Closed Bug 280744 Opened 16 years ago Closed 16 years ago
Lock CA certificates to NSS
Per my comments in bug 279728 I have approved NetLock to have its four CA certificates (Qualified, Notary, Business, and Express) included in Mozilla/Firefox/Thunderbird/etc. The CA certificates and trust bits are as listed at <http://www.hecker.org/mozilla/ca-certificate-list>. (Basically the CA certificates are approved for all purposes, except for Qualified which is approved for S/MIME and object signing only.) SHA-1 digests for the certs are as follows: Qualified (Class QA) CA: E1 BC B2 5F E6 25 47 F6 75 45 A8 77 2A 54 2B 55 F7 2D B3 AE Notary (Class A) CA: AC ED 5F 65 53 FD 25 CE 01 5F 1F 7A 48 3B 6A 74 9F 61 78 C6 Business (Class B) CA: 87 9F 4B EE 05 DF 98 58 3B E3 60 D6 33 E7 0D 3F FE 98 71 AF Express (Class C) CA: E3 92 51 2F 0A CF F5 05 DF F6 DE 06 7F 75 37 E1 65 EA 57 4B Note that since bug 277797 is still outstanding, at present I am requesting only addition of the Notary, Business, and Express CA certificates to NSS. Addition of the Qualified CA certificate should be done once bug 277797 is resolved in a manner that permits the Qualified certificate to be added.
The certs and patch for this bug have been attached to bug 275576.
Priority: -- → P3
Target Milestone: --- → 3.10
Version: unspecified → 3.9
Marking fixed. See bug 275576.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Verified with NSS 3.10 Beta 3 that the NetLock Notary (Class A) CA, Business (Class B) CA, and Express (Class C) CA are in the "Builtin Object Token" with the following trust settings: This certificate can identify web sites. This certificate can identify mail users. This certificate can identify software makers. Mozilla/Firefox trunk nightly builds on 2005-04-13 or later will have these root CA certs. The upcoming milestone releases are Mozilla 1.8 Beta 2 and Firefox/Thunderbird 1.1 Alpha.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.