Closed Bug 1794583 Opened 2 years ago Closed 3 months ago

Add NETLOCK ECC Root

Categories

(CA Program :: CA Certificate Root Program, task, P3)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: banyai.anna, Assigned: bwilson)

Details

(Whiteboard: [ca-initial])

Attachments

(1 file)

I-NL22T_TAN-AAL-01_v3_signed.pdf
299.62 KB, application/pdf
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36

Steps to reproduce:

We decided to set up a new CA based on ECC algorithm which we would like to include in the root program.

Actual results:

It was tested in our last conformity assessment audit in 2022 by our auditor (MATRIX Tanúsító Ltd.) and was included in the Audit Attestation letter.

The new certificate:

CN = NETLOCK Root CA ECC, O = NetLock Kft.
C = HU

SHA256 ingerprint
CF1794A62DC233D6CFBBF09198322AB8899B0B3F493419ACA1DBFC0D562B9B5B

-----BEGIN CERTIFICATE-----
MIIB7DCCAZGgAwIBAgIOYIu8FwAQiFxZ1HCC5NkwCgYIKoZIzj0EAwIwVTELMAkG
A1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxORVRMT0NLIEtm
dC4xHDAaBgNVBAMME05FVExPQ0sgUm9vdCBDQSBFQ0MwHhcNMjEwNDMwMDgxMzEx
WhcNNDEwNDI1MDgxMzExWjBVMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
c3QxFTATBgNVBAoMDE5FVExPQ0sgS2Z0LjEcMBoGA1UEAwwTTkVUTE9DSyBSb290
IENBIEVDQzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPC8sqICILdtRe64Ty6K
IIb6dc2J7AdOcbrqLOB6K9Km9JP6zpRQ0KdwW2qKz1T3R9oG6XoYD8fDD6aLU7jN
fEyjRTBDMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0PAQH/BAQDAgEGMB0GA1Ud
DgQWBBQxsZrRYof6/lpE2on3ExL7F/S9IjAKBggqhkjOPQQDAgNJADBGAiEA2ln1
vJyMgc1IH1w+jFlzarwkC4KFF2DnAMfuNiHLbk4CIQDPdtkDsmOOAO4MsARvX6Bc
Dzf+xdXGKDmKCbznpkeJZw==
-----END CERTIFICATE-----

Expected results:

Please include this new root certificate in your root certificate program and CCADB.

Status: UNCONFIRMED → ASSIGNED
Type: enhancement → task
Ever confirmed: true
Whiteboard: [ca-initial]

I have added the root certificate to the CCADB. Netlock will now need to complete all CCADB information related to this new root CA record.

Flags: needinfo?(banyai.anna)

AUDIT ATTESTATION LETTER FOR NETLOCK LTD.

Flags: needinfo?(banyai.anna)
Priority: -- → P3
Product: NSS → CA Program
Summary: NETLOCK new (ECC) Root Inclusion Request → Add NETLOCK ECC Root

Dear Ben!

NETLOCK's service portfolio is currently under review, with the aim of optimising the existing trust services and solutions and improving their operation.
The optimisation process has involved the replacement of hardware devices, however, due to supply chain constraints and slow procurement, we are unable to provide the necessary hardware resources to provide the mandatory services (eg. CRL, OCSP) for the new root certificates, and have therefore decided to close the enrolment tickets for the new root certificates until the devices are procured and arrive.
Once the necessary infrastructure is in place, we intend to restart the enrolment of new certificates.

Is it sufficient to set the status of the bugzilla.mozilla tickets to INVALID, or is there something else we need to do?

Than you! Anna

I can leave this ticket open and just note that you're in a holding pattern. Are you ensuring that period-of-time audits will remain continuously in place?

Greetings,
Can Netlock provide an update on whether they want to pursue this inclusion request?
Thanks,
Ben

Flags: needinfo?(horvath.tamas)

Hello Ben!

No, we would like to close this request, and we will be submitting a different reoot for inclusion.

Thanks! Tamas

Flags: needinfo?(horvath.tamas)
Status: ASSIGNED → RESOLVED
Closed: 3 months ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: