Closed Bug 670790 Opened 11 years ago Closed 11 years ago

Enable email trust bit for Staat der Nederlanden Root CA - G2 certificate in NSS

Categories

(NSS :: CA Certificates Code, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED
3.12.11

People

(Reporter: kwilson, Unassigned)

References

Details

This bug requests that the email trust bit be enabled for the following certificate owned by Staat der Nederlanden.

Common Name: Staat der Nederlanden Root CA - G2
SHA1 Fingerprint: 59:AF:82:79:91:86:C7:B4:75:07:CB:CF:03:57:46:EB:04:DD:B7:16
Trust flags: Websites, Email, Code

This CA has been assessed in accordance with the Mozilla project guidelines,
and the change has been approved in bug #551399.

The next steps are as follows:

1) A representative of the CA must confirm that all the data in this bug is
correct.

2) A Mozilla representative creates a patch with the updated trust bit, and
provides a special test version of Firefox.

3) A representative of the CA uses the test version of Firefox to confirm (by
adding a comment in this bug) that the certificate trust bits have been correctly 
updated.

4) The Mozilla representative requests that another Mozilla representative
review the patch.

5) The Mozilla representative adds (commits) the patch to NSS, then closes this
bug as RESOLVED FIXED.

6) At some time after that, various Mozilla products will move to using a
version of NSS which contains the certificate. This process is mostly under
the control of the release drivers for those products.
Mark, Please see step #1 above.
Depends on: 671002
Mark, If you wish to have this change included in the current batch of changes to NSS, then you need to respond in this bug ASAP. Otherwise this change will be postponed until the next batch of changes.

1) Confirm that the data in this bug is correct.

2) Using one of the test builds in Comment #2, confirm that the trust bits are correctly set by default for this root.
Unfortunatly the builds are no longer available (404 not found) for testing purposes so I'm not able to confirm that the trust bits are correctly set. 

Kai, could you please make them available again? Thanks! 

Regards,
Mark
Hi Kai,

I hereby confirm that the data in this bug is correct. This bug requests that the email trust bit be enabled for our Staat der Nederlanden Root CA - G2 certificate (the other two trust bits are already enabled). 

I have tested the specific test build of Firefox. I noticed that our Staat der Nederlanden Root CA - G2 was included. I checked the SHA-1 fingerprint. Furthermore I noticed that the certificate trust bits have been correctly updated (all three trust bits are now enabled). So everything appears to be in order.

Reagrds,
Mark
Fixed in bug 671002, done for NSS 3.12.11
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12.11
You need to log in before you can comment on or make changes to this bug.