Add Microsoft's non-EV root certificates to NSS
Categories
(NSS :: CA Certificates Code, enhancement, P1)
Tracking
(Not tracked)
People
(Reporter: kathleen.a.wilson, Assigned: jcj)
References
Details
Attachments
(3 files)
This bug requests inclusion in the NSS root store of the following root certificates owned by Microsoft Corporation.
Friendly Name: Microsoft ECC Root Certificate Authority 2017
Cert Location: http://www.microsoft.com/pkiops/certs/Microsoft%20ECC%20Root%20Certificate%20Authority%202017.crt
SHA-1 Fingerprint: 999A64C37FF47D9FAB95F14769891460EEC4C3C5
SHA-256 Fingerprint: 358DF39D764AF9E1B766E9C972DF352EE15CFAC227AF6AD1D70E8E4A6EDCBA02
Trust Flags: Websites
Test URL: https://acteccroot2017.pki.microsoft.com/
Friendly Name: Microsoft RSA Root Certificate Authority 2017
Cert Location: http://www.microsoft.com/pkiops/certs/Microsoft%20RSA%20Root%20Certificate%20Authority%202017.crt
SHA-1 Fingerprint: 73A5E64A3BFF8316FF0EDCCC618A906E4EAE4D74
SHA-256 Fingerprint: C741F70F4B2A8D88BF2E71C14122EF53EF10EBA0CFA5E64CFA20F418853073E0
Trust Flags: Websites
Test URL: https://actrsaroot2017.pki.microsoft.com/
This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1448093
The next steps are as follows:
- A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached.
- A Mozilla representative creates a patch with the new certificates, and provides a special test version of Firefox.
- A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificates have been correctly imported and that websites work correctly.
- The Mozilla representative requests that another Mozilla representative review the patch.
- The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED.
- At some time after that, various Mozilla products will move to using a version of NSS which contains the certificates. This process is mostly under the control of the release drivers for those products.
|
Reporter | |
Comment 1•4 years ago
|
||
|
|
Reporter | |
Comment 2•4 years ago
|
||
|
||
Comment 4•4 years ago
|
||
I and several of my colleagues have double checked the information above and the attached files and confirm the information and the attachments are correct.
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Comment 5•4 years ago
|
||
Friendly Name: Microsoft ECC Root Certificate Authority 2017
Cert Location: http://www.microsoft.com/pkiops/certs/Microsoft%20ECC%20Root%20Certificate%20Authority%202017.crt
SHA-1 Fingerprint: 999A64C37FF47D9FAB95F14769891460EEC4C3C5
SHA-256 Fingerprint: 358DF39D764AF9E1B766E9C972DF352EE15CFAC227AF6AD1D70E8E4A6EDCBA02
Trust Flags: Websites
Test URL: https://acteccroot2017.pki.microsoft.com/
Friendly Name: Microsoft RSA Root Certificate Authority 2017
Cert Location: http://www.microsoft.com/pkiops/certs/Microsoft%20RSA%20Root%20Certificate%20Authority%202017.crt
SHA-1 Fingerprint: 73A5E64A3BFF8316FF0EDCCC618A906E4EAE4D74
SHA-256 Fingerprint: C741F70F4B2A8D88BF2E71C14122EF53EF10EBA0CFA5E64CFA20F418853073E0
Trust Flags: Websites
Test URL: https://actrsaroot2017.pki.microsoft.com/
Depends on D79370
|
||
Comment 6•4 years ago
|
||
Description
•