Closed
Bug 287495
Opened 20 years ago
Closed 20 years ago
Please add Go Daddy root certs to NSS
Categories
(NSS :: Libraries, enhancement, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.10
People
(Reporter: hecker, Assigned: wtc)
References
()
Details
Attachments
(1 file)
|
16.85 KB,
patch
|
nelson
:
review+
rrelyea
:
superreview+
|
Details | Diff | Splinter Review |
Per my comments in bug 284677 I have approved two new root CA certs for Go Daddy
for inclusion in Mozilla-related products. Please include these new certs in NSS
and update the appropriate NSS CVS tag so that the patch will be properly pulled
by Firefox, Thunderbird, etc., nightly builds.
The certs are available in the URL referenced in this bug; direct lines are also
in the Go Daddy entry in <http://www.hecker.org/mozilla/ca-certificate-list>.
I've verified SHA-1 fingerprints with a Go Daddy representative.
Marking this patch as blocking bug 284677.
|
Assignee | |
Comment 1•20 years ago
|
||
The changes to certdata.c are omitted for brevity.
1. README: I removed the obsolete step 1. I changed
"name" to "nickname".
2. certdata.txt: you only need to review the nicknames
and trust flags for these two root CA
certs:
Go Daddy Class 2 CA C,C,C
Starfield Class 2 CA C,C,C
The C,C,C trust string is Go Daddy's wish (see bug
284677 comment 0).
3. nssckbi.h: bumped the nssckbi module's version to
1.53.
Attachment #180522 -
Flags: superreview?(rrelyea)
Attachment #180522 -
Flags: review?(nelson)
|
|
Assignee | |
Updated•20 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 3.10
Version: unspecified → 3.9.5
|
||
Comment 2•20 years ago
|
||
Comment on attachment 180522 [details] [diff] [review]
Proposed patch
r+ Formatting, and trust are correct. I did not independently verify that the
certificates or generated hashes are correct;).
Attachment #180522 -
Flags: superreview?(rrelyea) → superreview+
|
||
Comment 3•20 years ago
|
||
Comment on attachment 180522 [details] [diff] [review]
Proposed patch
I see no obvious technical errors with this patch.
This is for the trunk, right?
Attachment #180522 -
Flags: review?(nelson) → review+
|
|
Assignee | |
Comment 4•20 years ago
|
||
Yes, this patch (attachment 180522 [details] [diff] [review]) is for the trunk
(NSS 3.10).
I've checked it in.
Checking in README;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/README,v <-- README
new revision: 1.5; previous revision: 1.4
done
Checking in certdata.c;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.c,v <-- certdata.c
new revision: 1.34; previous revision: 1.33
done
Checking in certdata.txt;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.txt,v <-- certdata.tx
t
new revision: 1.35; previous revision: 1.34
done
Checking in nssckbi.h;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/nssckbi.h,v <-- nssckbi.h
new revision: 1.13; previous revision: 1.12
done
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•