All, Some changes have happened in regards to how the "Derived Trust Bits" and "EV SSL Capable" fields are filled in for intermediate certificate records in the CCADB:
1. The logic for these fields now considers the root store settings of Apple (this is new), Microsoft, and Mozilla. 2. The fields now get updated if needed when a related field is changed – a trigger causes an asynchronous process to run. (previously done via a batch process that was scheduled to run at certain times) 3. Some bugs in the logic have been resolved. See https://www.ccadb.org/cas/fields#formula-fields for information about these fields. They are now used in the CA Task List reports on CA home pages, and are also used in determining the information that CCADB sends to Audit Letter Validation (ALV). Please let me know if you notice any problems with the values of these fields for your CA's intermediate certificates. Thanks, Kathleen -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/811f1498-c117-4a94-8175-38a1b5bea736n%40mozilla.org.
