Closed Bug 1378334 Opened 8 years ago Closed 8 years ago

Disable/Remove some legacy Comodo root certificates

Categories

(CA Program :: CA Certificate Root Program, task)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rob, Assigned: kathleen.a.wilson)

References

Details

Please disable the Websites and Code Signing trust bits for the following 1 root: Subject Name: CN = AddTrust Class 1 CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 8C7209279AC04E275E16D07FD3B775E80154B5968046E31F52DD25766324E9A7 Reason: Legacy, no longer in use. However, please leave the Email trust bit enabled so that existing S/MIME signatures can still be validated. See also: https://crt.sh/?id=1726036 Please disable all trust bits and remove the following 5 roots: Subject Name: CN = AddTrust Public CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 0791CA0749B20782AAD3C7D7BD0CDFC9485835843EB2D7996009CE43AB6C6927 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1733294 Subject Name: CN = AddTrust Qualified CA Root OU = AddTrust TTP Network O = AddTrust AB C = SE SHA-256 fingerprint: 8095210805DB4BBC355E4428D8FD6EC2CDE3AB5FB97A9942988EB8F4DCD06016 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1721082 Subject Name: CN = Secure Certificate Services O = Comodo CA Limited L = Salford ST = Greater Manchester C = GB SHA-256 fingerprint: BD81CE3B4F6591D11A67B5FC7A47FDEF25521BF9AA4E18B9E3DF2E34A7803BE8 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1726666 Subject Name: CN = Trusted Certificate Services O = Comodo CA Limited L = Salford ST = Greater Manchester C = GB SHA-256 fingerprint: 3F06E55681D496F5BE169EB5389F9F2B8FF61E1708DF6881724849CD5D27CB69 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=1728427 Subject Name: CN = UTN-USERFirst-Hardware OU = http://www.usertrust.com O = The USERTRUST Network L = Salt Lake City ST = UT C = US SHA-256 fingerprint: 6EA54741D004667EED1B4816634AA3A79E6E4B96950F8279DAFC8D9BD8812137 Reason: Legacy, no longer in use. See also: https://crt.sh/?id=34 Please also disable EV treatment for UTN-USERFirst-Hardware.
See Also: → 1366403
Depends on: 1366403, 1380821
Status: NEW → ASSIGNED
These changes were completed via Bug #1366403 and Bug #1380821 in NSS 3.32, Firefox 56.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Product: NSS → CA Program
You need to log in before you can comment on or make changes to this bug.