GvpvEkcc3x5McE5t3f4ch7Wd4VQHCYrNvqqoRnhuFvLnkQ7Dr9p2ANHYokYkA6Ua hYFWg2MnupCO+WIRuqd8kKkaZrTFvI8pQavrjZmmzJFkutzGpkyztCMmUXJW+fN0 VZ8ldU8r -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIESzCCAzOgAwIBAgIDAjp6MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwOTA4MjE0MjE2WhcNMjIwNTIwMjE0MjE2WjBtMQswCQYDVQQG EwJVUzEXMBUGA1UEChMOVm9sdXNpb24sIEluYy4xHTAbBgNVBAsTFERvbWFpbiBW YWxpZGF0ZWQgU1NMMSYwJAYDVQQDEx1Wb2x1c2lvbiwgSW5jLiBEViBTU0wgQ0Eg LSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpf0R+yN2TtWcSM 8QYs1zXstPOaApJk9YkjFPzTCpeWaApNofj2L3jGMG4lwqwhjoQu4Ayu0OT4XBsz YVvDoPphjlM8FKvkYAmscuQb4KGi6qV1EkSZN+pqKT4H/SCDyu+pyBMuVbhELR71 F475h+VQiqhv+kelnvEjhNsvr0V/ToRq4VHErIvC5SYivM7gPKesTlDlSjCL2M+N gSM0Zg65uzarSrR4MMYJoS0ZYi+RkWpmAhVklJrIU5ipc9PRMwaANAa9BWCQM79g kfpVC0BR8657d6lBxP8tTTK+pMdeBenJzWOLUDkSNHtfv8ZUxNSwhr9xoQ5xPUgs KSD4G7sCAwEAAaOCAR0wggEZMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4 ysxOMB0GA1UdDgQWBBS3JUs0KblrwuUSSJXr5cHA+khsATASBgNVHRMBAf8ECDAG AQH/AgEAMA4GA1UdDwEB/wQEAwIBBjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8v Zy5zeW1jYi5jb20vY3Jscy9ndGdsb2JhbC5jcmwwLgYIKwYBBQUHAQEEIjAgMB4G CCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5jb20wTAYDVR0gBEUwQzBBBgpghkgB hvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl c291cmNlcy9jcHMwDQYJKoZIhvcNAQELBQADggEBACtZoWZrdfmn2qclpLomBij9 YSKOG4nefFqMoSHdpuRDce4Wp1JwaOLrGMwL/o10ocT3v3jkrc0i5LhhzFu3xQ8k iIA8nNdpX9trd9Dr00KmguXn8A2dBwo4bWNpFpZ7C0sRTVwC1RzJL7c0KeAB8VIv KUKJZ/Z3/chFzpfQAETT1WeFOjVGTNzcaCKBl3W88UrAfnwvsqEdT0MgDbJfWoPa ZmAzJ0Kt48ucNRsX/Qa3FE+YTL5y3KuLzTG7i5t9sjmV5etMXW2935RbEM8NdZaQ cmrjS8ctMyKlv8IF84Fn7sg6fs8zZCpzTucVNhn1GPoao2kme9Xz2HogEoRYT5k= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEYDCCA0igAwIBAgIDAjp7MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwOTA4MjIyMTAxWhcNMjIwNTIwMjIyMTAxWjCBgTELMAkGA1UE BhMCTkwxITAfBgNVBAoTGEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTEdMBsGA1UE CxMURG9tYWluIFZhbGlkYXRlZCBTU0wxMDAuBgNVBAMTJ0ludGVybWVkaWF0ZSBD ZXJ0aWZpY2F0ZSBEViBTU0wgQ0EgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALkrSUUgvTy6CpwyyblESoS3HeQxJHZuzvzdGBsaXieDcegT/ua5 GkpNxwiDmGZ63GNdIQh7ogwUVVcp7gGVJiafnWs2JbQ4BJjHoKKNCAG2abpX9hK4 NmWFjOQSWTD+CICx/w1Nrln016P6IaWpm06Dahvf/V0eHwYIRoOAs0yQpYpTx0bv h42NfwQ1t0B6e0oegaPWqSk174u3g9f2q6UF2J6oEPhHXYM9WSW0yDkvB8BCDboR Qfg6VhFW8bMT3NglYYQ1+VndfdV0nv4pnn0A/Ueb3OWQ6Ercfjgk3fDPib0PSM3d +tkygLHpQjbP5vimhYdUR8v3lJGZ97RyO8sCAwEAAaOCAR0wggEZMB8GA1UdIwQY MBaAFMB6mGiNifurBWQMEX2qfWW4ysxOMB0GA1UdDgQWBBRjHKinsZM1jxZ2nuX6 X8jmrb8vuTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjA1BgNV HR8ELjAsMCqgKKAmhiRodHRwOi8vZy5zeW1jYi5jb20vY3Jscy9ndGdsb2JhbC5j cmwwLgYIKwYBBQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5j b20wTAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6 Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJKoZIhvcNAQELBQAD ggEBAD9XFBXM6iyefu/EIo19K8MivUbCNVXCSDcvV/nqRNP65ulo1B1bZbPK85+8 1nEDXCFCUeVsHkkSwMM8SCCm9qytdmWzK6rwsQkaJdfNyixsGVLH0kwUvHR/plTj 9/A2+VZpcdIhPQwS6PR8BULwXAU/oRzPekEJnehEbBR1mo8UJfdZSCJTShsIuSQB D5kPjGlPJhWjxFx6utde2/ajAllNMTVXAJhZ3kOZBFedDP0vqeNufg6W8juFutiM Qx275wDIVMH7A5O9GXN/e7WVTxUa8wKWCruzZ9pS7gpifkcsTUH+c1a5C2vQNqRh vPM2w6gkpyaonh9mKO0F4Z5iqvE= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEODCCAyCgAwIBAgIDAjp8MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwOTA4MjI0OTMzWhcNMjIwNTIwMjI0OTMzWjBaMQswCQYDVQQG EwJERTESMBAGA1UEChMJU1RSQVRPIEFHMR0wGwYDVQQLExREb21haW4gVmFsaWRh dGVkIFNTTDEYMBYGA1UEAxMPU1RSQVRPIFNTTCAtIEcyMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAnTv2PaeiFWfLa51rxHx/s+lM01UDYICi/VTuKocL o2nVePI1HoW+nX2roQfPFiPWbJu58DRztXtbJVDY68ozwWZnD72SsTqahQ9ZeG7V LLTnD//UOdtiL/MyNt6nrTKbty/qjmyWVAF7RMq2j/g9/DOF4QhZ+N62z7N4ExtP gpUe5ra7z8lOJra/hiIGr8uX1/c3YgIW7PXfPLneF+CPTx5i7HPwaja+Tmb//uIo DlePWv9Wq2+ZoHrM4L+MiS1PV5JtvL8u1RRXKNKlcYtb3SAhNA01NHE1klTP8CRd pvUkedZMm4tUWft7rZl6Tanf2N7QA8/z+y6TuFNyiQpRWwIDAQABo4IBHTCCARkw HwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYDVR0OBBYEFA/7hEJx bzKqJ/oHREkqrWgzYwISMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD AgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNiLmNvbS9jcmxzL2d0 Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUHMAGGEmh0dHA6Ly9n LnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYwMzAxBggrBgEFBQcC ARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczANBgkqhkiG 9w0BAQsFAAOCAQEAKqrOVRWTmRDI8k3wbTXrC3s3teqEZKVb2loqdSXU0KbRw6b7 Gn1vjIWUSOWaa/0WwT2rukrh8oMxS1hy7xe0caWyONGbrVfpr3gqdO5V1Wj31BKU 9eQmLAwABE3w+RRH9azaYb3I7UFibvpzBzxOkFa9SPKc/ywJLt/1HJSZC4WLrqVo BmyxtwiH+zxj2kfWLDDSk2zQ5rnwoHI/nXyjPUSFTILUc8PFJkboshMhZYi44MlN UUxxYOrP3LRLo0KKOVQKGezjQKaDMXFeziJytWWWXEIjsSq3AFPWfEnRK8Xq5Dvj 6KvDj1wuJNYH2Nphe7pRL0CC2129KA8lx34rlA== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIETjCCAzagAwIBAgIQPLa8KZazehSnktHl2OwzWjANBgkqhkiG9w0BAQsFADBY MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNDA5 MDkwMDAwMDBaFw0yNDA5MDgyMzU5NTlaMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQK Ew1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdHZW9UcnVzdCBFViBTU0wgQ0EgLSBH NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALiytAioX4l4sarlK5g0 BYeP+4S5HLVRTHGMVAQTUYTlM5ZYxNwAfm+bH8CNOQqWUzwe3rkhS8CUmX6JoxbR oIVIGWJuw6lcPaGS5VIll6uiELuHMDBdAkT/W6+xzT99Nz65VuqiPtk5n3NklFjm sm63B5kQP9GGKWaurzJD9Ow46WS0mEl1eiWt5NWNcjP4ztOKOe8xXWJrWP0KJY+R m1KS8rJea0JO6vcpgdWxTBqr4LmdE7mK7mhQ4r5ePVUMt3Exsnkb08yLi82fvK9P 3bJzcLa56w7CsHr+UDqWlzRbF5igsYYRq3gHkQMv3rf+jo4Yhg7K0n2iNiCRntJb rnsCAwEAAaOCASMwggEfMBIGA1UdEwEB/wQIMAYBAf8CAQAwLgYIKwYBBQUHAQEE IjAgMB4GCCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5jb20wVAYDVR0gBE0wSzBJ BgRVHSAAMEEwPwYIKwYBBQUHAgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9y ZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAzBgNVHR8ELDAqMCigJqAkhiJodHRw Oi8vZy5zeW1jYi5jb20vR2VvVHJ1c3RQQ0EuY3JsMA4GA1UdDwEB/wQEAwIBBjAd BgNVHQ4EFgQUCCUHIUdsMf4IWA6m6i/n2xtiaMowHwYDVR0jBBgwFoAULNVQQZcV i/CPNmFbSvtr2ZnJM5IwDQYJKoZIhvcNAQELBQADggEBAF1R8Szzu5OMY7OiWTNj HO5PB2c0mPIxksmUmEjCJegoF4ihMiIKqE4IMLXhCZs7/oS8CRSFjmS3DVeqTz8i +Bk6o/AhXwsv1ZYT9eEBWKOxrSTJfeGoLsQz9OgRE/3UhCraAv+9/SvJ1PvKkglH Gv67K+Uw5ezBOxfWtdM2wJkTEqzDxcDPhVQufIxinAc57tcih1ozO0/Hut7/pZeh t9PJ6UTl4xktKfeEoogi/OpDyPzvqcButxv2jDBJTcTQmq+tqgBsIazwVLold69R Dqvo9DWpRk/xacqN4oaYFLN006qDRiWqklrM0vEL81FZFWhFXs/qTuq81dXyni30 YKo= -----END CERTIFICATE-----
Assignee | ||
Comment 5•9 years ago
|
||
Listing the certs, as you've been doing is just part of the requirement. For non-technically-constrained subCAs, also need the annual audit statements and policy documentation. https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ "10. We recognize that technically constraining subordinate CA certificates as described above may not be practical in some cases. All certificates that are capable of being used to issue new certificates, that are not technically constrained, and that directly or transitively chain to a certificate included in Mozilla’s CA Certificate Program MUST be audited in accordance with Mozilla’s CA Certificate Policy and MUST be publicly disclosed by the CA that has their certificate included in Mozilla’s CA Certificate Program. The CA with a certificate included in Mozilla’s CA Certificate Program MUST disclose this information before any such subordinate CA is allowed to issue certificates. All disclosure MUST be made freely available and without additional requirements, including, but not limited to, registration, legal agreements, or restrictions on redistribution of the certificates in whole or in part. The Certificate Policy or Certification Practice Statement of the CA that has their certificate included in Mozilla’s CA Certificate Program must specify where on that CA’s website all such public disclosures are located. For a certificate to be considered publicly disclosed and audited, the following information MUST be provided: - The full DER-encoded X.509 certificate (Each issuing CA should provide one .p7c, .zip, or .tgz file containing all of the non-technically-constrained intermediate certificates that it has signed.); - The corresponding Certificate Policy or Certification Practice Statement used by the subordinate CA; and - Annual public attestation of conformance to the stated certificate verification requirements and other operational criteria by a competent independent party or parties with access to the details of the subordinate CA’s internal operations."
Comment 6•9 years ago
|
||
CPS and Audit statements can be found at http://www.symantec.com/about/profile/policies/repository.jsp. This link applies to all SubCAs already disclosed earlier in the bug.
Comment 7•9 years ago
|
||
Kathleen: To cycle back based on https://bugzilla.mozilla.org/show_bug.cgi?id=1151348#c7 , Google Internet Authority G2 is disclosed in the geotrust_cas.txt file That said, the requested CA communication ( https://wiki.mozilla.org/CA:Communications#May_13.2C_2014 ) requested compliance with Items 8, 9 and 10 of the Mozilla CA inclusion policy. Per https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ , Item 10 requires For a certificate to be considered publicly disclosed and audited, the following information MUST be provided: * The full DER-encoded X.509 certificate (Each issuing CA should provide one .p7c, .zip, or .tgz file containing all of the non-technically-constrained intermediate certificates that it has signed.); * The corresponding Certificate Policy or Certification Practice Statement used by the subordinate CA; and * Annual public attestation of conformance to the stated certificate verification requirements and other operational criteria by a competent independent party or parties with access to the details of the subordinate CA’s internal operations. The information provided includes the first part, but does not include the CP/CPS or the public conformance attestation. However, judging by https://docs.google.com/spreadsheets/d/1v-Lrxo6mYlyrEli_wSpLsHZvV5dJ_vvSzLTAMfxI5n8/pubhtml , it seems a number of CAs failed to respond with all of the requested information. https://secure.comodo.com/products/publiclyDisclosedSubCACerts is perhaps an example of a complete and current disclosure.
Flags: needinfo?(kwilson)
Assignee | ||
Comment 8•9 years ago
|
||
(In reply to Ryan Sleevi from comment #7) > Kathleen: To cycle back based on > https://bugzilla.mozilla.org/show_bug.cgi?id=1151348#c7 , Google Internet > Authority G2 is disclosed in the geotrust_cas.txt file > I see it now. Sorry for missing it the first time I looked.
Flags: needinfo?(kwilson)
Comment 9•9 years ago
|
||
We know these will all have to be put into SFDC, but until then we are putting them into this bug. Thank you. RapidSSL: CN = RapidSSL SHA256 CA - G4 O = GeoTrust Inc. C = US -----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgIQKByJKWYUQ4BCY1U6MkCuszANBgkqhkiG9w0BAQsFADCB mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eSAtIEczMB4XDTE1MDYzMDAwMDAwMFoXDTI1MDYyOTIzNTk1OVowRzELMAkG A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlk U1NMIFNIQTI1NiBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJ46D5qyutPS3BXs0DBUWTBNQFGuQnFx0o1Tc4H+uODElsWOfsLxt2NKz6ce P6jnzlOg+i331ubOcBGm7uEDUtJo3j0IDYf9HNcLl2JtgjB2G0c6xPfO7R18jLcX jlOAHh0PXYz5kOQEHgJ+y7BJ79pSJfv7Z+3dhHRZhA7z3nBmjeRSOPdTWjcTZws+ u6hYty7t/7deEXO5d0VSZ0auxNwkgYl2CsqhbGZzBIKq9XBsXxuaAHlG1n96Jhcw zzlLLHTZiUR2ENDt94u7iQV1TQsNs9rpv/FqfSoR2x6fjOPEBmnhHYhFOdFuVdiq t5tv6vTerBcRkl1Am4N7muL3qQIDAQABo4IBOjCCATYwLgYIKwYBBQUHAQEEIjAg MB4GCCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5jb20wEgYDVR0TAQH/BAgwBgEB /wIBADBJBgNVHSAEQjBAMD4GBmeBDAECATA0MDIGCCsGAQUFBwIBFiZodHRwczov L3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczA2BgNVHR8ELzAtMCugKaAn hiVodHRwOi8vZy5zeW1jYi5jb20vR2VvVHJ1c3RQQ0EtRzMuY3JsMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE FPO1VgzECbC0zx+q+d0jVvB36KH5MB8GA1UdIwQYMBaAFMR5yo6hTgMdHNxr2zFb lD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQDDftiDSwRMVSkqTxSdmm7ekHDBpCZM iI54SO+9nLCg9fBm/P5ZJuF578i3YGSoi0fqL+CDmdpBGdfFvgX68pAR8Ar/bNwF tNgGb6Rvjb4gK1Tb+aJFg5oepSGJNR18IFwX/QQuRdiyxvhCmfxUCE5LgF85N7qV TqY3Cp6TXodb6ZDWqLZlCI1hSeuDIKldGxZgYmsvVPtaAg16J+JL4QUUwuTp+XDA 2fc0ZQ6ikUusKPK3CA+Yytc+cLbIC/GLnFH4xhBs0lNPYowRAD6I37/m0sxwve0l nPvdJAq9WZFKQgM4EnEyiHagjny7Mu+IKhvUam9QuVJni6sw+h/94ySa -----END CERTIFICATE----- Geotrust: CN = GeoTrust DV SSL SHA256 CA - G2 OU = Domain Validated SSL O = GeoTrust Inc. C = US -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgIQESfqNkHGNiMyR3PVI3KyAjANBgkqhkiG9w0BAQsFADCB mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eSAtIEczMB4XDTE1MDYzMDAwMDAwMFoXDTI1MDYyOTIzNTk1OVowbTELMAkG A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHTAbBgNVBAsTFERvbWFp biBWYWxpZGF0ZWQgU1NMMScwJQYDVQQDEx5HZW9UcnVzdCBEViBTU0wgU0hBMjU2 IENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgTVrNM/J+ l+4Zqt5NlG6Efx4gkAuJRoaEjtok529PhvKJLCzRDyaNsFpil75UTOSJT1dNyP0R Im+5rHQlcIS6fMnY0S+5UkcsdmGePhn4kte2krcE5JcrC4XmKzRcJao64Rac/0/j SG7KXJ58I81xmuuRp6dUnslaSVue+7945PApEDJUP/sa3ptrmR3RyNj0Sf2oBBUg pUJoMmrTpMuPCMRJiNJn+GDzpbHuYHNIrzC6NFa7CJ4X2CguwPrxxcRJ4dJLcOI+ Xt6NYbe2pZVUUchBPGZHPKc/3zdqVlD/FOo0DmttXVm66TSQeMi0hO+Ci0SOKDYe 3uvXzUsbIAaRAgMBAAGjggE6MIIBNjAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMEkGA1Ud IARCMEAwPgYGZ4EMAQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdlb3Ry dXN0LmNvbS9yZXNvdXJjZXMvY3BzMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9n LnN5bWNiLmNvbS9HZW9UcnVzdFBDQS1HMy5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUi8P6vNmoQx6R /AhPms00y5/f/6QwHwYDVR0jBBgwFoAUxHnKjqFOAx0c3GvbMVuUPj8wfy0wDQYJ KoZIhvcNAQELBQADggEBAKeIPWCRYfis6Fftk0dRGWoGXzF1iHP56MOGo07fLyx3 AUvoRTA7PsbL7sK0dk84Ndnpaa6yRTGtnnQK8rGQKBUUxWzEDwXAIKf7yAZF1cn7 oC29FOCBxa7XOZXzJ+2fr2HjBA+peFz64oPbT3RUafmhoGCou5bNvn7y6QtHXhFD IMx19r04VQXOqoVAtnu2iMSvC++S4uyZheLYxJm1g5RuF6gPOvSVN3JSeHbehReD Y4RrQgiHBalOYId+givm/pZz/y+lwInFv8QhNhcgiiJbGZl+NVzLNPrQdWMTRlwY onzbk+QKGwubmz9BInp1oFYCdY4/SSeEMg/uW+tDsTY= -----END CERTIFICATE----- Volusion: CN = Volusion, Inc. DV SSL CA - G3 OU = Domain Validated SSL O = Volusion, Inc. C = US -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgIQZSW2AymeUNX7HZISD34GIjANBgkqhkiG9w0BAQsFADCB mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eSAtIEczMB4XDTE1MDYzMDAwMDAwMFoXDTI1MDYyOTIzNTk1OVowbTELMAkG A1UEBhMCVVMxFzAVBgNVBAoTDlZvbHVzaW9uLCBJbmMuMR0wGwYDVQQLExREb21h aW4gVmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdVm9sdXNpb24sIEluYy4gRFYgU1NM IENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Fjumxk0p 3twVKYFhOJsNUHkC8VtO5UXKw+PVSOq9ytOVNWFigzXmOeiFMfzP3xL8mfWNnSSu f1zq8a7rffme+auUfDTPUC/xw4jFgSNdFUYkZJJTagsRRfcPwVzUNfASiesMmm63 T8IQmnxNb2hYw/RHzZXbnkSKfGEpYTTgZaw1qKpNoSKbZ6t4x0hlI0LxS81oyP1k McERcqC59XtsjG27xczXE8YrDfQEFyBakqHmsjXtoygfHTx74B8PYSmw7lyrss8W nKDDuuSzPE36dqcRYQ8SbRdgLbSliWPRIm/kLTh3CohILuYqLSSUi6opSHUEfC7V YAXFBynGBrDVAgMBAAGjggE6MIIBNjAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMEkGA1Ud IARCMEAwPgYGZ4EMAQIBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdlb3Ry dXN0LmNvbS9yZXNvdXJjZXMvY3BzMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9n LnN5bWNiLmNvbS9HZW9UcnVzdFBDQS1HMy5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUFctVGg88UAhS yXSVd/opKUIQ9b8wHwYDVR0jBBgwFoAUxHnKjqFOAx0c3GvbMVuUPj8wfy0wDQYJ KoZIhvcNAQELBQADggEBAAufPbq2b3+ea8/70CqrM1lT5wzUG06LmUKfHTIlteg2 pjJeVA6UlZJooAmFA0vGq5l43TEbXuZzTPLkq1fkn1m2a28xMS0F8bC+TgGUWy3/ nf4QscgpA0qT1z/aRv+3O8XNQwyzGgiFtx7BAf+FYX1huYQ/VKewserdVJT/rhUM RHH/kNsvDSH587cYvSy+ZB94Pm6CXPVPHz5W7idGAYVEK3zU9dRnKgIqmkfXjhdj dlR6g4pmdeK9Um7vZ1IY3aUtNA6K8v6U9cf15b7qwaO6XjzeOll6opDKUzMBp0Up mgHl6ImfisnCKMnJdi+Ks83AQPRgKQ2kX+5MfSHXEKg= -----END CERTIFICATE----- STRATO: CN = STRATO SSL - G3 OU = Domain Validated SSL O = STRATO AG C = DE -----BEGIN CERTIFICATE----- MIIEuTCCA6GgAwIBAgIQPTxL+gbSh48J+864RodfkzANBgkqhkiG9w0BAQsFADCB mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eSAtIEczMB4XDTE1MDYzMDAwMDAwMFoXDTI1MDYyOTIzNTk1OVowWjELMAkG A1UEBhMCREUxEjAQBgNVBAoTCVNUUkFUTyBBRzEdMBsGA1UECxMURG9tYWluIFZh bGlkYXRlZCBTU0wxGDAWBgNVBAMTD1NUUkFUTyBTU0wgLSBHMzCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAKSwyrMh+YZQILJUktZVCo+bXKU/x946jF7h k7h4Ds76NsUvN+ZkyNgtGoG0MGIpDoOQ8qLpAMG9vWfKd5Ta0Gr5tBiK3bqVuoF4 zKw6EPmt/0H4fccnhNovWxeaJMCKRs5tXM8QqKo9ue4X7KRmcdbMoym1jqnG13lo /i4WuVhqnhznzNypbhUsYIX3l7z4M7opbhrM2WP1ZKIIHSqdTpINWkWkCiaZtR8/ Td79EfFy4MiMKL1CJ5uAiyeX6KaiX12EVuyXmkSnHcTrxb/+9rI5t7P663WwosTy jPGMgHQPOucPybBmPXHf7n7eyayj3s3ZKcqNnpFL7F0NTAPbCRcCAwEAAaOCATow ggE2MC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2Qu Y29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwSQYDVR0gBEIwQDA+BgZngQwBAgEwNDAy BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9j cHMwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2cuc3ltY2IuY29tL0dlb1RydXN0 UENBLUczLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P AQH/BAQDAgEGMB0GA1UdDgQWBBQ+2LlAaHY40IgszWcBpykeyDf2kDAfBgNVHSME GDAWgBTEecqOoU4DHRzca9sxW5Q+PzB/LTANBgkqhkiG9w0BAQsFAAOCAQEAbX6b XBwbeB2+0Zo5OanFtejIW/trFisfaCj1tC2NSmKkN/GHWj24fiWOqN48LGLyFk+X OaUVP3sRMEdNFSY7aQA5yRl4Fcl/+hqPXnF0CPfIiKXKRCPeZk2Tpz50iHmQJ3ZZ kNZfevX5Bn8QIHU4rkbqNFKpr4/tXoEquO8OQN9nHb4bDatz+5rSCRJ2U63Y0/a/ KHe9+/yGaSE6fDcI/eBQQHLeDP5MsjwWfcZXZlZdDTBkBs2rirlbi5jJhmaJ2MIA JgzIHwZu3fgS4cRjbUMUtC5jJAH+V/Q0gp3MX8Hrlaqh08uDH6nxONYUYuR0Ruzb dZ5ii3M35oGe8u8hPQ== -----END CERTIFICATE----- Intermediate Certificate: CN = Intermediate Certificate DV SSL CA - G3 OU = Domain Validated SSL O = Intermediate Certificate C = NL -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIQSDEftyuTqIkZhg4vmiOH4zANBgkqhkiG9w0BAQsFADCB mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eSAtIEczMB4XDTE1MDYzMDAwMDAwMFoXDTI1MDYyOTIzNTk1OVowgYExCzAJ BgNVBAYTAk5MMSEwHwYDVQQKExhJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUxHTAb BgNVBAsTFERvbWFpbiBWYWxpZGF0ZWQgU1NMMTAwLgYDVQQDEydJbnRlcm1lZGlh dGUgQ2VydGlmaWNhdGUgRFYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCy2Y3PvcG6flYOOj21qAr/cWE3hbOWylsb4xzS66EfzaLV 78lPRqjfgZSAvwkT3nyq5kn2T9D5HWaN/xANZB0xtrpRZtx4ScfP1S6sz9FSN7FQ ti65vln0XBhKiC9/HZmSXuQCWpfk7RdZK4befYY+3i8QDkAV1HbisT2yV7KqJpF0 2fl5MlWxNLEe88qO/KdrbWhKQggnKmIdQDuznRzZPiyVbEBjjLqZT7RJMcstvQRd se/pAweEio9DWdgwPO0eAjxBDO0pwk6t9kvDx/xHtyNAOpOsWwWf6//cd0wAv2xP peh75RimFRcsQfRjPIK10OJF66lYOguEVPHTC7W9AgMBAAGjggE6MIIBNjAuBggr BgEFBQcBAQQiMCAwHgYIKwYBBQUHMAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTASBgNV HRMBAf8ECDAGAQH/AgEAMEkGA1UdIARCMEAwPgYGZ4EMAQIBMDQwMgYIKwYBBQUH AgEWJmh0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvY3BzMDYGA1Ud HwQvMC0wK6ApoCeGJWh0dHA6Ly9nLnN5bWNiLmNvbS9HZW9UcnVzdFBDQS1HMy5j cmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIB BjAdBgNVHQ4EFgQUz94BPUtrkWkKcVcC2gyah2YTAxEwHwYDVR0jBBgwFoAUxHnK jqFOAx0c3GvbMVuUPj8wfy0wDQYJKoZIhvcNAQELBQADggEBAL+Gptz3wnAv0Zd5 dhn6yvHN79ql57AgZDtBQ/js6ZE87ZmTs+TTIay2B9SGqsblhmCJA2EOJeKWr+oO CnHDdbB9LVW4zigEFat8UdNPa0JwqiZ+DhOg7H3Eofxt4x3AOZCqq8plpD6TyzVd 6bxhEAp3eNmNhyFZ98ueIlf8V89xQ06QFr8tUoidNLL/iNUKBDzGvb2DgbmVZC3p Yynw7Rn4I4ZXOvSDnmevvKWhs9CrNpS421NWmPZxlN3gxpzYTng7GL2KQfn60wqZ vDwX+ahjM3wS37ijpCQXsQH1DECtMGjM2FzhrJt0V9N4Kt/NuWKdCmVjYierjEL4 IZRf5A0= -----END CERTIFICATE-----
Comment 10•9 years ago
|
||
(In reply to suhasini_anand from comment #9) > CN = Intermediate Certificate DV SSL CA - G3 > OU = Domain Validated SSL > O = Intermediate Certificate > C = NL Are you saying that there's an (incorporated?) organization in the Netherlands whose name is "Intermediate Certificate" and whose identity has been authenticated according to section 3.2.2 of your CP/CPS? Does this subject information really "accurately identify the CA" as required by section 7.1.2.2 of the CABF BR (which you claim conformance with by including the 2.23.140.1.2.1 policy OID)?
Updated•7 years ago
|
Product: mozilla.org → NSS
Updated•2 years ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•