Hi Ben, I'm curious why [Certum CA](https://crt.sh/?caid=69) and ( OISTE WISeKey Global Root GA CA)[https://crt.sh/?caid=578] aren't in the removal list in 2026 or 2025?
Thanks, Ara On Tuesday, April 29, 2025 at 12:49:11 AM UTC+8 Ben Wilson wrote: > All, > We have completed the 2025 websites trust bit removal for root CAs created > before 2006 (except for Chunghwa Telecom's ePKI Root CA, and we plan on > removing the websites trust bit for that root CA in Firefox Release 141). > I have updated the Root CA Lifecycles wiki page > <https://wiki.mozilla.org/CA/Root_CA_Lifecycles#2026_Websites_Trust_Bit_Removals> > > to list 14 roots that are due to have their websites trust bit removed next > April 15, 2026. They are as follows: > > certSIGN ROOT CA > EAA962C4FA4A6BAFEBE415196D351CCD888D4F53F3FA8AE6D7C466A94E6042BB > SwissSign Gold CA - G2 > 62DD0BE9B9F50A163EA0F8E75C053B1ECA57EA55C8688F647C6881F2C8357B95 > Secure Global CA > 4200F5043AC8590EBB527D209ED1503029FBCBD41CA1B506EC27F15ADE7DAC69 > SecureTrust CA > F1C1B50AE5A20DD8030EC9F6BC24823DD367B5255759B4E71B61FCE9F7375D73 > DigiCert Assured ID Root CA > 3E9099B5015E8F486C00BCEA9D111EE721FABA355A89BCF1DF69561E3DC6325C > DigiCert Global Root CA > 4348A0E9444C78CB265E058D5E8944B4D84F9662BD26DB257F8934A443C70161 > DigiCert High Assurance EV Root CA > 7431E5F4C3C1CE4690774F0B61E05440883BA9A01ED00BA6ABD7806ED3B118CF > QuoVadis Root CA 2 > 85A0DD7DD720ADB7FF05F83D542B209DC7FF4528F7D677B18389FEA5E5C49E86 > QuoVadis Root CA 3 > 18F1FC7F205DF8ADDDEB7FE007DD57E3AF375A9C4D8D73546BF4F1FED1E18D35 > Entrust Root Certification Authority > 73C176434F1BC6D5ADF45B0E76E727287C8DE57616C1E6E6141A2B2CBC7D8E4C > COMODO Certification Authority > 0C2CD63DF7806FA399EDE809116B575BF87989F06518F9808C860503178BAF66 > Certigna E3B6A2DB2ED7CE48842F7AC53241C7B71D54144BFB40C11F3F1D0B42F5EEA12D > TeliaSonera Root CA v1 > DD6936FE21F8F077C123A1A521C12224F72255B73E03A7260693E8A24B0FA389 > Izenpe.com > 2530CC8E98321502BAD96F9B1FBA1B099E2D299E0F4548BB914F363BC0D4531F > > Thanks, > Ben > -- You received this message because you are subscribed to the Google Groups "dev-security-policy@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-security-policy+unsubscr...@mozilla.org. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/edd59bf1-2404-419f-befd-20189f51cb33n%40mozilla.org.