Closed Bug 670790 Opened 11 years ago Closed 11 years ago
Enable email trust bit for Staat der Nederlanden Root CA - G2 certificate in NSS
This bug requests that the email trust bit be enabled for the following certificate owned by Staat der Nederlanden. Common Name: Staat der Nederlanden Root CA - G2 SHA1 Fingerprint: 59:AF:82:79:91:86:C7:B4:75:07:CB:CF:03:57:46:EB:04:DD:B7:16 Trust flags: Websites, Email, Code This CA has been assessed in accordance with the Mozilla project guidelines, and the change has been approved in bug #551399. The next steps are as follows: 1) A representative of the CA must confirm that all the data in this bug is correct. 2) A Mozilla representative creates a patch with the updated trust bit, and provides a special test version of Firefox. 3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificate trust bits have been correctly updated. 4) The Mozilla representative requests that another Mozilla representative review the patch. 5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED. 6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
Mark, Please see step #1 above.
Mark: - please do step #1 first - then do step #3 The test builds are ready. Please get one of the following builds, depending on your preferred platform, and follow Kathleen's instructions, see above. Thanks. http://firstname.lastname@example.org/try-win32/firefox-8.0a1.en-US.win32.zip http://email@example.com/try-linux/firefox-8.0a1.en-US.linux-i686.tar.bz2 http://firstname.lastname@example.org/try-linux64/firefox-8.0a1.en-US.linux-x86_64.tar.bz2 http://email@example.com/try-macosx64/firefox-8.0a1.en-US.mac.dmg
Mark, If you wish to have this change included in the current batch of changes to NSS, then you need to respond in this bug ASAP. Otherwise this change will be postponed until the next batch of changes. 1) Confirm that the data in this bug is correct. 2) Using one of the test builds in Comment #2, confirm that the trust bits are correctly set by default for this root.
Unfortunatly the builds are no longer available (404 not found) for testing purposes so I'm not able to confirm that the trust bits are correctly set. Kai, could you please make them available again? Thanks! Regards, Mark
Luckily I had saved them: http://kuix.de/mozilla/bug-671002-661681/
Hi Kai, I hereby confirm that the data in this bug is correct. This bug requests that the email trust bit be enabled for our Staat der Nederlanden Root CA - G2 certificate (the other two trust bits are already enabled). I have tested the specific test build of Firefox. I noticed that our Staat der Nederlanden Root CA - G2 was included. I checked the SHA-1 fingerprint. Furthermore I noticed that the certificate trust bits have been correctly updated (all three trust bits are now enabled). So everything appears to be in order. Reagrds, Mark
Fixed in bug 671002, done for NSS 3.12.11
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12.11
You need to log in before you can comment on or make changes to this bug.