Closed Bug 1686854 Opened 3 years ago Closed 3 years ago

Remove GeoTrust PCA-G2 and VeriSign Universal root certs from NSS

Categories

(NSS :: CA Certificates Code, task, P1)

Product:
NSS
Component:
CA Certificates Code
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kathleen.a.wilson, Assigned: beurdouche)

References

Details

(Whiteboard: March 2021 Batch of Root Changes)

Attachments

(1 file)

Bug 1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs from NSS. r=KathleenWilson
48 bytes, text/x-phabricator-request
Details | Review

Please remove the following two root certificates from NSS.
The CA, DigiCert, has confirmed that these roots are ready to be removed as per the continuation of the distrust of Symantec root certificates.

GeoTrust Primary Certification Authority - G2
Serial Number 3CB2F4480A00E2FEEB243B5E603EC36B
SHA-1 Fingerprint 8D1784D537F3037DEC70FE578B519A99E610D7B0
SHA-256 Fingerprint 5EDB7AC43B82A06A8761E8D7BE4979EBF2611F7DD79BF91C1C6B566A219ED766

VeriSign Universal Root Certification Authority
Serial Number 401AC46421B31321030EBBE4121AC51D
SHA-1 Fingerprint 3679CA35668772304D30A5FB873B0FA77BB70D54
SHA-256 Fingerprint 2399561127A57125DE8CEFEA610DDF2FA078B5C8067F4E828290BFB860E84B3C

Brenda, Please confirm that these are the correct root certificates to be removed.

Blocks: 1686856

Confirming the two are correct to be removed.

Depends on: 1693217
Assignee: nobody → bbeurdouche
Severity: -- → S1
Status: NEW → ASSIGNED
Type: enhancement → task
Priority: -- → P1
Target Milestone: --- → 3.63

https://hg.mozilla.org/projects/nss/rev/9718a34c84429b1e5dc66a22c13e97ad169721dc

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: