Disable EV treatment for 6 GeoTrust, thawte, and VeriSign root certs
Categories
(Core :: Security: PSM, enhancement, P1)
Tracking
()
People
(Reporter: kathleen.a.wilson, Assigned: mbirghan)
References
Details
Please remove EV treatment for the following root certificates. They are going to be removed via Bug #1670769 in the December 2020 batch of root changes.
GeoTrust Primary Certification Authority
https://crt.sh/?id=4350
Serial number: 18ACB56AFD69B6153A636CAFDAFAC4A1
SHA2 thumbprint: 37D51006C512EAAB626421F1EC8C92013FC5F82AE98EE533EB4619B8DEB4D06C
GeoTrust Primary Certification Authority - G3
https://crt.sh/?id=847444
Serial number: 15AC6E9419B2794B41F627A9C3180F1F
SHA2 thumbprint: B478B812250DF878635C2AA7EC7D155EAA625EE82916E2CD294361886CD1FBD4
thawte Primary Root CA
https://crt.sh/?id=30
Serial number: 344ED55720D5EDEC49F42FCE37DB2B6D
SHA2 thumbprint: 8D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F
thawte Primary Root CA - G3
https://crt.sh/?id=254193
Serial number: 600197B746A7EAB4B49AD64B2FF790FB
SHA2 thumbprint: 4B03F45807AD70F21BFC2CAE71C9FDE4604C064CF5FFB686BAE5DBAAD7FDD34C
VeriSign Class 3 Public Primary Certification Authority - G4
https://crt.sh/?id=2771491
Serial number: 2F80FE238C0E220F486712289187ACB3
SHA2 thumbprint: 69DDD7EA90BB57C93E135DC85EA6FCD5480B603239BDC454FC758B2A26CF7F79
VeriSign Class 3 Public Primary Certification Authority - G5
https://crt.sh/?id=93
Serial number: 18DAD19E267DE8BB4A2158CDCC6B3B4A
SHA2 thumbprint: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
|
Assignee | |
Comment 1•4 years ago
|
||
I cannot find the entries in ExtendedValidation.cpp. Do you mean entries in TrustOverride-SymantecData.inc?
|
Reporter | |
Comment 2•4 years ago
|
||
It appears that there is no EV treatment to remove for these roots, so closing this bug as invalid. And I will update CCADB to match. Thanks!
Description
•