Enable EV Treatment for Certum root certs ownd by Asseco
Categories
(Core :: Security: PSM, task)
Tracking
()
People
(Reporter: kwilson, Assigned: rmf)
References
Details
(Whiteboard: [psm-blocked] Depends on June 2021 Batch of Root Changes)
Attachments
(1 file)
(deleted),
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta+
|
Details |
Per bug #1598577 the request from Asseco Data Systems S.A. (previously Unizeto Certum) has been approved to enable the following root certificates for EV use. Please make the corresponding changes to PSM.
Friendly Name: Certum EC-384 CA
SHA-1 Fingerprint: F33E783CACDFF4A2CCAC67556956D7E5163CE1ED
SHA-256 Fingerprint: 6B328085625318AA50D173C98D8BDA09D57E27413D114CF787A0F5D06C030CF6
EV Policy OID: 2.23.140.1.1
Test URL: https://valid-cec384ca.certificates.certum.pl
Friendly Name: Certum Trusted Root CA
SHA-1 Fingerprint: C88344C018AE9FCCF187B78F22D1C5D74584BAE5
SHA-256 Fingerprint: FE7696573855773E37A95E7AD4D9CC96C30157C15D31765BA9B15704E1AE78FD
EV Policy OID: 2.23.140.1.1
Test URL: https://valid-ctrca.certificates.certum.pl/
DEPENDENCY: Depends on this root certificates being added to NSS via Bug #1707097.
Assignee | ||
Comment 1•3 years ago
|
||
Updated•3 years ago
|
Comment 3•3 years ago
|
||
bugherder |
Assignee | ||
Comment 4•3 years ago
|
||
Comment on attachment 9225019 [details]
Bug 1707099 - Enable EV Treatment for Certum root certs ownd by Asseco r=keeler
Beta/Release Uplift Approval Request
- User impact if declined: No extended validation treatment for certificates issued by this CA
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: Visit https://valid-ctrca.certificates.certum.pl/ and https://valid-cec384ca.certificates.certum.pl/ and check if the padlock popup displays extended validation info.
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The patch just adds this CA to the list of CAs who can do EV.
- String changes made/needed:
Assignee | ||
Updated•3 years ago
|
Updated•3 years ago
|
Comment 5•3 years ago
|
||
Reproduced the issue on affect Firefox 90.0b5 on MacOS 10.15.
Verified-fixed on the latest Firefox Nightly 91.0a1 (2021-06-09) (64-bit) (buildID: 20210609093513) on Windows 10, MacOS 10.15 and Ubuntu 18.04.
Waiting for the Uplift process to verify further.
Comment 6•3 years ago
|
||
Comment on attachment 9225019 [details]
Bug 1707099 - Enable EV Treatment for Certum root certs ownd by Asseco r=keeler
approved for 90.0b7
Comment 7•3 years ago
|
||
bugherder uplift |
Comment 8•3 years ago
|
||
Verified fixed on the latest Firefox Beta 90.0b7.
Description
•