Closed Bug 1358546 Opened 8 years ago Closed 8 years ago

remove "CNNIC ROOT" and "China Internet Network Information Center EV Certificates Root" from NSS

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 1380868

People

(Reporter: keeler, Unassigned)

References

Details

Dana Keeler (she/her) [:keeler]

Reporter

Description

•

8 years ago

As of bug 1151512 Firefox only trusts certificates issued from "CNNIC ROOT" or "China Internet Network Information Center EV Certificates Root" if they are on a built-in whitelist. As of the deprecation of SHA-1 and due to time passing, only 41 of those certificates would still validate correctly (if they are even still in use). Consequently, the compatibility impact of simply removing these roots is so low that we should just do so.

Dana Keeler (she/her) [:keeler]

Reporter

Updated

•

8 years ago

Blocks: 1356623

Dana Keeler (she/her) [:keeler]

Reporter

Comment 1

•

8 years ago

I think this is the same as bug 1380868, which has more details, so duping forward.

Status: NEW → RESOLVED

Closed: 8 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

remove "CNNIC ROOT" and "China Internet Network Information Center EV Certificates Root" from NSS

Categories

(NSS :: CA Certificates Code, task)

Tracking

(Not tracked)

People

(Reporter: keeler, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1