Closed Bug 1717707 Opened 5 months ago Closed 3 months ago

Add HARICA's 2021 root certificates to NSS

Categories

(NSS :: CA Certificates Code, task, P1)

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kwilson, Assigned: beurdouche)

References

Details

(Whiteboard: September 2021 Batch of Root Changes, [nss-fx])

Attachments

(8 files)

This bug requests inclusion in the NSS root store of the following root certificates owned by HARICA.

Friendly Name: HARICA TLS RSA Root CA 2021
Cert Location: https://repo.harica.gr/certs/HARICA-TLS-Root-2021-RSA.pem
SHA-1 Fingerprint: 022D0582FA88CE140C0679DE7F1410E945D7A56D
SHA-256 Fingerprint: D95D0E8EDA79525BF9BEB11B14D2100D3294985F0C62D9FABD9CD999ECCB7B1D
Trust Flags: Websites
Test URL: https://tls-rsa-valid-ev.root2021.harica.gr

Friendly Name: HARICA TLS ECC Root CA 2021
Cert Location: https://repo.harica.gr/certs/HARICA-TLS-Root-2021-ECC.pem
SHA-1 Fingerprint: BCB0C19DE9989270193857E98DA7B45D6EEE0148
SHA-256 Fingerprint: 3F99CC474ACFCE4DFED58794665E478D1547739F2E780F1BB4CA9B133097D401
Trust Flags: Websites
Test URL: https://tls-ecc-valid-ev.root2021.harica.gr

Friendly Name: HARICA Client RSA Root CA 2021
Cert Location: https://repo.harica.gr/certs/HARICA-Client-Root-2021-RSA.pem
SHA-1 Fingerprint: 46C6900A773AB6BCF465ADACFCE3F707006EDE6E
SHA-256 Fingerprint: 1BE7ABE30686B16348AFD1C61B6866A0EA7F4821E67D5E8AF937CF8011BC750D
Trust Flags: Email

Friendly Name: HARICA Client ECC Root CA 2021
Cert Location: https://repo.harica.gr/certs/HARICA-Client-Root-2021-ECC.pem
SHA-1 Fingerprint: BE64D3DA144BD26BCDAF8FDBA6A672F8DE26F900
SHA-256 Fingerprint: 8DD4B5373CB0DE36769C12339280D82746B3AA6CD426E797A31BABE4279CF00B
Trust Flags: Email

This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #1695487 and in bug #1695486 .

The next steps are as follows:

  1. A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificates have been attached.
  2. A Mozilla representative creates a patch with the new certificates.
  3. The Mozilla representative requests that another Mozilla representative review the patch.
  4. The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED.
  5. At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
Blocks: 1695487
Blocks: 1717711
Blocks: 1695486

Dimitris, Please see step #1 above.

I reviewed all information in this bug (Friendly Names, attachments, URLs and Fingerprints) and I confirm everything is correct.

Thanks, Dimitris. This bug has been added to the list for the September 2021 batch of root changes in Bug #1717716.

Depends on: 1717716
Assignee: nobody → bbeurdouche
Status: NEW → ASSIGNED
Target Milestone: --- → 3.71

Changing severity to N/A because this is a Task

Priority: -- → P1
Whiteboard: September 2021 Batch of Root Changes → September 2021 Batch of Root Changes, [nss-fx]
You need to log in before you can comment on or make changes to this bug.