Thanks, Moudrick I have asked Telia to provide a response publicly to this list, which they've provided to you directly. Ben
On Mon, Dec 6, 2021 at 5:45 PM 'md' via [email protected] < [email protected]> wrote: > Thanks, Ben. > > "Part of Telia Company AB" shows their ownership relationship, the > question is about their roles under this Root inclusion request. > > If Telia Company AB operates this CA, what functions they have delegated > to Telia Finland Oyj (and possibly to other "parts of Telia Company AB" in > other countries)? > > Thanks, > M.D. > > > Sent from my Galaxy > > > -------- Original message -------- > From: Ben Wilson <[email protected]> > Date: 12/6/21 20:12 (GMT+02:00) > To: md <[email protected]> > Cc: "[email protected]" <[email protected]> > Subject: Re: Public Discussion: Inclusion of Telia Root CA v2 > > The CCADB record says, "Telia Finland Oyj, part of Telia Company AB", but > I'll ask that a representative of Telia clarify this for us. > > On Mon, Dec 6, 2021 at 12:32 AM md <[email protected]> wrote: > >> Hi, >> >> as Telia Company AB (Sweden) and Telia Oy (Finland) are two separate >> legal persons, its not clear what is Telia? >> >> Actually the same clarification needed for all other countries listed in >> the Bug. >> >> Thanks, >> M.D. >> >> >> >> Sent from my Galaxy >> >> >> -------- Original message -------- >> From: Ben Wilson <[email protected]> >> Date: 12/1/21 17:16 (GMT+02:00) >> To: "[email protected]" <[email protected]> >> Subject: Public Discussion: Inclusion of Telia Root CA v2 >> >> All, >> >> This is to announce the beginning of the public discussion phase of the >> Mozilla root CA inclusion process ( >> https://wiki.mozilla.org/CA/Application_Process#Process_Overview - Steps >> 4 through 9) for Telia’s inclusion request for the Telia Root CA v2 ( >> https://crt.sh/?id=1199641739). >> >> Mozilla is considering approving Telia’s request to add the root as a >> trust anchor with the websites and email trust bits as documented in Bugzilla >> #1664161 <https://bugzilla.mozilla.org/show_bug.cgi?id=1664161> and CCADB >> Case #660 >> <https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000660>. >> >> >> This email begins the 3-week comment period, after which, if no concerns >> are raised, we will close the discussion and the request may proceed to the >> approval phase (Step 10). >> >> *Summary* >> >> This CA certificate for Telia Root CA v2 is valid from 29-Nov-2018 to >> 29-Nov-2043. >> >> *SHA2 Certificate Hash:* >> >> 242B69742FCB1E5B2ABF98898B94572187544E5B4D9911786573621F6A74B82C >> >> *Root Certificate Downloads:* >> >> https://support.trust.telia.com/repository/teliarootcav2_selfsigned.cer >> >> https://support.trust.telia.com/repository/teliarootcav2_selfsigned.pem >> >> >> *CP/CPS:* Effective October 14, 2021, the current CPS for the Telia >> Root CA v2 may be downloaded here: >> >> https://cps.trust.telia.com/Telia_Server_Certificate_CPS_v4.4.pdf >> (v.4.4). >> >> Repository location: https://cps.trust.telia.com/ >> >> >> *Test Websites:* >> >> Valid - https://juolukka.cover.telia.fi:10603/ >> >> Revoked - https://juolukka.cover.telia.fi:10604/ >> >> Expired - https://juolukka.cover.telia.fi:10605/ >> >> >> >> *BR Self Assessment* (PDF) is located here: >> https://support.trust.telia.com/download/CA/Telia_CA_BR_Self_Assessment.pdf >> >> *Audits:* Annual audits are performed by KPMG. The most recent audits >> were completed for the period ending March 31, 2021, according to WebTrust >> audit criteria. The standard WebTrust audit (in accordance with v.2.2.1) >> contained no adverse findings. The WebTrust Baseline Requirements audit >> (in accordance with v.2.4.1) was qualified based on the fact that the Telia >> Root CA v1 certificate <https://crt.sh/?id=989582> did not include >> subject:countryName. (The Telia Root CA v2 contains a subject:countryName >> of “FI”.) >> >> Attachment B to the WebTrust Baseline Requirements audit report listed >> eight (8) Bugzilla bugs for incidents open during the 2020-2021 audit >> period, which are now resolved as fixed. They were as follows: >> >> *Link to Bugzilla Bug* >> >> *Matter description* >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1614311 >> >> Two CA certificates not listed in 2020 WebTrust audit report >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1612332 >> >> Ambiguity on KeyUsage with ECC public key >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1551372 >> >> One Telia certificate containing a stateOrProvinceName of “Some-State” >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1649683 >> >> Two Telia’s pre-2012 rootCA certificates aren’t fully compliant with >> Baseline Requirements >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1637854 >> >> AIA CA Issuer field pointing to PEM-encoded certificate >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1674536 >> >> Certificates with RSA keys where modulus is not divisible by 8 >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1565270 >> >> Subject field automatic check in CA system >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1689589 >> >> Disallowed curve (P-521) in leaf certificate >> >> >> >> Recent, open bugs/incidents are the following: >> >> *Link to Bugzilla Bug* >> >> *Matter description* >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1738207 >> >> Issued three precertificates with non-NIST EC curve >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1736020 >> >> Invalid email contact address was used for few domains >> >> https://bugzilla.mozilla.org/show_bug.cgi?id=1737808 >> >> Delayed revocation of 5 EE certificates in connection to id=1736020 >> >> >> >> I have no further questions or concerns about this inclusion request, >> however I urge anyone with concerns or questions to raise them on this list >> by replying directly in this discussion thread. Likewise, a representative >> of Telia must promptly respond directly in the discussion thread to all >> questions that are posted. >> >> Again, this email begins a three-week public discussion period, which I’m >> scheduling to close on December 22, 2021. >> >> Sincerely yours, >> >> Ben Wilson >> >> Mozilla Root Program >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "[email protected]" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZZj87QS3jL7R_32JEnfPZeU4hBNBJ%2BGHWU_pUdqF%3Dbbg%40mail.gmail.com >> <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZZj87QS3jL7R_32JEnfPZeU4hBNBJ%2BGHWU_pUdqF%3Dbbg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZHED3guMdvpqh6hzdEq%3DkzcRwTKMBigRyduX-VTT4AKA%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZHED3guMdvpqh6hzdEq%3DkzcRwTKMBigRyduX-VTT4AKA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/61ae97d0.1c69fb81.1a5c0.698fSMTPIN_ADDED_MISSING%40mx.google.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/61ae97d0.1c69fb81.1a5c0.698fSMTPIN_ADDED_MISSING%40mx.google.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtabP-eYhp_qg3CKKE_P45hvtFfJ7HPr%3D1EvihpGojcyWLg%40mail.gmail.com.
