Closed Bug 613394 Opened 14 years ago Closed 14 years ago

November/December 2010 batch of NSS root CA changes

Categories

(NSS :: CA Certificates Code, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED
3.12.9

People

(Reporter: KaiE, Assigned: KaiE)

References

Details

Attachments

(2 files)

November/December 2010 batch of NSS root CA changes
Blocks: 595013
I used the following commands to add the new roots. addbuiltin -n "TC TrustCenter Universal CA III" -t C,C,C < ~/moz/nss/312/nov11-roots-613394/tctrust.der >> certdata.txt addbuiltin -n "Autoridad de Certificacion Firmaprofesional CIF A62634068" -t C,C,C < ~/moz/nss/312/nov11-roots-613394/firma.der >> certdata.txt addbuiltin -n "Izenpe.com" -t C,,C < ~/moz/nss/312/nov11-roots-613394/iz.der >> certdata.txt addbuiltin -n "Chambers of Commerce Root - 2008" -t C,C,C < ~/moz/nss/312/nov11-roots-613394/camer1.der >> certdata.txt addbuiltin -n "Global Chambersign Root - 2008" -t C,C,C < ~/moz/nss/312/nov11-roots-613394/camer2.der >> certdata.txt
Attached patch Patch v1Splinter Review
I've carefully verified that the certificates I've added to create the patch have exactly the SHA1 fingerprints shown in the dependent bugs. It might be sufficient to review that - I've used the correct commands - that trust flags seem correct - I haven't mixed nicknames of Camerfirma roots I'll not yet request review. I'll do the test build first.
Assignee: nobody → kaie
Blocks: 585518
Blocks: 592939
Note in this bug, the only work done is adding new roots. See 4 bugs in dependency list. For tracking purposes the dependency list also contains other changes included in this batch. (I'll do a test build with all those changes tomorrow)
Blocks: 614852
Comment on attachment 491731 [details] [diff] [review] Patch v1 We have positive confirmation from all 4 involved CAs, see bugs in the dependency list. We are ready to get this added, requesting code review.
Attachment #491731 - Flags: review?(nelson)
This is the output of NSS's ppcertdata program when run on Kai's patch.
Comment on attachment 491731 [details] [diff] [review] Patch v1 I've verified that the 5 certs added in Kai's patch have the correct SHA1 fingerprints and the correct trust flags for each, according to the cited BMO bugs. r=nelson
Attachment #491731 - Flags: review?(nelson) → review+
checked in to trunk: Checking in certdata.c; /cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.c,v <-- certdata.c new revision: 1.73; previous revision: 1.72 done Checking in certdata.txt; /cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.txt,v <-- certdata.txt new revision: 1.70; previous revision: 1.69 done
checked in to 3.12 branch: Checking in certdata.c; /cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.c,v <-- certdata.c new revision: 1.67.2.6; previous revision: 1.67.2.5 done Checking in certdata.txt; /cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.txt,v <-- certdata.txt new revision: 1.64.2.6; previous revision: 1.64.2.5 done fixed
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12.9
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: