CommScope: Voluntary request for removal of CommScope root CA certificates from the Mozilla root store
Categories
(NSS :: CA Certificates Code, task)
Tracking
(Not tracked)
People
(Reporter: nicol.so, Assigned: anna.weine)
Details
(Whiteboard: [ca-removal])
Attachments
(1 file)
CommScope currently has 4 root CA certificates in the Mozilla root store. For business reasons, after careful review, CommScope has decided
to end its public CA operations. CommScope therefore requests the removal of those root certificates from the Mozilla root store. The
certificates are:
| Issuer/Subject Common Name | SHA-256 Fingerprint |
|---|---|
| CommScope Public Trust ECC Root-01 | 11437CDA7BB45E41365F45B39A38986B0DE00DEF348E0C7BB0873633800BC38B |
| CommScope Public Trust ECC Root-02 | 2FFB7F813BBBB3C89AB4E8162D0F16D71509A830CC9D73C262E5140875D1AD4A |
| CommScope Public Trust RSA Root-01 | 02BDF96E2A45DD9BF18FC7E1DBDF21A0379BA3C9C2610344CFD8D606FEC1ED81 |
| CommScope Public Trust RSA Root-02 | FFE943D793424B4F7C440C1C3D648D5363F34B82DC87AA7A9F118FC5DEE101F1 |
This change is not subscriber-impacting.
|
||
Updated•3 months ago
|
|
|
||
Comment 1•3 months ago
|
||
These roots were added to NSS through Bug #1860670. They are not EV-enabled, so it appears that they only need to be removed from NSS (certdata.txt). There do not appear to be any third-party impacts of removing the roots, and therefore these can be removed outright (i.e. without setting any distrust-after date).
|
|
||
Updated•3 months ago
|
|
|
||
Updated•3 months ago
|
|
Assignee | |
Comment 2•3 months ago
|
||
|
||
Updated•3 months ago
|
Pushed by jschanck@mozilla.com:
https://hg.mozilla.org/projects/nss/rev/1ee6cd8aba4a
Remove four Commscope root certificates from NSS. r=bwilson,nss-reviewers,jschanck
|
|
||
Comment 4•3 months ago
|
||
These have been removed from NSS - https://hg-edge.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
Description
•