Open Bug 1552403 Opened 2 years ago Updated 5 days ago

Add National Certification Authority of Sri Lanka root certificates

Categories

(NSS :: CA Certificate Root Program, task)

task
Not set
normal

Tracking

(Not tracked)

ASSIGNED

People

(Reporter: priyankara, Assigned: bwilson)

Details

(Whiteboard: [ca-initial] - BW Comment #11 2021-01-07)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36

Hello, I am writing on behalf of Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT). Sri Lanka CERT is currently on the progress of setting up National Certification Authority of Sri Lanka.

We are planing to perform on our Web Trust Audit on next month and we are keen to know what steps to be followed in order to embed our CA Root Certificate to Mozilla browsers.

Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Type: defect → enhancement

(In reply to Priyankara Perera from comment #1)

Hello, I am writing on behalf of Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT). Sri Lanka CERT is currently on the progress of setting up National Certification Authority of Sri Lanka.

We are planing to perform on our Web Trust Audit on next month and we are keen to know what steps to be followed in order to embed our CA Root Certificate to Mozilla browsers.

Mozilla's root inclusion process is described here:
https://wiki.mozilla.org/CA/Application_Process

Most of the required information can be provided directly in the Common CA Database, and you can request access to the CCADB as described here:
https://ccadb.org/cas/request-access

CAs with access to the CCADB may create a Root Inclusion Case as described here:
https://wiki.mozilla.org/CA/Information_Checklist#Create_a_Root_Inclusion_Case
IMPORTANT: Whenever you update data in your Root Inclusion Case in the CCADB, be sure to add a comment to your Bugzilla Bug to let folks know to re-check the information.

Whiteboard: [ca-verifying] - KW Comment #2 2019-06-04
Type: enhancement → task

Dear Kathleen,

We apologize for the late update. Currently, we are on the process of obtaining the web trust certification for our Root CA and wish to submit all related documents soon, as specified in the Mozilla guidelines.

We are planning to have two subordinate CAs under our Root CA and We would like to know if there are any kind of guidelines/specifications to be followed by Subordinate CAs in order to comply with the Mozilla.

Thank you.

Regards,
Priyankara.

(In reply to Priyankara Perera from comment #3)

We are planning to have two subordinate CAs under our Root CA and We would like to know if there are any kind of guidelines/specifications to be followed by Subordinate CAs in order to comply with the Mozilla.

https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy#53-intermediate-certificates
https://www.ccadb.org/policy#51-audit-statement-content
https://www.ccadb.org/cas/intermediates
https://wiki.mozilla.org/CA/Subordinate_CA_Checklist

Dear Priyankara,
Please provide us an update on the status of your root and audit. Do you still have interest in pursuing this matter with Mozilla?
Thanks,
Ben

Flags: needinfo?(priyankara)
Assignee: kwilson → bwilson

I don't believe that we have received any response to our inquiry. I intend to close this bug on or about 1-Nov-2020 unless the applicant contacts us and informs us that they intend to pursue this application for root inclusion.

Flags: needinfo?(bwilson)

Dear Ben,

Extremely sorry for the late reply.

Even though we have completed the Root Key Generation of National Certification Authority of Sri Lanka on 14th February 2020, We are still on the process of obtaining the web trust seal from our web trust auditor.

Hence, appreciate if you can keep the ticket open.

We will submit the required documents at our earliest.

Thank you.

Regards,
Priyankara.

Flags: needinfo?(priyankara)

Dear Priyankara,
Could you please provide an update on your audit progress?
Thanks,
Ben

Flags: needinfo?(bwilson) → needinfo?(priyankara)

Dear Ben,

We are still on the process of obtaining the web trust seal from our web trust auditor (BDO Malaysia).
Due to COVID-19, we are getting slow response from the auditor.

Kindly provide us a extension of few weeks...

Thanks you.

Regards,
Priyankara.

Flags: needinfo?(priyankara)

Dear Ben,

We have successfully completed Point In Time Audit.
Meanwhile we have requested the CCADB Access.

Regards,
Priyankara.

Terrific news. Thanks. Let me know if you have any trouble following any of the instructions on starting a new root case in the CCADB.

Whiteboard: [ca-verifying] - KW Comment #2 2019-06-04 → [ca-initial] - BW Comment #11 2021-01-07
You need to log in before you can comment on or make changes to this bug.