Closed Bug 1703944 Opened 4 years ago Closed 3 years ago

Enable EV Treatment for ANF Secure Server Root CA

Categories

(Core :: Security: PSM, task)

Product:
Core
Component:
Security: PSM
Type:
task

Tracking

()

Status:
VERIFIED FIXED
Milestone:
91 Branch
Tracking Flags:
Tracking Status
firefox90 --- verified
firefox91 --- verified

People

(Reporter: kwilson, Assigned: rmf)

References

Details

(Whiteboard: [psm-blocked] Depends on June 2021 Batch of Root Changes)

Attachments

(1 file)

Bug 1703944 - Enable EV Treatment for ANF Secure Server Root CA r=keeler
(deleted), text/x-phabricator-request
jcristau
: approval-mozilla-beta+
Details

Per bug #1585951 the request from Autoridad de Certificación (ANF AC) has been approved to enable the following root certificates for EV use. Please make the corresponding changes to PSM.

Friendly Name: ANF Secure Server Root CA
SHA-1 Fingerprint: 5B6E68D0CC15B6A05F1EC15FAE02FC6B2F5D6F74
SHA-256 Fingerprint: FB8FEC759169B9106B1E511644C618C51304373F6C0643088D8BEFFD1B997599
EV Policy OID: 2.23.140.1.1.
Test URL: https://testvalidsslev.anf.es

DEPENDENCY: Depends on this root certificate being added to NSS via Bug #1703942.

Whiteboard: [psm-blocked] Depends on June 2021 Batch of Root Changes
Assignee: nobody → bugs
Status: NEW → ASSIGNED
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/0cb248e35e34 Enable EV Treatment for ANF Secure Server Root CA r=keeler

https://hg.mozilla.org/mozilla-central/rev/0cb248e35e34

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox91: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 91 Branch

Comment on attachment 9225022 [details]
Bug 1703944 - Enable EV Treatment for ANF Secure Server Root CA r=keeler

Beta/Release Uplift Approval Request

  • User impact if declined: No extended validation treatment for certificates issued by this CA
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: Yes
  • Needs manual test from QE?: Yes
  • If yes, steps to reproduce: Visit https://testvalidsslev.anf.es/ and check if the padlock popup displays extended validation info.
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): The patch just adds this CA to the list of CAs who can do EV.
  • String changes made/needed:
Attachment #9225022 - Flags: approval-mozilla-beta?

Comment on attachment 9225022 [details]
Bug 1703944 - Enable EV Treatment for ANF Secure Server Root CA r=keeler

approved for 90.0b7

Attachment #9225022 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Flags: qe-verify+
QA Whiteboard: [qa-triaged]

Verified-fixed on the latest Nightly 91.0a1 (2021-06-13) (64-bit) and Beta 90.0b7 on MacOS 10.15 and Windows 10.

Status: RESOLVED → VERIFIED
QA Whiteboard: [qa-triaged]
status-firefox90: fixedverified
status-firefox91: fixedverified
Flags: qe-verify+
Regressions: 1717843
No longer regressions: 1717843
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: