This bug proposes to use a single batch for all the currently pending and requested changes to the list of certificates enabled for EV, as seen in the dependency list.
The test build can be found at http://firstname.lastname@example.org/
The link in comment 2 will go away after a couple of days. A backup download locaiton is http://kuix.de/mozilla/tryserver-roots-20120521/
In case you're surprised about this change: // CN=Buypass Class 3 CA 1,O=Buypass AS-983163327,C=NO "2.16.5220.127.116.11.3.3", - "Buypass Class 3 CA 1", + "Buypass EV OID", This string is an identifier string for the OID. It must be identical for all entries with the same OID. And the old string didn't make sense as a generic OID string for multiple roots.
Comment on attachment 625785 [details] [diff] [review] Patch v1 This should had been done in May, we missed it. Asking for review.
Given that all versions from FF 15 contain the required roots in NSS, you could consider to target beta.
What needs to be done to get this change in? I looked at the attached patch, and it has the correct changes, which are as follows: Bug #751960 – StartCom Change existing EV OID to 18.104.22.168.4.1.2322.214.171.124 Add Friendly name: StartCom Certification Authority SHA1 Fingerprint: A3:F1:33:3F:E2:42:BF:CF:C5:D1:4E:8F:39:42:98:40:68:10:D1:A0 EV Policy OID: 126.96.36.199.4.1.23188.8.131.52 Add Friendly name: StartCom Certification Authority G2 SHA1 Fingerprint: 31:F1:FD:68:22:63:20:EE:C6:3B:3F:9D:EA:4A:3E:53:7C:7C:39:17 EV Policy OID: 184.108.40.206.4.1.23220.127.116.11 Bug #752106 – Buypass Add Friendly name: Buypass Class 3 Root CA SHA1 Fingerprint: DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57 EV policy OID: 2.16.518.104.22.168.3.3
Anyone of the PSM module peers must mark the patch as r+
Comment on attachment 625785 [details] [diff] [review] Patch v1 Review of attachment 625785 [details] [diff] [review]: ----------------------------------------------------------------- I suggest that we let kwilson r+ all the EV bit setting and root inclusion requests in the future.
Created attachment 672919 [details] [diff] [review] updated patch to use nsnullptr