Closed
Bug 340183
Opened 19 years ago
Closed 19 years ago
Add the Netlock Class QA root certificate
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.11.2
People
(Reporter: wtc, Assigned: KaiE)
References
Details
(Keywords: fixed1.8.1)
Attachments
(1 file)
(deleted),
patch
|
KaiE
:
review+
|
Details | Diff | Splinter Review |
We can add the new Netlock Class QA root certificate to NSS
now because it no longer has the critical certificate
extension that NSS doesn't support (bug 277797).
As stated in bug 279728 comment 3, this root certificate
(the first one of the four roots in that comment)
- does NOT issue SSL server certificates,
- issues email certificates,
- issues code signing certificates,
corresponding to the "no", "yes", "yes" answers to the
three questions in that comment.
Reporter | ||
Comment 1•19 years ago
|
||
This patch was generated with the command:
addbuiltin -n "NetLock Qualified (Class QA) Root" -t c,C,C < netlock.der
The DER certificate file is in bug 313942 comment 8.
Attachment #224263 -
Flags: review?(rrelyea)
Comment 2•19 years ago
|
||
What's the difference between this bug and bug 313942 ?
Perhaps the question I asked in bug 313942 should have been asked here.
When this patch is applied, and this new cert is displayed in
PSM's cert manager, does it have the same problem as the cert named
"UTN-USERFirst-Client Authentication and Email" ? That is, does PSM say
"Could not verify this certificate because the issuer is not trusted." ?
Reporter | ||
Comment 3•19 years ago
|
||
Nelson, this bug is an NSS bug. I can't request reviews on
the patch attached to bug 313942.
Comment 4•19 years ago
|
||
OK, then I don't understand why the patch was attached there.
But that doesn't matter. Please do let me know about the PSM question.
Reporter | ||
Comment 5•19 years ago
|
||
Re: Nelson's question in comment 2
When this certificate is displayed in PSM's Certificate Viewer,
it has the same problem as the certificate named
"UTN-USERFirst-Client Authentication and Email". The Certificate
Viewer says "Could not verify this certificate for unknown reasons."
Assignee: nobody → kengert
Priority: -- → P2
Target Milestone: --- → 3.11.2
Assignee | ||
Comment 6•19 years ago
|
||
Comment on attachment 224263 [details] [diff] [review]
Proposed patch
trust flags and nickname look good
Attachment #224263 -
Flags: review?(rrelyea) → review+
Assignee | ||
Comment 7•19 years ago
|
||
checked in
trunk:
Checking in certdata.c;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.c,v <-- certdata.c
new revision: 1.38; previous revision: 1.37
done
Checking in certdata.txt;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.txt,v <-- certdata.txt
new revision: 1.39; previous revision: 1.38
done
3.11 branch:
Checking in certdata.c;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.c,v <-- certdata.c
new revision: 1.36.24.2; previous revision: 1.36.24.1
done
Checking in certdata.txt;
/cvsroot/mozilla/security/nss/lib/ckfw/builtins/certdata.txt,v <-- certdata.txt
new revision: 1.37.24.2; previous revision: 1.37.24.1
done
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•19 years ago
|
Keywords: fixed1.8.1
You need to log in
before you can comment on or make changes to this bug.
Description
•