Closed
Bug 1812421
Opened 3 years ago
Closed 3 years ago
Fix Microsoft EKUs For DTBs and use that field instead of Microsoft EKUs in Cases
Categories
(CA Program :: Common CA Database, task, P1)
CA Program
Common CA Database
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kathleen.a.wilson, Assigned: poonam)
Details
(Whiteboard: [ccadb-bug])
Please update the logic for setting "Microsoft EKUs For DTBs" to the following.
-
When Microsoft Status is Included or Change Requested:
"Microsoft EKUs For DTBs" is set to the contents of "Microsoft EKUs" minus any values in "Microsoft Not Before EKU List" and "Microsoft Disallow EKU List". -
When Microsoft Status is not (Included or Change Requested):
"Microsoft EKUs For DTBs" is set to empty.
Then run a script to update all "Microsoft EKUs For DTBs" fields.
Then update the following to use "Microsoft EKUs For DTBs" instead of "Microsoft EKUs":
- Pre-ALV logic in Add/Update Root Requests
- "EKUs/Trust Bits" column in "Add/Select Root Certificates for this Case" for both "Add/Update Root Requests" and "Root Inclusion Requests".
- CA Task List reports
Reasons:
- Microsoft does not require audit statements for EKUs that are not-befored or disallowed.
- Microsoft sets root certs to removed or disallowed without changing the "Microsoft EKUs" or other such values.
|
Reporter | |
Updated•3 years ago
|
tracking-firefox110:
? → ---
tracking-firefox111:
? → ---
|
|
Reporter | |
Comment 1•3 years ago
|
||
This has been completed and moved into production.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•