BJCA, founded in 2001, is a leading network trust and digital security service provider in China. It is one of the first CA institutions in China to obtain the Electronic Authentication Service License issued by the government. It provides electronic authentication services for nearly ten million enterprise users and hundreds of millions of individual users in China.
At the same time, BJCA has decades of practical experience in acting as a reseller for international SSL certificate products, and is familiar with the relevant standards and specifications promulgated by CA/Browser Forum. In 2019, it established the BJCA global certification system and implemented the WebTrust international security audit certification. BJCA hopes to provide global electronic certification services with international standardized operation management and service levels to our customers and contributes to publicly-trusted digital certificates ecosystem. The root certificate of the BJCA global certification system has been trusted by 360 browsers and Adobe Reader. The document signing certificate has been widely used in Chinese universities to sign the transcripts which can be widely trusted and verified around the world. Since the certificate chains has not been trusted by Mozilla, Microsoft, Apple, and Google, no SSL certificate has been issued to customers at present. If you want to retrieve an example SSL certificate, please visit the following website in 360 browser: i.BJCA Global Root CA1, https://demossl-rsa-valid.bjca.org.cn ii.BJCA Global Root CA2, https://demossl-ecc-valid.bjca.org.cn Thanks again, BJCA team 在2022年12月1日星期四 UTC+8 05:34:39<[email protected]> 写道: > Also a second question: are there any examples of people/orgs using this > CA? It's trusted in the 360 browser and Adobe (https://crt.sh/?q=BJCA) > but I can't find any examples of certificates. > > On Wed, Nov 30, 2022 at 1:12 PM Kurt Seifried <[email protected]> wrote: > >> The second google result I got was: >> >> >> https://borncity.com/win/2021/08/02/spyware-hnliche-funktionen-in-china-app-bejing-one-pass-gefunden/ >> >> Which links to the original report: >> >> https://www.recordedfuture.com/beijing-one-pass-benefits-software-spyware >> >> Insikt Group independently verified that the installed application >> exhibits characteristics consistent with potentially unwanted applications >> (PUA) and spyware. The software is associated with the Beijing Certificate >> Authority (北京数字认证股份有限公司), which is a Chinese state-owned enterprise (BJCA, >> www.bjca[.]cn). >> >> So a good start might be having someone from bjca.cn explain their >> relationship with PUAspyeware apps in China. >> >> On Wed, Nov 30, 2022 at 10:03 AM Ben Wilson <[email protected]> wrote: >> >>> All, >>> >>> This is to announce the beginning of a six-week public discussion period >>> for the inclusion request of Beijing Certificate Authority Co., Ltd. (BJCA) >>> (Bug # 1647181 <https://bugzilla.mozilla.org/show_bug.cgi?id=1647181>, >>> CCADB >>> Case # 615 >>> <https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000615>) >>> >>> for the following two root CA certificates: >>> >>> *BJCA Global Root CA1* *((4096-bit RSA) websites trust bit with EV >>> enablement and the email trust bit)* >>> >>> Download – http://repo.bjca.cn/global/cert/BJCA_Global_Root_CA1.crt >>> >>> crt.sh - >>> https://crt.sh/?sha256=F3896F88FE7C0A882766A7FA6AD2749FB57A7F3E98FB769C1FA7B09C2C44D5AE >>> >>> >>> *BJCA Global Root CA2* *((384-bit EC) websites trust bit with EV >>> enablement and the email trust bit)* >>> >>> Download – http://repo.bjca.cn/global/cert/BJCA_Global_Root_CA2.crt >>> >>> crt.sh - >>> https://crt.sh/?sha256=574DF6931E278039667B720AFDC1600FC27EB66DD3092979FB73856487212882 >>> >>> >>> Mozilla is considering approving BJCA’s request to add these two roots >>> as trust anchors with the websites and email trust bits enabled. BJCA is >>> also seeking enablement for Extended Validation (EV) under the CA/Browser >>> Forum’s EV Guidelines. >>> >>> *Repository:* The BJCA document repository is located here: >>> https://www.bjca.cn/cps. >>> >>> *Relevant Policy and Practices Documentation: * >>> >>> Beijing Certificate Authority Co., Ltd. Global Certificate Policy >>> <https://www.bjca.cn/u4d/%E8%AF%81%E4%B9%A6%E7%AD%96%E7%95%A5%EF%BC%88CP%EF%BC%89/files/%E5%8C%97%E4%BA%AC%E6%95%B0%E5%AD%97%E8%AE%A4%E8%AF%81%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%E5%85%A8%E7%90%83%E8%AE%A4%E8%AF%81%E4%BD%93%E7%B3%BB%E8%AF%81%E4%B9%A6%E7%AD%96%E7%95%A5%20Beijing%20Certificate%20Authority%20Co.,%20Ltd.%20Global%20Certificate%20Policy.pdf>, >>> >>> v. 1.0.6, dated July 25, 2022 >>> >>> Beijing Certificate Authority Co., Ltd. Global Certification Practice >>> Statement >>> <https://www.bjca.cn/u4d/%E7%94%B5%E5%AD%90%E8%AE%A4%E8%AF%81%E4%B8%9A%E5%8A%A1%E8%A7%84%E5%88%99%EF%BC%88CPS%EF%BC%89/files/%E5%8C%97%E4%BA%AC%E6%95%B0%E5%AD%97%E8%AE%A4%E8%AF%81%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%E5%85%A8%E7%90%83%E8%AE%A4%E8%AF%81%E4%BD%93%E7%B3%BB%E7%94%B5%E5%AD%90%E8%AE%A4%E8%AF%81%E4%B8%9A%E5%8A%A1%E8%A7%84%E5%88%99%20Beijing%20Certificate%20Authority%20Co.,%20Ltd.%20Global%20Certification%20Practice%20Statement.pdf>, >>> >>> v. 1.0.6, dated July 25, 2022 >>> >>> *Self-Assessments and Mozilla CPS Reviews* are located within Bug # >>> 1647181 <https://bugzilla.mozilla.org/show_bug.cgi?id=1647181>: >>> >>> BJCA's-BR-Self-Assessment.pdf >>> <https://bugzilla.mozilla.org/attachment.cgi?id=9158091> >>> >>> Mozilla’s CP/CPS Reviews – Comment #7 >>> <https://bugzilla.mozilla.org/show_bug.cgi?id=1647181#c7> and Comment >>> #24 <https://bugzilla.mozilla.org/show_bug.cgi?id=1647181#c24> >>> >>> *Value-vs-Risk Justification from BJCA – *see Quantifying-Value--BJCA >>> -2022.7.7.pdf <https://bugzilla.mozilla.org/attachment.cgi?id=9284547> >>> >>> *Audits:* Annual audits have been performed by Anthony Kam & >>> Associates, Ltd. in accordance with the Webtrust Principles and Criteria >>> for Certification Authorities. The most recent audit reports were published >>> on May 18, 2022, for the period ending March 9, 2022. See >>> >>> >>> https://www.cpacanada.ca/GenericHandlers/CPACHandler.ashx?AttachmentID=389f5843-e05f-4e80-aae0-23cee8922866 >>> >>> (Standard Webtrust) >>> >>> >>> https://www.cpacanada.ca/GenericHandlers/CPACHandler.ashx?AttachmentID=2c0c075a-0000-40f1-8a81-1ccb21268e62 >>> >>> (WebTrust Baseline Requirements and Network and Certificate System Security >>> Requirements) >>> >>> >>> https://www.cpacanada.ca/GenericHandlers/CPACHandler.ashx?AttachmentID=78bb08b0-7523-4011-b27c-b8a1a978433e >>> >>> (Webtrust for Extended Validation) >>> >>> *Incidents* >>> >>> I am unaware of any incidents involving BJCA. >>> >>> I have no further questions or concerns about BJCA’s inclusion request; >>> however, I urge anyone with concerns or questions to raise them on this >>> list by replying directly in this discussion thread. Likewise, a >>> representative of BJCA must promptly respond directly in the discussion >>> thread to all questions that are posted. >>> >>> This email begins a 6-week period for public discussion and comment, >>> which I’m scheduling to close on or about January 11, 2023, after which, if >>> no concerns are raised, we will close the discussion and the request may >>> proceed to Mozilla’s one-week “last-call” phase. >>> >>> Sincerely yours, >>> >>> Ben Wilson >>> >>> Mozilla Root Program Manager >>> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "public" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaZH1bXQrWJ5zWPg0Rm8XqtX687qeMogFUGV%3Dsb0jDwF3g%40mail.gmail.com >>> >>> <https://groups.google.com/a/ccadb.org/d/msgid/public/CA%2B1gtaZH1bXQrWJ5zWPg0Rm8XqtX687qeMogFUGV%3Dsb0jDwF3g%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> >> >> -- >> Kurt Seifried (He/Him) >> [email protected] >> > > > -- > Kurt Seifried (He/Him) > [email protected] > -- You received this message because you are subscribed to the Google Groups "public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/b4cb8211-0957-4f00-95a9-ddfdbc79ed6an%40ccadb.org.
