Closed Bug 431381 Opened 16 years ago Closed 16 years ago

Add Network Solutions Certificate Authority root to NSS

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.11.10

People

(Reporter: hecker, Assigned: KaiE)

References

Details

This bug requests inclusion in the NSS root certificate store of the following root CA certificate, owned by Network Solutions:

1) Friendly name: "Network Solutions Certificate Authority"
   SHA-1 fingerprint:
74:F8:A3:C3:EF:E7:B3:90:06:4B:83:90:3C:21:64:60:20:E5:DF:CE
   Trust flags: Web sites
   URL:
ftp://ftp.networksolutions.com/certs/netsolevroot.crt

The Network Solutions Certificate Authority root has been assessed in accordance with the Mozilla project guidelines, and the certificate approved for inclusion per bug 403915.

The remaining steps are as follows:

1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate(s) have been attached. They must also specify what OS they would like to use to perform the verification below.

2) A Mozilla representative creates a test build of NSS with the new certificate(s), and attaches nssckbi.dll to this bug. A representative of the CA must download this, drop it into a copy of Firefox and/or Thunderbird on the OS in question and confirm (by adding a comment here) that the certificate(s) have been correctly imported and that websites work correctly.

3) The Mozilla representative checks the certificate(s) into the NSS store, and marks the bug RESOLVED FIXED.

4) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate(s). This process is mostly under
the control of the release drivers for those products.
To keep the dependencies straight, I'm marking this bug as blocking bug 431384, and bug 431384 as blocking bug 403915.
Blocks: 431384
No longer blocks: 403915
(In reply to comment #0)
> The remaining steps are as follows:
> 1) A representative of the CA must confirm that all the data in this bug is
> correct, and that the correct certificate(s) have been attached. They must also
> specify what OS they would like to use to perform the verification below.

As a representative of the CA Network Solutions, I can confirm that the information in this bug is correct. We would also like to specify that we will test on Windows XP with Firefox 2.0.0.13.
Blocks: 431772
addbuiltin -n "Network Solutions Certificate Authority" -t C,, < 431_381_621/netsol.der >> mozilla/security/nss/lib/ckfw/builtins/certdata.txt

This command was used to produce the patch in bug 431772.
No longer blocks: 431772
Depends on: 431772
Please find the test binary (mentioned in comment 0 section 2) in bug 431772 comment 2 (attachment 318917 [details])
Please note we are waiting for more feedback from Network Solutions, can you please test the binary and confirm it was added correctly to the root module?

(As explained in paragraph 2 in this bug)


Kai, I downloaded your test binary and tried it with FireFox 2.0.0.13 on Windows XP and I found that our beacon site at https://evbeacon.networksolutions.com/ was shown as being trusted, (as against not showing as trusted with the default build).

The Root Certificate appears correctly in the Certificate Manager.


This bug has been fixed with the checkin made in bug 431772.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12
Target Milestone: 3.12 → 3.11.10
You need to log in before you can comment on or make changes to this bug.