Closed
Bug 370515
Opened 17 years ago
Closed 17 years ago
SITHS CAroot certificate inclusion
Categories
(CA Program :: CA Certificate Root Program, task, P2)
CA Program
CA Certificate Root Program
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: fredrik.linden, Assigned: gerv)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1 Build Identifier: 2.0.0.1 SITHS translated freely into, "Secure IT for Healthcare in Sweden", is the CA for the Swedish Healthcare sector, this will be used by approximately 230.000 employees and we would like to have it included "out of the box". There will also probably be future solutions which address all of Sweden´s inhabitants 9.000.000. The solution is delivered today by Teliasonera Sweden´s largest Telco and the services contract is owned by us Carelink AB. Reproducible: Always Steps to Reproduce: 1. 2. 3. I would be glad to send you our Certificate Policy & CPS. They are in Swedish though. You will find them at http://www.carelink.se/tjanster/siths/siths_dokumentation/ The "SITHS Rootcertifikat v3" Certificate can be found at http://www.carelink.se/tjanster/siths/siths_rotcertifikat/ Best Regards Fredrik Lindén +46 706853041
Assignee | ||
Comment 1•17 years ago
|
||
Fredrik: do you issue certificates to the general public, or only within the Swedish government healthcare system? Our cert inclusion policy http://www.mozilla.org/projects/security/certs/policy/ says: "We require that all CAs whose certificates are distributed with our software products provide some service relevant to typical users of our software products." Gerv
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P2
Gervase We issue "only" to people within the Swedish Government Healthcare System but that is approximately 240 000 people. The certificate is a secondary certificate though to the "National eID" delivered by Teliasonera. Your product is used in the Public Healthcare sector which I believe could to be considered a typical user in Sweden atleast. We want to do this not only for our own sake to avoid the distribution issue but also to increase the use of Firefox in Sweden even further.
Assignee | ||
Comment 3•17 years ago
|
||
(In reply to comment #2) > The certificate is a secondary > certificate though to the "National eID" delivered by Teliasonera. You mean your certificate is not a root certificate, but is signed by a certificate from Teliasonera? Would it not be more appropriate to include that certificate instead? Gerv
Hi Gervase I have asked Teliasonera to check their view on this. I think that you have Sonera´s root certifiate built in already. Telia and Sonera merged a couple of years ago and maybe these are linked. best regards Fredrik
Assignee | ||
Comment 5•17 years ago
|
||
Fredrik: We don't include intermediate certificates in our store. You need to find out what your root certificate is and, if it's not already included, persuade its owner to apply for inclusion. Gerv
Hi Gervase I have checked with Teliasonera and it is a Root certificate and not an intermediate to Teliasonera. Another function is that it will be used towards the public for services so we are talking about approximately 9.000.000 possible users/patients. So we would very muck like to continue this work. Best regards Fredrik Lindén
Assignee | ||
Comment 7•17 years ago
|
||
In which case, I can tell you that I will need the following data for each request. If some of this data is missing, the request cannot proceed. Even if all of it is already present somewhere in the bug or the materials provided, it will speed up your application if you provide it again. This means I can make everyone happier, quicker :-) Please give data in the following format, as a *plain text comment* in this bug. This will help me do whatever evaluation is necessary, and then will be part of a public record describing the Mozilla default root certificates. CA Details ---------- CA Name: Website: One Paragraph Summary of CA, including the following: - General nature (e.g., commercial, government, academic/research, nonprofit) - Primary geographical area(s) served - Number and type of subordinate CAs Audit Type (WebTrust, ETSI etc.): Auditor: Auditor Website: Audit Document URL(s): Certificate Details ------------------- (To be completed once for each certificate) Certificate Name: Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: MD5 Fingerprint: Modulus Length (a.k.a. "key length"): Valid From (YYYY-MM-DD): Valid To (YYYY-MM-DD): CRL HTTP URL: OCSP URL: Class (domain-validated, identity/organisationally-validated or EV): Certificate Policy URL: CPS URL: Requested Trust Indicators (email and/or SSL and/or code): Thanks for your help in this matter. :-) Gerv
Assignee | ||
Comment 8•17 years ago
|
||
Fredrik: It's been over a month. Are you able to provide the requested information? Thanks, Gerv
Assignee | ||
Comment 9•17 years ago
|
||
Reassign all open CA bugs to me. Apologies for the bugspam. Gerv
Assignee: hecker → gerv
Assignee | ||
Comment 10•17 years ago
|
||
No response from requester; resolving INCOMPLETE. Please reopen the bug if/when information is available. Gerv
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → INCOMPLETE
Updated•7 years ago
|
Product: mozilla.org → NSS
Updated•2 years ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•