Closed Bug 493660 Opened 16 years ago Closed 16 years ago

add latest group of new root CAs to NSS

Categories

(NSS :: CA Certificates Code, task, P2)

Product:
NSS
Component:
CA Certificates Code
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.4

People

(Reporter: nelson, Assigned: nelson)

References

Details

Attachments

(4 files)

Patch v1 for NSS Trunk
179.29 KB, patch
rrelyea
: review+
Details | Diff | Splinter Review
nssckbi.dll file for CAs to test with Firefox on Win32
129.06 KB, application/x-zip-compressed
Details
libnssckbi.so library build on StartCom Linux
365.23 KB, application/octet-stream
Details
ZIP file of added DER certs and UTF8 shell script that added them
13.38 KB, application/x-zip-compressed
Details
This bug will hold a single patch to address all the following bugs that request changes to the Mozilla root CA certs for FF 3.5: 478573 Add S-TRUST Authentication and Encryption Root CA 2005:PN root 483852 Add Microsec e-Szigno Root CA root certificate to NSS 483889 Add Certigna root certificate to NSS 486424 Add AC Raíz Certicámara S.A. root certificate to NSS 486759 Add Three TC TrustCenter root certificates to NSS 487647 Add Deutsche Telekom Root CA 2 root certificate to NSS 490487 Add ComSign CA and the ComSign Secured CA root certificates to NSS 490487 Enable Object Signing for the StartCom Certification Authority 493258 Add Cybertrust Global Root certificate to NSS I will attach a test DLL for Win32 shortly.
Attachment #378197 - Flags: review?(kaie)
This patch also includes the fix for bug 490495 (I got the number wrong in comment 0). 490495 Enable Object Signing for the StartCom Certification Authority
Blocks: 490495
The CAs whose requests are addressed in this bug should download this zip file onto a Win32 box (e.g. WinXP, Vista, etc.), and unzip it. It contains one file, nssckbi.dll. Then, find the directory where they have Firefox 3.x installed, (e.g. C:/Program Files/...). It will already have an nssckbi.dll file in it. Make certain that Firefox is NOT running. Then copy the nssckbi.dll file from this zip file into that Firefox directory. Then start the browser and test. Look in the "Authorities" tab of the certificate Manager. Find your cert and ensure that the names are right and the trust bits are as indicated in your respective NSS bugs. Please confirm your findings in your own individual bug (which blocks this one) not in this bug. Thanks.
Attachment #378197 - Flags: review?(rrelyea)
Blocks: 493709
Comment on attachment 378197 [details] [diff] [review] Patch v1 for NSS Trunk Bob is going to review it.
Attachment #378197 - Flags: review?(kaie)
Attachment #378197 - Flags: review?(rrelyea) → review+
Blocks: 494236
Checking in certdata.c; new revision: 1.54; previous revision: 1.53 Checking in certdata.txt; new revision: 1.53; previous revision: 1.52 Checking in nssckbi.h; new revision: 1.20; previous revision: 1.19 Now to make some tags.
I have tagged mozilla/security/nss/lib/ckfw/builtins with a new tag: NSSCKBI_1_75_RTM This is the current trunk tip in that directory. It includes the changes committed for this bug. I have tagged the entire NSS module with a new tag: NSS_3_12_3_WITH_CKBI_1_75_RTM This was produced specifically for Firefox 3.5.0 and bug 494236. This tag is identical to the NSS module tag NSS_3_12_3_RTM, except for the builtins directory, which is identical to the tag NSSCKBI_1_75_RTM. Soon I will produce another tag for use by the Firefox trunk.
Fixed by checkin of patch for bug 493660. Will be in FF 3.5
Status: NEW → RESOLVED
Closed: 16 years ago
Priority: -- → P2
Resolution: --- → FIXED
Blocks: 495754
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: