Closed Bug 274723 Opened 20 years ago Closed 20 years ago

Add XRamp CA Certificate to NSS

Categories

(NSS :: Libraries, enhancement, P3)

enhancement

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: hecker, Assigned: wtc)

References

()

Details

Per my comments in bug 273189 I've approved this request for XRamp's root CA
certificate to be added to Mozilla et.al. I'll call XRamp to very the
fingerprint on the one root CA cert to be added. For the cert itself see

  http://www.xrampsecurity.com/legal/XGCA.crt

(Nelson, please tell me if you're not the right assignee for this.)
I've called Scott Harris of XRamp (number obtained from directory assistance)
and verified the SHA-1 fingerprint of the XRamp Root CA certificate to be as
follows:

  B8 01 86 D1 EB 9C 86 A5 41 04 CF 30 54 F3 4C 52 B7 E5 58 C6

I also sent a signed email to Nelson Bolyard regarding this.
Uh, Frank, I'm getting dns lookup failures on www.xrampsecurity.com
Seems this domain is served by ns1.fatdns.com, which is not answering.
what's up with that?  
Can't add this cert if it isn't available!  Is this CA still around?
XRamp was issuing press releases less than a month ago, so I'd be surprised if
they're out of business. If the domain isn't reachable by Monday I'd call their
phone number and see what's going on. According to a yellow pages lookup they're
located at:

Xramp Technologies Inc
9086 Vista Verde
San Antonio, TX 78255
(210) 695-4345

(IIRC this is the number I used when I called to verify their cert fingerprint.)
Ask for Scott Harris.
Last night I learned that fatdns.com is also run by XRamp at the same 
address in San Antonio.  So I called XRamp and also their upstream ISP,
and this morning it was all working again.
www.xrampsecurity.com [65.16.166.67]
I will attach a newer patch to bug 275576, including this CA cert.
Status: NEW → ASSIGNED
Priority: -- → P3
Target Milestone: --- → 3.10
Version: unspecified → 3.9
Giving this bug back to Wan-Teh.
Perhaps we should separate this into two bugs, with a separate
one for the "qualified" cert, so that this bug can be resolved 
to reflect the fact that most of the XRamp certs have been added.
Assignee: nelson → wtchang
Status: ASSIGNED → NEW
Depends on: 277797
Nelson,

In bug 273189, XRamp only requested that a single root
CA cert, XRamp Global Certification Authority, be added.
Since you've already added that root CA, I'm marking this
bug fixed and removing its dependency on bug 277797.
Status: NEW → RESOLVED
Closed: 20 years ago
No longer depends on: 277797
Resolution: --- → FIXED
Verified with NSS 3.10 Beta 3 that XRamp Global Certification Authority
is in the "Builtin Object Token" with the following trust settings:
This certificate can identify web sites.
This certificate can identify mail users.
This certificate can identify software makers.

Mozilla/Firefox trunk nightly builds on 2005-04-13 or later will
have this root CA cert.  The upcoming milestone releases are Mozilla
1.8 Beta 2 and Firefox/Thunderbird 1.1 Alpha.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.