Open Bug 1023726 Opened 6 years ago Updated 1 year ago
LAWtrust Root CA certificate inclusion in NSS
LAWtrust would like to submit a request for the inclusion of their LAWtrust Root Certification Authority 2048 certificate in the NSS.
Assignee: nobody → kwilson
Product: NSS → mozilla.org
Version: 3.0 → other
I wasn't notified about this bug, because it was in the wrong Component. I will begin the Information Verification phase, and update this bug soon. https://wiki.mozilla.org/CA:How_to_apply#Information_Verification
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
The attached document summarizes the information that has been verified. Please search the document for "Need Response" and "Need Clarification" to find the parts where information and clarification is still needed. Please review the full document for accuracy and completeness, and provide the necessary information in this bug.
Attached is the response to the notes made in the bug 1023726
Attachment #8438194 - Attachment is obsolete: true
According to my notes... This root currently has two internally-operated intermediate certificates: 1) LAWtrust Certification Authority 2048 2) LAWtrust AeSign Certification Authority 2048 The Root CA CPS only addresses subordinate CA certificates, so there will therefore be no mention of end-user certificates other than subordinate CA certificates. The CPS for the subordinate CAs chained into the LAWtrust root CA, will stipulate the rules in question, for example the AESign CPS in the LAWtrust repository. On https://www.lawtrust.co.za/repository/ I found the documents for "LAWtrust AeSign Certification Authority 2048" AeSign CPS: https://www.lawtrust.co.za/wp-content/uploads/LT_ISP_IS_AES_CPS_001-18-12-2013_signed.pdf AeSign Charter: https://www.lawtrust.co.za/wp-content/uploads/LAWtrust-AES-Charter_002-05-12-2014.pdf However, I have not been able to find the documents for "LAWtrust Certification Authority 2048". Please provide the URLs. Also... In AeSign CPS section 3.2.4: "In cases where the LAWtrust AeSign Certificate will be used for digitally signing and/or encrypting eMail the LAWtrust AeSign RA shall establish reasonable proof that the person submitting the certificate request controls the eMail account associated with the eMail address referenced in the LAWtrust AeSign Certificate." Where is it documented HOW this is done? Please see https://wiki.mozilla.org/CA:Recommended_Practices#Verifying_Email_Address_Control
Why is this bug report marked with Severity = Critical?
Attachment #8611348 - Attachment mime type: application/x-x509-ca-cert → text/plain
Please note that nielvg is no longer driving this process. Please forward all future responses to email@example.com and firstname.lastname@example.org
hi Rian, thanks for informing. could you please double check if bruce has created a bugzilla account? thank you very much
Hi I am not associated with LAWtrust and this request anymore. I have requested LAWtrust numerous times to remove me from the communications without success. Please remove me from any communication relating to this request. If you cannot remove me as the requester then please close this bug. Kind regards Niel van Greunen
(In reply to Niel van Greunen from comment #11) My apologies. I do not know how to change the reporter of a Bugzilla Bug so that you will stop getting notifications. I have filed Bug #1345170 to get help on this.
Niel, It looks like the best way for you to stop getting email about this bug is as follows: 1) Click the 'Edit' button at the top of this Bug's window 2) Check the box 'Never email me about this bug' at the bottom of the window (only appears in Edit mode) 3) Click the 'Save Changes' button at the bottom of the window
Bulk reassign, see https://bugzilla.mozilla.org/show_bug.cgi?id=1430324
Assignee: awu → kwilson
You need to log in before you can comment on or make changes to this bug.