On 5/16/19 4:39 PM, Wayne Thayer wrote:
On Thu, May 16, 2019 at 4:23 PM Wayne Thayer <wtha...@mozilla.com> wrote:
I will soon file a bug requesting removal of the “Certinomis - Root CA”
from NSS.
This is https://bugzilla.mozilla.org/show_bug.cgi?id=1552374
Thank you to Wayne and all of you who have investigated concerns about
the recent activities and operations of the CA Certinomis. I have
appreciated the thoughtful consideration that you have put into the
investigation and discussion.
I approved Bugzilla Bug #1552374, for the removal of the following root
certificate in NSS 3.45 and Firefox 69 [1].
Common Name: Certinomis - Root CA
SHA-1 Fingerprint: 9D70BB01A5A4A018112EF71C01B932C534E788A8
SHA-256 Fingerprint:
2A99F5BC1174B73CBB1D620884E01C34E51CCB3978DA125F0E33268883BF4158
Trust Bits: Websites
This root is *not* enabled for EV treatment
As Wayne previously explained[2], Certinomis may apply for inclusion of
a new root certificate, and the new root certificate may be cross-signed
by a currently included CA under certain conditions.
Thanks,
Kathleen
[1] https://wiki.mozilla.org/Release_Management/Calendar
[2]
https://groups.google.com/d/msg/mozilla.dev.security.policy/rmU311hOIIc/oYuxQJbEAQAJ
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
