User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:18.104.22.168) Gecko/20090729 Firefox/3.5.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:22.214.171.124) Gecko/20090729 Firefox/3.5.2 http://cca.gov.in/rw/pages/rcai_root_certificate.en.do NCODE http://cca.gov.in/rw/pages/download_certificate.en.do?id=(n)Code%20Solutions&year=2007 https://www.ncodesolutions.com/repository/ncodecrlc1.crl MTNL http://mtnltrustline.com/mtnlTrustLine%20Public%20Primary%20Certification%20Authority.cer E-Mudhra http://www.e-mudhra.com/repository/cacerts/e-MudhraCA.crt TCS http://www.tcs-ca.tcs.co.in/index.jsp?rightHtml=includeJSP/chainDownload_current.jsp&leftTitle=CA%20Certificates&right1stTitle=Current%20Certificates&right2ndTitle=CA%20Certificates&highlight=0 IDBT http://idrbtca.org.in/Download/IDRBTCA2007.cer Reproducible: Always
Assignee: nobody → kathleen95014
Component: Preferences → CA Certificates
Product: Firefox → mozilla.org
QA Contact: preferences → ca-certificates
Version: unspecified → other
Inclusion of certificates from countries tends not to happen because Mozilla requires an independent review of the CA's policies. https://wiki.mozilla.org/CA:Overview and http://www.mozilla.org/projects/security/certs/policy/ Are you an administrator of this CA?
No I am only an end-user not connected to any of the above mentioned organizations in any way. India's tax e-filing, Ministry of Corporate affairs portal usage required for regulatory compliance are dependent on client certificates issued by Indian CA(s) whose trust is derived from ROOT CA operated by cca.gov.in. If the Root CA/intermediary certificates are not installed in a browser access to the services requires an extra certificate installation step by a large number of non-technical users. The number of users of this PKI infrastructure based on cca.gov.in is supposedly significant enough to warrant inclusion into Firefox/Thunderbird by default. The ROOT CA at cca.gov.in and all the intermediary CAs have a published Certification Practice Statement on their websites.
Hi Tarun, Requests to include a CA root must be performed by the CA itself. I suggest you make them aware of the problem.
If I understand it correctly, this bug requests that a number of CA certificates for a number of different root CAs be added to mozilla products. Mozilla policy allows Mozilla to accept such requests only from official representatives of the individual CAs themselves. So each of the CAs whose certs are represented above would need to create their own separate request to have their CA cert added to Mozilla. The URLs listed in comment 1 above provide information about how they go about doing that.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.