Closed
Bug 279728
Opened 20 years ago
Closed 18 years ago
Request to add NetLock CA certificates
Categories
(CA Program :: CA Certificate Root Program, task)
CA Program
CA Certificate Root Program
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hecker, Assigned: hecker)
References
(Depends on 1 open bug, )
Details
NetLock is a CA located in Hungary. They have four root CAs: NetLock Qualified (Class QA), NetLock Notary (Class A), NetLock Business (Class B), and NetLock Express (Class C). See <http://www.hecker.org/mozilla/ca-certificate-list> for more information. NetLock apparently has completed a WebTrust for CA audit (by Ernst & Young), but the CA is not listed on the WebTrust "sites with seals" page, and I can't find any other online information regarding their WebTrust status. See also bug 277797 concerning a problem importing one of the NetLock certificates. Approval of NetLock CA certificates for inclusion in Mozilla-related software will depend on resolving the question of NetLock's WebTrust status and (possibly) resolving bug 277797.
Comment 1•20 years ago
|
||
We can't add this CA's "qualified" CA cert until bug 277797 is resolved.
Depends on: 277797
Assignee | ||
Comment 2•20 years ago
|
||
I got a copy of the NetLock audit report (in the form of JPEG page images scanned in from the original paper document) and have linked to it from <http://www.hecker.org/mozilla/ca-certificate-list>. This appears to satisfy the requirement for a WebTrust/WebTrust-equivalent audit. The remaining issues appear to be as follows: 1. The issue with the Qualified CA discussed in bug 277797. IMO this doesn't affect my approval of NetLock in general, it simply affects when/if the Qualified CA root certificate can be actually added. 2. The recommended trust bits for the various NetLock CA certificates. This is not strictly speaking needed for my approval, but *is* needed for the actual addition of the certificates to NSS. I need answers to the following questions for each of the four CAs (qualified/notary/business/express): a. Does the CA issue certificates for use by SSL-enabled web servers (or other SS-enabled servers)? b. Does the CA issue certificates for use in sending/receiving signed and/or encrypted email? P.S. Also accepting this bug -- I forgot to do this earlier. c. Does the CA issue certificates for use by software developers creating digitally signed code objects (e.g., Java applets, ActiveX controls, etc.)?
Status: NEW → ASSIGNED
Comment 3•20 years ago
|
||
> 2. The recommended trust bits for the various NetLock CA certificates. This is > not strictly speaking needed for my approval, but *is* needed for the actual > addition of the certificates to NSS. I need answers to the following questions > for each of the four CAs (qualified/notary/business/express): My answers are in the same order. > a. Does the CA issue certificates for use by SSL-enabled web servers (or other > SS-enabled servers)? no/yes/yes/yes > b. Does the CA issue certificates for use in sending/receiving signed and/or > encrypted email? yes/yes/yes/yes > c. Does the CA issue certificates for use by software developers creating > digitally signed code objects (e.g., Java applets, ActiveX controls, etc.)? yes/yes/yes/yes So, except the qualified, all of them are used to all the purposes, the only difference that the qualified isn't issue SSL certificates. Thanks for your help.
Assignee | ||
Comment 4•20 years ago
|
||
I'm approving this request based on NetLock's successful completion of a WebTrust audit, and have filed bug 280744 for the actual addition of the certs to NSS.
Depends on: 280744
Comment 5•19 years ago
|
||
Current Status NetLock Notary (Class A), NetLock Business (Class B), and NetLock Express (Class C) have been added to NSS. They will be in Mozilla 1.8 Beta 2 and Firefox/Thunderbird ("Aviary") 1.1 Alpha. NetLock Qualified (Class QA) has not been added to NSS because of bug 277797.
Comment 6•18 years ago
|
||
Bug 313942 now requests inclusion of the new Netlock Class QA root cert. The other CA certs requested in this RFE have been completed. So I'm marking this resolved/fixed.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Updated•7 years ago
|
Product: mozilla.org → NSS
Updated•1 year ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•