Add NetLock CA certificates to NSS

VERIFIED FIXED in 3.10

Status

P3
enhancement
VERIFIED FIXED
14 years ago
14 years ago

People

(Reporter: hecker, Assigned: nelson)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
Per my comments in bug 279728 I have approved NetLock to have its four CA
certificates (Qualified, Notary, Business, and Express) included in
Mozilla/Firefox/Thunderbird/etc. The CA certificates and trust bits are as
listed at <http://www.hecker.org/mozilla/ca-certificate-list>. (Basically the CA
certificates are approved for all purposes, except for Qualified which is
approved for S/MIME and object signing only.)

SHA-1 digests for the certs are as follows:

  Qualified (Class QA) CA:
    E1 BC B2 5F E6 25 47 F6 75 45 A8 77 2A 54 2B 55 F7 2D B3 AE

  Notary (Class A) CA:
    AC ED 5F 65 53 FD 25 CE 01 5F 1F 7A 48 3B 6A 74 9F 61 78 C6

  Business (Class B) CA:
    87 9F 4B EE 05 DF 98 58 3B E3 60 D6 33 E7 0D 3F FE 98 71 AF

  Express (Class C) CA:
    E3 92 51 2F 0A CF F5 05 DF F6 DE 06 7F 75 37 E1 65 EA 57 4B

Note that since bug 277797 is still outstanding, at present I am requesting only
addition of the Notary, Business, and Express CA certificates to NSS. Addition
of the Qualified CA certificate should be done once bug 277797 is resolved in a
manner that permits the Qualified certificate to be added.
(Reporter)

Updated

14 years ago
Blocks: 279728
(Assignee)

Comment 1

14 years ago
The certs and patch for this bug have been attached to bug 275576.
Priority: -- → P3
Target Milestone: --- → 3.10
Version: unspecified → 3.9
(Assignee)

Comment 2

14 years ago
Marking fixed.  See  bug 275576.
Status: NEW → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED

Comment 3

14 years ago
Verified with NSS 3.10 Beta 3 that the NetLock Notary (Class A) CA,
Business (Class B) CA, and Express (Class C) CA are in the "Builtin
Object Token" with the following trust settings:
This certificate can identify web sites.
This certificate can identify mail users.
This certificate can identify software makers.

Mozilla/Firefox trunk nightly builds on 2005-04-13 or later will
have these root CA certs. The upcoming milestone releases are
Mozilla 1.8 Beta 2 and Firefox/Thunderbird 1.1 Alpha.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.