This is a request to EV-enable the IdenTrust Commercial Root CA 1, as documented here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1551703 * Summary of Information Gathered and Verified: https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000417 * SHA2 hash for Root CA Certificate: 5D56499BE4D2E08BCFCAD08A3E38723D50503BDE706948E42F55603019E528AE * Root Certificate Download URL: http://validation.identrust.com/roots/commercialrootca1.p7c * Identrust’s BR Self Assessment is located here: https://bugzilla.mozilla.org/attachment.cgi?id=9153636 (Excel Spreadsheet Download) * CPS: https://www.identrust.com/sites/default/files/resources/identrust_trustid_cps_v4.7.3_06.15.2020.pdf * Test Website: https://ev-valid.identrustssl.com/ * EV Policy OIDs: 2.16.840.1.113839.0.6.9, 2.23.140.1.1 * CRL URL: http://validation.identrust.com/crl/commercialrootca1.crl * OCSP URL: http://commercial.ocsp.identrust.com * Audit: A period of time WebTrust EV annual audit report was provided on August 16, 2019, by Schellman & Company, LLC, a licensed WebTrust auditor. That and other WebTrust audit reports are available from the bottom of the following applicant page: https://www.identrust.com/support/documents/trustid. I’ve reviewed the CPS, BR Self Assessment, and related information for this inclusion request. Comments and concerns regarding the CPS were satisfactorily addressed as noted in https://bugzilla.mozilla.org/show_bug.cgi?id=1551703. I now recommend that the IdenTrust Commercial Root CA 1 be enabled for Extended Validation treatment. This begins the 3-week comment period for this request. I will greatly appreciate your thoughtful and constructive feedback on Identrust’s request. Sincerely yours, Ben Wilson _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy