Closed Bug 1137172 Opened 9 years ago Closed 9 years ago

Adressbar not green with EV SSL and ECC cipher

Categories

(Core :: Security: PSM, defect)

36 Branch
x86
macOS
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 833974

People

(Reporter: carsten.mueller, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:36.0) Gecko/20100101 Firefox/36.0
Build ID: 20150222232811

Steps to reproduce:

Open a website secured with an Symantec SecureSite Pro EV SSL certificate using ECC cipher:
https://developers.certcenter.com/

Certificate installation verified by Qualys:
https://www.ssllabs.com/ssltest/analyze.html?d=developers.certcenter.com


Actual results:

Company name ist not shown left in the addressbar in green font:
https://developers.certcenter.com/

With Internet Explorer 11 and Chrome 40 no problem.

With RSA instead of ECC everything is ok:
https://www.certcenter.com/



Expected results:

Company name should be shown left in the addressbar in green -> EV Certificate
Component: Untriaged → Security: PSM
Product: Firefox → Core
Kathleen, it looks like the certificate in question chains to the "VeriSign Class 3 Public Primary Certification Authority - G4" root, which isn't enabled for EV (the "... - G5" root is, however). Are there plans to change this?
Flags: needinfo?(kwilson)
Perhaps this bug should be closed as a duplicate of Bug #833974

VeriSign Class 3 Public PCA - G4 is an ECC root. This root was included via Bug #409235. It was not enabled for EV at that time, because it was not yet being used for EV. So, now Symantec has asked for EV treatment via Bug #833974. See https://bugzilla.mozilla.org/show_bug.cgi?id=833974#c19 for current status.

VeriSign Class 3 Public PCA - G5 is a SHA-1 root, and VeriSign asked for it to be enabled for EV treatment along with being included, and that request was approved/implemented in Bug #402947.
Flags: needinfo?(kwilson)
Great - thanks Kathleen!
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.