Status

NSS
CA Certificate Root Program
RESOLVED WONTFIX
5 years ago
9 months ago

People

(Reporter: Rick Andrews, Assigned: Kathleen Wilson)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
Created attachment 705570 [details]
CAInformationTemplate_ThawteNew.docx

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
Build ID: 20130116073211

Steps to reproduce:

I would like to add this new root to Mozilla's trust store:
thawte Primary Root CA - G4 (SHA256WithDSA)

and set the Websites (SSL/TLS), Email (S/MIME), Code Signing, and EV trust bits
(Assignee)

Comment 1

5 years ago
I apologize for the delay in my response. My work on root inclusion requests was postponed for a while.

I am accepting this bug, and will work on it as soon as possible, but I have a large backlog.
https://wiki.mozilla.org/CA:Schedule#Requests_in_the_Information_Gathering_and_Verification_Phase

I will update this bug when I begin the Information Verification phase.
https://wiki.mozilla.org/CA:How_to_apply#Information_Verification
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true

Comment 2

4 years ago
Hi Kathleen,

Reminder - please let us know the next steps.

Thanks,
Rashmi
We are remove support for DSA/DSS certificates completely from Gecko and mozilla::pkix. Whether or not this certificate should be added should be contingent on the results of bug 1073867 and bug 1107787.
See Also: → bug 1073867, bug 1107787
(Assignee)

Comment 4

3 years ago
Mozilla does not plan to add DSA support to Mozilla's CA Certificate Policy, so we will not add DSA root certs to NSS.
https://groups.google.com/d/msg/mozilla.dev.security.policy/JFmDFlHILOY/KHJzcJezpnQJ
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX

Updated

9 months ago
Product: mozilla.org → NSS
You need to log in before you can comment on or make changes to this bug.