Closed Bug 1314464 Opened 8 years ago Closed 8 years ago

Add "SecureSign Public CA11" intermediate CA cert to OneCRL

Categories

(NSS :: CA Certificates Code, task)

Product:
NSS
Component:
CA Certificates Code
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kathleen.a.wilson, Unassigned)

References

Details

Please add the following intermediate cert to OneCRL.

Subject commonName: SecureSign Public CA11
Issuer commonName: SecureSign RootCA11
SHA-256: D0D672C2547D574AE055D9E78A993DDBCC74044C4253FBFACA573A67D368E1DB
SHA-1: 8D4E255F55392AB219D20A958D6591A42D284596
Not Before: Apr 8 09:06:51 2009 GMT
Not After : Apr 8 04:56:47 2029 GMT

According to crt.sh it has signed 647 certs, but the latest notAfter is 2015-07-14. 
https://crt.sh/?Identity=%25&iCAID=246

The JCSI Root CA (SecureSign RootCA11) was acquired by Cybertrust Japan(CTJ) in August 2014.

The current WebTrust CA audit statement for this root is here:
https://cert.webtrust.org/SealFile?seal=2097&file=pdf

However, there is not a BR audit statement for this root yet, because CTJ has not yet issued their intermediate certificate to sign TLS/SSL certificates. CTJ is planning to do this and get a BR readiness audit in March, 2017.

Unfortunately, this "SecureSign Public CA11" intermediate certificate had not been transferred to CTJ, even though it chains up to the root certificate that CTJ acquired. Therefore, I think this "SecureSign Public CA11" intermediate certificate should be added to OneCRL.
Depends on: 1314673
Added to OneCRL.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.