Closed Bug 1586081 Opened 3 years ago Closed 3 years ago

Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla72

Tracking Flags:

Tracking

Status

firefox72

---

fixed

People

(Reporter: kwilson, Assigned: marcus.apb)

Details

Attachments

(1 file)

Bug 1586081 - Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2. r=keeler 3 years ago Marcus Burghardt 47 bytes, text/x-phabricator-request		Details \| Review

Kathleen Wilson

Reporter

Description

•

3 years ago

The "GlobalSign Extended Validation CA - SHA256 - G2" cert has been revoked, so we should remove the special case code that was implemented to continue EV treatment for this intermediate cert.

References:
https://bugzilla.mozilla.org/show_bug.cgi?id=1349762#c4
https://bugzilla.mozilla.org/show_bug.cgi?id=1347882#c14

Kathleen Wilson

Reporter

Updated

•

3 years ago

Summary: Removed special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2 → Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2

Marcus Burghardt

Assignee

Updated

•

3 years ago

Assignee: nobody → marcus.apb

Status: NEW → ASSIGNED

Priority: -- → P1

Marcus Burghardt

Assignee

Comment 1

•

3 years ago

Attached file Bug 1586081 - Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2. r=keeler — Details

Dana Keeler (she/her) (use needinfo) (:keeler for reviews)

Comment 2

•

3 years ago

Kathleen, do we still want to give EV treatment to certificates where the trust anchor is GlobalSign Root CA - R2?

Flags: needinfo?(kwilson)

Kathleen Wilson

Reporter

Comment 3

•

3 years ago

(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #2)

Kathleen, do we still want to give EV treatment to certificates where the trust anchor is GlobalSign Root CA - R2?

No. The GlobalSign Root CA - R2 root should not have EV treatment.

Flags: needinfo?(kwilson)

Marcus Burghardt

Assignee

Comment 4

•

3 years ago

Ok. Patch updated.

Marcus Burghardt

Assignee

Updated

•

3 years ago

Flags: needinfo?(kwilson)

Kathleen Wilson

Reporter

Comment 5

•

3 years ago

(In reply to Marcus Burghardt from comment #4)

Ok. Patch updated.

Looks good to me. Thanks!

Flags: needinfo?(kwilson)

Marcus Burghardt

Assignee

Updated

•

3 years ago

Keywords: checkin-needed

Pulsebot

Comment 6

•

3 years ago

Pushed by rmaries@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6f4eedc9e6bc
Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2. r=keeler

Keywords: checkin-needed

Arthur Iakab [arthur_iakab]

Comment 7

•

3 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/6f4eedc9e6bc

Status: ASSIGNED → RESOLVED

Closed: 3 years ago

status-firefox72: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla72

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Remove special EV treatment from GlobalSign Extended Validation CA - SHA256 - G2

Categories

(Core :: Security: PSM, enhancement, P1)

Tracking

()

People

(Reporter: kwilson, Assigned: marcus.apb)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Updated

Comment 5

Updated

Comment 6

Comment 7