Closed Bug 1651211 Opened 3 years ago Closed 3 years ago

Remove SK ID Solutions' EE Certification Centre Root certificate from NSS


(NSS :: CA Certificates Code, enhancement)



(Not tracked)



(Reporter: kwilson, Assigned: kjacobs)


(Whiteboard: September 2020 Batch of Root Changes)


(1 file)

Please remove the following root certificate from NSS.

Subject: CN=EE Certification Centre Root CA; O=AS Sertifitseerimiskeskus; C=EE
Certificate Serial Number: 5480F9A073ED3F004CCA89D8E371E64A
SHA-1 Fingerprint: C9A8B9E755805E58E35377A725EBAFC37B27CCD7
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
Mozilla Trust Bits: Websites
Not EV

The CA reports that the last TLS certificate chaining up to this root expires on September 29, 2020.

Can You please clarify the date when the chnage in NSS will happen? Our last certificate will expire in September 29, 2020. According to we agreed that let last TLS certificates expire, and there in no need for revocation as the date are so close by.

The answer depends on whether the September batch of root changes gets into NSS 3.57. If the change gets into NSS 3.57, then root removal would occur in Firefox 82, which is currently scheduled to go into Beta on September 22, and release on October 20. See and Otherwise, it would likely go into Firefox 83 which goes to Beta on October 20 and final release on November 17.

Version: 3.54 → 3.57

Are there any indications in which release the removal the root changes will be deployed? This would be crucial to know for us, as we need to make communication to our partners.

We are planning for the changes to go into NSS 3.57, which is planned to go into Firefox 82, which is currently scheduled to go into Beta on September 21, and release on October 20.

Assignee: nobody → kjacobs.bugzilla
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.57
You need to log in before you can comment on or make changes to this bug.