Closed Bug 1348132 Opened 5 years ago Closed 5 years ago

Add D-TRUST Root CA 3 2013 to NSS

Categories

(NSS :: CA Certificates Code, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kwilson, Unassigned)

References

Details

(Whiteboard: Added in NSS 3.30.2, Firefox 54 and NSS 3.28.5, ESR 52.2)

Attachments

(1 file)

1.46 KB, application/x-x509-ca-cert
Details
This bug requests inclusion in the NSS root store of the following root certificate owned by D-TRUST GmbH, a subsidiary of Bundesdruckerei GmbH.

Friendly Name: D-TRUST Root CA 3 2013
Cert Location: http://www.d-trust.net/cgi-bin/D-TRUST_Root_CA_3_2013.crt
SHA-1 Fingerprint: 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
SHA-256 Fingerprint: A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
Trust Flags: Email

This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1166723.

The next steps are as follows:
1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate has been attached.
2) A Mozilla representative creates a patch with the new certificate, and provides a special test version of Firefox.
3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificate has been correctly imported.
4) The Mozilla representative requests that another Mozilla representative review the patch.
5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED.
6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificates. This process is mostly under the control of the release drivers for those products.
Arno, Please see step #1 above.
Depends on: 1350859
Hello Kathleen,
hereby I confirm that all the data in this bug is correct, and that the correct certificate has been attached.
Arno Fiedler on behalf of D-TRUST GmbH
(In reply to Kathleen Wilson from comment #0)
> 3) A representative of the CA uses the test version of Firefox to confirm
> (by adding a comment in this bug) that the certificate has been correctly
> imported.

The test build for this change is here:
https://archive.mozilla.org/pub/firefox/try-builds/kaie@kuix.de-331b1a3ecff20c883f4f5b135332cb1869243439/

Arno, please test as described here:
https://wiki.mozilla.org/CA:How_to_apply#Testing_Inclusion
Hello,
Frank has tested and reviewed the root certificate and it's properties within the nightly built - it looks fine, thank you!
We just skipped step 5, because the "D-TRUST Root CA 3 2013" is for Signing and Encryption, so without a SSL/TSL usage scenario.
Best regards and thanks again
Arno
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Whiteboard: Added in NSS 3.30.2, Firefox 54 and NSS 3.28.5, ESR 52.2
You need to log in before you can comment on or make changes to this bug.