As per https://bugzilla.mozilla.org/show_bug.cgi?id=476428#c41 I have concerns about the audit statements for the E-Guven CA. In mozilla.dev.security.policy I proposed removing the E-Guven root certificate due to my concerns about their audits, and there was general consensus. Therefore, please remove the following root certificate from NSS. Issuer Field: CN = e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi O = Elektronik Bilgi Guvenligi A.S. C = TR SHA-1 Fingerprint: DD:E1:D2:A9:01:80:2E:1D:87:5E:84:B3:80:7E:4B:B1:FD:99:41:34
Created attachment 8580210 [details] [diff] [review] patch v1
Created attachment 8580212 [details] [diff] [review] patch v2 This patch also updates the version number.
Comment on attachment 8580212 [details] [diff] [review] patch v2 r+ rrelyea
Note that the root will expire at the beginning of 2017 anyway.
Landed into NSS_3_18_BRANCH https://hg.mozilla.org/projects/nss/rev/3a41adab01a0
Verified in Fx38.0b8. FYI, note that the following four sites will currently break due to this removal. https://portal.emu.edu.tr https://pg.tejaratbank.net https://ogr.rize.edu.tr https://www.imzalagonder.com