Closed Bug 1378334 Opened 7 years ago Closed 7 years ago

Disable/Remove some legacy Comodo root certificates

Categories

(CA Program :: CA Certificate Root Program, task)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rob, Assigned: kathleen.a.wilson)

References

Details

Please disable the Websites and Code Signing trust bits for the following 1 root:

  Subject Name:
    CN = AddTrust Class 1 CA Root
    OU = AddTrust TTP Network
    O = AddTrust AB
    C = SE
  SHA-256 fingerprint:
    8C7209279AC04E275E16D07FD3B775E80154B5968046E31F52DD25766324E9A7
  Reason: Legacy, no longer in use.  However, please leave the Email trust bit enabled so that existing S/MIME signatures can still be validated.
  See also: https://crt.sh/?id=1726036


Please disable all trust bits and remove the following 5 roots:

  Subject Name:
    CN = AddTrust Public CA Root
    OU = AddTrust TTP Network
    O = AddTrust AB
    C = SE
  SHA-256 fingerprint:
    0791CA0749B20782AAD3C7D7BD0CDFC9485835843EB2D7996009CE43AB6C6927
  Reason: Legacy, no longer in use.
  See also: https://crt.sh/?id=1733294

  Subject Name:
    CN = AddTrust Qualified CA Root
    OU = AddTrust TTP Network
    O = AddTrust AB
    C = SE
  SHA-256 fingerprint:
    8095210805DB4BBC355E4428D8FD6EC2CDE3AB5FB97A9942988EB8F4DCD06016
  Reason: Legacy, no longer in use.
  See also: https://crt.sh/?id=1721082

  Subject Name:
    CN = Secure Certificate Services
    O = Comodo CA Limited
    L = Salford
    ST = Greater Manchester
    C = GB
  SHA-256 fingerprint:
    BD81CE3B4F6591D11A67B5FC7A47FDEF25521BF9AA4E18B9E3DF2E34A7803BE8
  Reason: Legacy, no longer in use.
  See also: https://crt.sh/?id=1726666

  Subject Name:
    CN = Trusted Certificate Services
    O = Comodo CA Limited
    L = Salford
    ST = Greater Manchester
    C = GB
  SHA-256 fingerprint:
    3F06E55681D496F5BE169EB5389F9F2B8FF61E1708DF6881724849CD5D27CB69
  Reason: Legacy, no longer in use.
  See also: https://crt.sh/?id=1728427

  Subject Name:
    CN = UTN-USERFirst-Hardware
    OU = http://www.usertrust.com
    O = The USERTRUST Network
    L = Salt Lake City
    ST = UT
    C = US
  SHA-256 fingerprint:
    6EA54741D004667EED1B4816634AA3A79E6E4B96950F8279DAFC8D9BD8812137
  Reason: Legacy, no longer in use.
  See also: https://crt.sh/?id=34


Please also disable EV treatment for UTN-USERFirst-Hardware.
See Also: → 1366403
Depends on: 1366403, 1380821
Status: NEW → ASSIGNED
These changes were completed via Bug #1366403 and Bug #1380821 in NSS 3.32, Firefox 56.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Product: NSS → CA Program
You need to log in before you can comment on or make changes to this bug.