Closed
Bug 1378334
Opened 7 years ago
Closed 7 years ago
Disable/Remove some legacy Comodo root certificates
Categories
(CA Program :: CA Certificate Root Program, task)
CA Program
CA Certificate Root Program
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rob, Assigned: kathleen.a.wilson)
References
Details
Please disable the Websites and Code Signing trust bits for the following 1 root: Subject Name: CN = AddTrust Class 1 CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 8C7209279AC04E275E16D07FD3B775E80154B5968046E31F52DD25766324E9A7 Reason: Legacy, no longer in use. However, please leave the Email trust bit enabled so that existing S/MIME signatures can still be validated. See also: https://crt.sh/?id=1726036 Please disable all trust bits and remove the following 5 roots: Subject Name: CN = AddTrust Public CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 0791CA0749B20782AAD3C7D7BD0CDFC9485835843EB2D7996009CE43AB6C6927 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1733294 Subject Name: CN = AddTrust Qualified CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 8095210805DB4BBC355E4428D8FD6EC2CDE3AB5FB97A9942988EB8F4DCD06016 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1721082 Subject Name: CN = Secure Certificate Services O = Comodo CA Limited L = Salford ST = Greater Manchester C = GB SHA-256 fingerprint: BD81CE3B4F6591D11A67B5FC7A47FDEF25521BF9AA4E18B9E3DF2E34A7803BE8 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1726666 Subject Name: CN = Trusted Certificate Services O = Comodo CA Limited L = Salford ST = Greater Manchester C = GB SHA-256 fingerprint: 3F06E55681D496F5BE169EB5389F9F2B8FF61E1708DF6881724849CD5D27CB69 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1728427 Subject Name: CN = UTN-USERFirst-Hardware OU = http://www.usertrust.com O = The USERTRUST Network L = Salt Lake City ST = UT C = US SHA-256 fingerprint: 6EA54741D004667EED1B4816634AA3A79E6E4B96950F8279DAFC8D9BD8812137 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=34 Please also disable EV treatment for UTN-USERFirst-Hardware.
Assignee | ||
Updated•7 years ago
|
Assignee | ||
Updated•7 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•7 years ago
|
||
These changes were completed via Bug #1366403 and Bug #1380821 in NSS 3.32, Firefox 56.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Updated•2 years ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•