Closed
Bug 605187
Opened 14 years ago
Closed 13 years ago
Remove AOL Time Warner root certs
Categories
(CA Program :: CA Certificate Root Program, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kathleen.a.wilson, Assigned: kathleen.a.wilson)
References
Details
(Whiteboard: NSS 3.12.10, Firefox 6.0)
AOL has requested that the following two roots be removed from Mozilla's CA root store, because they are obsolete and not in use. Removing these roots will not have any impact to Mozilla users, because there are no current end-entity certs chaining up to either of these roots.
The roots to be removed are as follows.
CN = AOL Time Warner Root Certification Authority 1
OU = America Online Inc.
O = AOL Time Warner Inc.
SHA1 Fingerpint: 74:54:53:5C:24:A3:A7:58:20:7E:3E:3E:D3:24:F8:16:FB:21:16:49
CN = AOL Time Warner Root Certification Authority 2
OU = America Online Inc.
O = AOL Time Warner Inc.
SHA1 Fingerprint: FC:21:9A:76:11:2F:76:C1:C5:08:83:3C:9A:2F:A2:BA:84:AC:08:7A
This begins the root removal process as described here:
https://wiki.mozilla.org/CA:Root_Change_Process#Remove_a_Root
|
Assignee | |
Updated•14 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 1•14 years ago
|
||
I have received email from the representative of AOL, confirming that these are the two root certificates that should be removed.
|
||
Comment 2•14 years ago
|
||
In response to the initial request, I already turned off all trust bits for the two certificates. According to "How Mozilla Products Respond to User Changes of Root Certificates" at <https://wiki.mozilla.org/CA:UserCertDB#How_Mozilla_Products_Respond_to_User_Changes_of_Root_Certificates>, this means the two certificates also reside in a separate database in my profile. Thus, when this bug report is implemented, I will still have those certificates.
At the mozilla.dev.security.policy newsgroup, I have requested -- more than once -- information on what file(s) I should delete from my profile in order to eliminate changes I made to NSS certificates. I have received no replies to my messages. Without that information, I will not receive the result of implementing this removal or the implementation of bug #617664.
|
|
Assignee | |
Comment 3•14 years ago
|
||
I have added a section called "How To Restore Default Root Certificate Settings" to https://wiki.mozilla.org/CA:UserCertDB
Separate note: Bug #622719 was filed for the actual changes in NSS to remove these roots.
Depends on: 622719
|
|
Assignee | |
Updated•13 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Whiteboard: NSS 3.12.10, Firefox 6.0
|
||
Updated•8 years ago
|
Product: mozilla.org → NSS
|
||
Updated•2 years ago
|
Product: NSS → CA Program
You need to log in
before you can comment on or make changes to this bug.
Description
•