Closed
Bug 252132
Opened 20 years ago
Closed 20 years ago
Add Comodo CA certs to NSS
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
VERIFIED
FIXED
3.9.3
People
(Reporter: hecker, Assigned: nelson)
References
()
Details
Attachments
(2 files)
51.32 KB,
patch
|
Details | Diff | Splinter Review | |
241.90 KB,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
Per the discussion in bug 249710 I've approved adding CA certs for Comodo Group. There are three certs (for AAACertificateServices, SecureCertificateServices, and TrustedCertificateServices); see the entry for Comodo Group in <http://www.hecker.org/mozilla/ca-certificate/list/> or go directly to <http://www.comodogroup.com/repository/>. All three certs should have trust bits marked to "all".
Assignee | ||
Comment 1•20 years ago
|
||
Frank, I get error 404 on the hecker.org URL cited above.
Assignee | ||
Comment 2•20 years ago
|
||
Taking. All Frank's other bugs like this are assigned to me, and I have patches for them. Might as well take this one too.
Assignee: wchang0222 → nelson
Reporter | ||
Comment 3•20 years ago
|
||
(In reply to comment #1) > Frank, I get error 404 on the hecker.org URL cited above. Sorry, forgot to correct this earlier; the correct URL is: http://www.hecker.org/mozilla/ca-certificate-list/
Assignee | ||
Updated•20 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P2
Target Milestone: --- → 3.10
Version: unspecified → 3.9
Assignee | ||
Comment 4•20 years ago
|
||
This patch depends on the patch for bug 242040 being applied first. This patch is supplemental to that one.
Assignee | ||
Comment 5•20 years ago
|
||
Comment on attachment 155331 [details] [diff] [review] patch v1 Julien, please review. Remember that this patch has two prerequisite patches, neither of which is yet checked in.
Attachment #155331 -
Flags: review?(julien.pierre.bugs)
Updated•20 years ago
|
Flags: blocking-aviary1.0?
Assignee | ||
Comment 6•20 years ago
|
||
This has been checked in on the trunk for NSS 3.10. So, I am marking this bug fixed. We may also choose to port this enhancement back to NSS 3.9.x.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 7•20 years ago
|
||
This patch brings the NSS 3.9 branch up to parity with the trunk (NSS 3.10) with respect to the root CAs. That is, it adds to the 3.9 branch all the CA certs that were added to the trunk just a week or two ago. With this patch applied to the 3.9 branch, the main differences in nssckbi between the 3.9 branch and the trunk are a) the minor version number (4x for 3.9, 5x for the trunk) b) the absense/presence of Ian's fix for SSL-StepUp trust flags. Otherwise, the certs and trust flags are the same. I would like to check this in for NSS 3.9.3, in hopes that firefox 1.0 RTM will pick up NSS 3.9.3, and therefore support these new CAs in the 1.0 release. So, Wan-Teh or Julien, please review this patch for 3.9 with all due haste.
Assignee | ||
Comment 8•20 years ago
|
||
Comment on attachment 158948 [details] [diff] [review] patch for NSS 3.9 branch Wan-Teh please read the comments about this patch in the bug, above, and then review this patch. I'd like to see this patch get into firefox 1.0
Attachment #158948 -
Flags: review?(wchang0222)
Comment 9•20 years ago
|
||
Comment on attachment 158948 [details] [diff] [review] patch for NSS 3.9 branch Nelson, I like your changes to nssckbi.h. I need to sit down with you to review the trust flags for these new CAs. We should also find out how to get these new CAs into the next Mozilla 1.7.x release.
Comment 10•20 years ago
|
||
Comment on attachment 158948 [details] [diff] [review] patch for NSS 3.9 branch r=wtc.
Attachment #158948 -
Flags: review?(wchang0222) → review+
Assignee | ||
Comment 11•20 years ago
|
||
Checked in on the 3.9 branch. Checking in builtins/certdata.c; new revision: 1.27.16.1; previous 1.27 Checking in builtins/certdata.txt; new revision: 1.28.16.1; previous 1.28 Checking in builtins/nssckbi.h; new revision: 1.6.16.2; previous 1.6.16.1
Target Milestone: 3.10 → 3.9.3
Updated•20 years ago
|
Flags: blocking-aviary1.0?
Updated•20 years ago
|
Attachment #155331 -
Flags: review?(julien.pierre.bugs)
Comment 12•19 years ago
|
||
Verified with Firefox 1.0.2 that Comodo AAA Certificate Services, Secure Certificate Services, and Trusted Certificate Services root CA certs are in the "Builtin Object Token" with the following trust settings: This certificate can identify web sites. This certificate can identify mail users. This certificate can identify software makers.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•