Closed Bug 1763177 Opened 4 years ago Closed 2 years ago

Add Commscope Root Certificates

Categories

(CA Program :: CA Certificate Root Program, task, P3)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: bwilson, Assigned: bwilson)

References

Details

(Whiteboard: [ca-approved] added in NSS 3.94, Firefox 121)

Attachments

(3 files)

CommScope CA self-assessment
46.01 KB, application/octet-stream
Details
CA compliance updated self-assessment following legal review of creative commons IPR policy
45.95 KB, application/octet-stream
Details
CommScope-April-2022-submission-to-Mozilla-v2-reviewed.xlsx
43.01 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Details

"Our PKI website is www.pki-center.com and our overall company website is www.commscope.com. Our CP/CPS, subscriber and relying party agreements are public and can be found at: http://certificates.pkiworks.com/Public/Documents/.
Only the CAs listed under "CA/Browser Forum ecosystem" in the CPS (section 7.1) are part of our inclusion request to Mozilla for issuing HTTPS server certificates."

Priority: -- → P3
Whiteboard: [ca-initial] → [ca-verifying] BW 2022-04-15
Priority: P3 → P2
Whiteboard: [ca-verifying] BW 2022-04-15 → [ca-cps-review] BW 2022-10-17
Product: NSS → CA Program

Applicant needs to complete root certificate information for all requested roots in the CCADB using an "Add/Update Root Request" case - https://www.ccadb.org/cas/updates. It also needs to submit a value statement - https://wiki.mozilla.org/CA/Quantifying_Value.

Whiteboard: [ca-cps-review] BW 2022-10-17 → [ca-verifying]

A value statement was submitted to CCADB on 2023-01-13.

Today I reviewed the "Print View" and emailed Nicol So re: items that need to be filled in with an "Add/Update Root Request" case.

Priority: P2 → P3
Whiteboard: [ca-verifying] → [ca-ready-for-discussion 2023-05-05]

Public discussion began today on the CCADB Public list - https://groups.google.com/a/ccadb.org/g/public/c/HVwBXDw6GnU/m/1LsNC19RAQAJ

Whiteboard: [ca-ready-for-discussion 2023-05-05] → [ca-in-discussion 2023-08-28]

Public discussion closed today on the CCADB list - https://groups.google.com/a/ccadb.org/g/public/c/HVwBXDw6GnU/m/q2WRYe_TBQAJ. I have not yet performed a thorough review of the Commscope CPS, and so I will begin reviewing CPS v. 2.7 now and provide Commscope with my comments here.

Whiteboard: [ca-in-discussion 2023-08-28] → [ca-cps-review] BW 2023-10-10

I've reviewed the Commscope CP/CPS and the compliance self-assessment from April 2022. They are acceptable.

Today, I posted an "intent to approve" this request to the Mozilla dev-security-policy list. https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/mXYm2D04v10/m/WGE5M4XsBgAJ. This begins a 7-day "last call" for objections.

Flags: needinfo?(kwilson)

As per Comment #11, and on behalf of Mozilla, I approve this request from Commscope to include the following root certificates:

** CommScope Public Trust ECC Root-01 (Websites)
** CommScope Public Trust ECC Root-02 (Websites)
** CommScope Public Trust RSA Root-01 (Websites)
** CommScope Public Trust RSA Root-02 (Websites)

I will file the NSS bug for the approved changes.

Flags: needinfo?(kwilson)
Whiteboard: [ca-cps-review] BW 2023-10-10 → [ca-approved] - pending NSS code changes
Depends on: 1860670

I have filed Bug #1860670 for the NSS changes.

Test URIs is not works.

Links work as of Firefox 121, which is currently in Beta. Test websites appear to work per https://crt.sh/test-websites.

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Whiteboard: [ca-approved] - pending NSS code changes → [ca-approved] added in NSS 3.94, Firefox 121
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: