I’d like to update everyone on the status of this Microsoft root inclusion request:
After it was approved, Kathleen filed bug #1582254 [1] requesting that these four roots be added to NSS. Then it was pointed out in a different mozilla.dev.security.policy thread [2] that the roots submitted for inclusion contained a null character at the end of the CPS URI. In response, Microsoft filed incident bug #1598390 [3], and in that bug it was further pointed out that the same problem affected intermediates in the hierarchy. Microsoft decided to remediate the problem by creating new roots and intermediates to replace the affected certificates. I have recommended in bug #1582254 [1] that Mozilla proceed with the addition of the corrected roots to NSS. Wayne [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1582254 [2] https://groups.google.com/d/msg/mozilla.dev.security.policy/ui5XV7wbalw/4n20lWvYBAAJ [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1598390 _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
