Closed
Bug 1131698
Opened 10 years ago
Closed 10 years ago
Add CFCA EV ROOT root certificate to NSS
Categories
(NSS :: CA Certificates Code, task)
NSS
CA Certificates Code
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: kwilson, Unassigned)
References
Details
(Whiteboard: In NSS 3.18, Firefox 38)
Attachments
(3 files)
This bug requests inclusion in the NSS root certificate store of the following certificate, owned by China Financial Certification Authority (CFCA).
Friendly Name: CFCA EV ROOT
Cert Location: https://bugzilla.mozilla.org/attachment.cgi?id=8356494
SHA-1 Fingerprint: E2:B8:29:4B:55:84:AB:6B:58:C2:90:46:6C:AC:3F:B8:39:8F:84:83
Trust Flags: Websites
Test URL: https://pub.cebnet.com.cn
This CA has been assessed in accordance with the Mozilla project guidelines, and the certificates approved for inclusion in bug #926029.
The next steps are as follows:
1) A representative of the CA must confirm that all the data in this bug is correct, and that the correct certificate has been attached.
2) A Mozilla representative creates a patch with the new certificate, and provides a special test version of Firefox.
3) A representative of the CA uses the test version of Firefox to confirm (by adding a comment in this bug) that the certificate has been correctly imported and that websites work correctly.
4) The Mozilla representative requests that another Mozilla representative review the patch.
5) The Mozilla representative adds (commits) the patch to NSS, then closes this bug as RESOLVED FIXED.
6) At some time after that, various Mozilla products will move to using a version of NSS which contains the certificate. This process is mostly under the control of the release drivers for those products.
Reporter | ||
Comment 1•10 years ago
|
||
Zhao, Please see step #1 above.
Comment 2•10 years ago
|
||
Thank you Kathleen,
(Checked)All data in this bug is correct.
(Checked)The "CFCAEVROOT.cert" in the attachment of this bug is correct.
Please move on to the next step.
Spring Festival of China(FEB 18 ~ FEB 24) is near. During this period, if there is any update, please post them here(instead of E-mail), or in the bug
https://bugzilla.mozilla.org/show_bug.cgi?id=926029
https://bugzilla.mozilla.org/show_bug.cgi?id=1131699
I'll check everyday.
Thanks again!
Comment 3•10 years ago
|
||
Test builds of a development version of Firefox, which contain the requested change(s), can be found here:
https://ftp-ssl.mozilla.org/pub/mozilla.org/firefox/try-builds/kaie@kuix.de-cb8002df70cc/
Comment 4•10 years ago
|
||
This does NOT yet add EV status. Please ignore that EV is not yet enabled, and please test that the root has been correctly added.
Reporter | ||
Comment 5•10 years ago
|
||
Zhao, Please test the code change as described here:
https://wiki.mozilla.org/CA:How_to_apply#Testing_Inclusion
Comment 6•10 years ago
|
||
1,Download Firefox Nightly firefox-38.0a1.en-US.win32.installer.exe from
https://ftp-ssl.mozilla.org/pub/mozilla.org/firefox/try-builds/kaie@kuix.de-cb8002df70cc/
2,Create New profile using “Run Firefox.exe -P”
3,Test website as attachment, Result is Correct and without EV treatment.
Attachment #8564656 -
Flags: feedback+
Comment 7•10 years ago
|
||
4,The root has been correctly added, Security Device is "Builtin Object Token"
Which is correct.
5,Trust bit is website, Correct.
Test procedure follows
https://wiki.mozilla.org/CA:How_to_apply#Testing_Inclusion
The test is completed, please see the attachments, results are consistent with the description Kai Engert states.
Everything is correct.
If you need more info or test, I will provide them as soon as possible.
Reporter | ||
Updated•10 years ago
|
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Whiteboard: In NSS 3.18, Firefox 38
You need to log in
before you can comment on or make changes to this bug.
Description
•