Closed Bug 1137172 Opened 10 years ago Closed 10 years ago

Adressbar not green with EV SSL and ECC cipher

Categories

(Core :: Security: PSM, defect)

36 Branch
x86
macOS
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 833974

People

(Reporter: carsten.mueller, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:36.0) Gecko/20100101 Firefox/36.0 Build ID: 20150222232811 Steps to reproduce: Open a website secured with an Symantec SecureSite Pro EV SSL certificate using ECC cipher: https://developers.certcenter.com/ Certificate installation verified by Qualys: https://www.ssllabs.com/ssltest/analyze.html?d=developers.certcenter.com Actual results: Company name ist not shown left in the addressbar in green font: https://developers.certcenter.com/ With Internet Explorer 11 and Chrome 40 no problem. With RSA instead of ECC everything is ok: https://www.certcenter.com/ Expected results: Company name should be shown left in the addressbar in green -> EV Certificate
Component: Untriaged → Security: PSM
Product: Firefox → Core
Kathleen, it looks like the certificate in question chains to the "VeriSign Class 3 Public Primary Certification Authority - G4" root, which isn't enabled for EV (the "... - G5" root is, however). Are there plans to change this?
Flags: needinfo?(kwilson)
Perhaps this bug should be closed as a duplicate of Bug #833974 VeriSign Class 3 Public PCA - G4 is an ECC root. This root was included via Bug #409235. It was not enabled for EV at that time, because it was not yet being used for EV. So, now Symantec has asked for EV treatment via Bug #833974. See https://bugzilla.mozilla.org/show_bug.cgi?id=833974#c19 for current status. VeriSign Class 3 Public PCA - G5 is a SHA-1 root, and VeriSign asked for it to be enabled for EV treatment along with being included, and that request was approved/implemented in Bug #402947.
Flags: needinfo?(kwilson)
Great - thanks Kathleen!
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.