Closed Bug 1990548 Opened 9 months ago Closed 9 months ago

CCADB entries generated 2025-09-24T17:00:39Z

Categories

(Core :: Security Block-lists, Allow-lists, and other State, enhancement)

Product:
Core
Component:
Security Block-lists, Allow-lists, and other State
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: ccadb2onercl, Assigned: bwilson)

Details

Attachments

(3 files)

Line delimited issuer/serial pairs
1.36 KB, text/plain
Details
The additions to OneCRL proposed by this bug.
4.66 KB, text/plain
Details
Entries with their names decoded to plain text and hexadecimal serials/hashes.
3.26 KB, text/plain
Details

Adding entries to OneCRL based on revoked intermediate certificates reported in the CCADB.

Assignee: nobody → bwilson
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true

Here are the ten (10) CA certificates that should be added to OneCRL in this batch:

issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Commercial serial: 62b4c3eba53918177f127a837b574f96
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA serial: 7d746ea36e2136270e8fc2e2456d229cb90c80b7
issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Commercial serial: 580e00b14e86ce35
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus ECC Root CA serial: 302282d66df3b37a7f5bf373d4ae8e7c5c125376
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus ECC Root CA serial: 460a8546796fd139ba62ed86d76346942129b7a4
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA serial: 47b6120febd5e7254c99de1cdcdd535ad35f9976
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA serial: 4815cbde3d2be06475f3793fb94e64a073d21bfa
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA serial: 230301e5d69ac8930d623394ffd2a0917c0e7e7b
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus ECC Root CA serial: 1466a82cbf0183aa093fd2280fac3c0e39f02940
issuer: /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA serial: 1ff2f88b5bf9fd738bec90abafdb501afe74eada

These are ready for review/approval in Staging.

Flags: needinfo?(dkeeler)

Changes are still in review. The following bugs appear to require resolution.
https://bugzilla.mozilla.org/show_bug.cgi?id=1990548

Changes are still in review. The following bugs appear to require resolution.
https://bugzilla.mozilla.org/show_bug.cgi?id=1990548

Approved in stage.

% python compare.py
[14:43:45] Stage-Stage: 1732 Stage-Preview: 1732 Stage-Published: 1732                                                                                                                                                                                           compare.py:67
[14:43:46] Prod-Stage: 1732 Prod-Preview: 1732 Prod-Published: 1722                                                                                                                                                                                              compare.py:75
           Verifying stage against preview                                                                                                                                                                                                                       compare.py:82
[14:43:47] prod/security-state-staging (1732) and prod/security-state-preview (1732) are equivalent                                                                                                                                                              compare.py:87
           prod/security-state-staging (1732) and prod/security-state-staging (1732) are equivalent                                                                                                                                                              compare.py:87
           prod/security-state-staging (1732) and prod/security-state-preview (1732) are equivalent                                                                                                                                                              compare.py:87
           prod/security-state-preview (1732) and prod/security-state-staging (1732) are equivalent                                                                                                                                                              compare.py:87
           prod/security-state-preview (1732) and prod/security-state-preview (1732) are equivalent                                                                                                                                                              compare.py:87
           prod/security-state-staging (1732) and prod/security-state-preview (1732) are equivalent                                                                                                                                                              compare.py:87
           No changes are waiting in staging                                                                                                                                                                                                                     compare.py:90
           There are 10 changes waiting in production. Adding:                                                                                                                                                                                                   compare.py:99
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEMxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRYwFAYDVQQDEw12VHJ1cyBSb290IENB',
    'serialNumber': 'H/L4i1v5/XOL7JCrr9tQGv506to='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEcxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRowGAYDVQQDExF2VHJ1cyBFQ0MgUm9vdCBDQQ==',
    'serialNumber': 'FGaoLL8Bg6oJP9IoD6w8DjnwKUA='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEMxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRYwFAYDVQQDEw12VHJ1cyBSb290IENB',
    'serialNumber': 'IwMB5daayJMNYjOU/9KgkXwOfns='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEMxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRYwFAYDVQQDEw12VHJ1cyBSb290IENB',
    'serialNumber': 'SBXL3j0r4GR183k/uU5koHPSG/o='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEMxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRYwFAYDVQQDEw12VHJ1cyBSb290IENB',
    'serialNumber': 'R7YSD+vV5yVMmd4c3N1TWtNfmXY='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEcxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRowGAYDVQQDExF2VHJ1cyBFQ0MgUm9vdCBDQQ==',
    'serialNumber': 'RgqFRnlv0Tm6Yu2G12NGlCEpt6Q='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEcxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRowGAYDVQQDExF2VHJ1cyBFQ0MgUm9vdCBDQQ==',
    'serialNumber': 'MCKC1m3zs3p/W/Nz1K6OfFwSU3Y='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEQxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEfMB0GA1UEAwwWQWZmaXJtVHJ1c3QgQ29tbWVyY2lhbA==',
    'serialNumber': 'WA4AsU6GzjU='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEMxCzAJBgNVBAYTAkNOMRwwGgYDVQQKExNpVHJ1c0NoaW5hIENvLixMdGQuMRYwFAYDVQQDEw12VHJ1cyBSb290IENB',
    'serialNumber': 'fXRuo24hNicOj8LiRW0inLkMgLc='
}
{
    'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1990548', 'who': '', 'why': '', 'name': '', 'created': ''},
    'enabled': False,
    'issuerName': 'MEQxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEfMB0GA1UEAwwWQWZmaXJtVHJ1c3QgQ29tbWVyY2lhbA==',
    'serialNumber': 'YrTD66U5GBd/EnqDe1dPlg=='
}
           Staging is updated, and production changes are waiting, so Firefox can use                                                                                                                                                                           compare.py:110
           Remote Settings DevTools (https://github.com/mozilla-extensions/remote-settings-devtools)
           and cert-storage-inspector (https://github.com/mozkeeler/cert-storage-inspector) to test
           OneCRL.
Flags: needinfo?(dkeeler)

These entries are correct. They can be approved in Kinto Production.

Flags: needinfo?(dkeeler)

Approved in prod.

Flags: needinfo?(dkeeler)

These appear in my Firefox profiles.

Status: ASSIGNED → RESOLVED
Closed: 9 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: