Closed Bug 1707099 Opened 3 years ago Closed 3 years ago

Enable EV Treatment for Certum root certs ownd by Asseco

Categories

(Core :: Security: PSM, task)

Product:
Core
Component:
Security: PSM
Type:
task

Tracking

()

Status:
VERIFIED FIXED
Milestone:
91 Branch
Tracking Flags:
Tracking Status
firefox90 --- verified
firefox91 --- verified

People

(Reporter: kathleen.a.wilson, Assigned: rmf)

References

Details

(Whiteboard: [psm-blocked] Depends on June 2021 Batch of Root Changes)

Attachments

(1 file)

Bug 1707099 - Enable EV Treatment for Certum root certs ownd by Asseco r=keeler
48 bytes, text/x-phabricator-request
jcristau
: approval-mozilla-beta+
Details | Review

Per bug #1598577 the request from Asseco Data Systems S.A. (previously Unizeto Certum) has been approved to enable the following root certificates for EV use. Please make the corresponding changes to PSM.

Friendly Name: Certum EC-384 CA
SHA-1 Fingerprint: F33E783CACDFF4A2CCAC67556956D7E5163CE1ED
SHA-256 Fingerprint: 6B328085625318AA50D173C98D8BDA09D57E27413D114CF787A0F5D06C030CF6
EV Policy OID: 2.23.140.1.1
Test URL: https://valid-cec384ca.certificates.certum.pl

Friendly Name: Certum Trusted Root CA
SHA-1 Fingerprint: C88344C018AE9FCCF187B78F22D1C5D74584BAE5
SHA-256 Fingerprint: FE7696573855773E37A95E7AD4D9CC96C30157C15D31765BA9B15704E1AE78FD
EV Policy OID: 2.23.140.1.1
Test URL: https://valid-ctrca.certificates.certum.pl/

DEPENDENCY: Depends on this root certificates being added to NSS via Bug #1707097.

Assignee: nobody → bugs
Status: NEW → ASSIGNED
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/47a8550fd8e5
Enable EV Treatment for Certum root certs ownd by Asseco r=keeler

https://hg.mozilla.org/mozilla-central/rev/47a8550fd8e5

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox91: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 91 Branch

Comment on attachment 9225019 [details]
Bug 1707099 - Enable EV Treatment for Certum root certs ownd by Asseco r=keeler

Beta/Release Uplift Approval Request

  • User impact if declined: No extended validation treatment for certificates issued by this CA
  • Is this code covered by automated tests?: No
  • Has the fix been verified in Nightly?: Yes
  • Needs manual test from QE?: Yes
  • If yes, steps to reproduce: Visit https://valid-ctrca.certificates.certum.pl/ and https://valid-cec384ca.certificates.certum.pl/ and check if the padlock popup displays extended validation info.
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): The patch just adds this CA to the list of CAs who can do EV.
  • String changes made/needed:
Attachment #9225019 - Flags: approval-mozilla-beta?
Flags: qe-verify+
QA Whiteboard: [qa-triaged]

Reproduced the issue on affect Firefox 90.0b5 on MacOS 10.15.
Verified-fixed on the latest Firefox Nightly 91.0a1 (2021-06-09) (64-bit) (buildID: 20210609093513) on Windows 10, MacOS 10.15 and Ubuntu 18.04.
Waiting for the Uplift process to verify further.

status-firefox91: fixedverified

Comment on attachment 9225019 [details]
Bug 1707099 - Enable EV Treatment for Certum root certs ownd by Asseco r=keeler

approved for 90.0b7

Attachment #9225019 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

Verified fixed on the latest Firefox Beta 90.0b7.

Status: RESOLVED → VERIFIED
QA Whiteboard: [qa-triaged]
status-firefox90: fixedverified
Flags: qe-verify+
Regressions: 1717843
No longer regressions: 1717843
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: