All,
This email commences a six-week public discussion of Atos Trustcenter’s request to include the following certificates as publicly trusted root certificates in one or more CCADB Root Store Member’s program. This discussion period is scheduled to close on March 20, 2023. The purpose of this public discussion process is to promote openness and transparency. However, each Root Store makes its inclusion decisions independently, on its own timelines, and based on its own inclusion criteria. Successful completion of this public discussion process does not guarantee any favorable action by any root store. Anyone with concerns or questions is urged to raise them on this CCADB Public list by replying directly in this discussion thread. Likewise, a representative of the applicant must promptly respond directly in the discussion thread to all questions that are posted. CCADB Case Number: 00000999 <https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000999> Organization Background Information: - CA Owner Name: Atos Trustcenter - Website: https://pki.atos.net/TrustedRoot/ - Address: Lohberg 10 Meppen, 49716 Germany - Problem Reporting Mechanisms: [email protected], https://pki.atos.net - Organization Type: Private Corporation - Repository URL: https://pki.atos.net/trustcenter/en/download/trusted-root-ca Certificates Requesting Inclusion: 1. Atos TrustedRoot Root CA RSA G2 2020: - Certificate download links (CA Repository <https://pki-crl.atos.net/certificates/AtosTrustedRootRootCARSAG22020.pem>, crt.sh <https://crt.sh/?sha256=78833A783BB2986C254B9370D3C20E5EBA8FA7840CBF63FE17297A0B0119685E> ) - Use cases served/EKUs: - Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4; and - Client Authentication 1.3.6.1.5.5.7.3.2 - Test websites: N/A 1. Atos TrustedRoot Root CA RSA TLS 2021: - Certificate download links (CA Repository <https://pki-crl.atos.net/certificates/AtosTrustedRootRootCARSATLS2021.pem>, crt.sh <https://crt.sh/?sha256=81A9088EA59FB364C548A6F85559099B6F0405EFBF18E5324EC9F457BA00112F> ) - Use cases served/EKUs: - Server Authentication (TLS) 1.3.6.1.5.5.7.3.1; and - Client Authentication 1.3.6.1.5.5.7.3.2 - Test websites: - Valid: https://tls-rsa-root-2021-pki-valid.atos.net - Revoked: https://tls-rsa-root-2021-pki-revoked.atos.net - Expired: https://tls-rsa-root-2021-pki-expired.atos.net 1. Atos TrustedRoot Root CA ECC G2 2020: - Certificate download links (CA Repository <https://pki-crl.atos.net/certificates/AtosTrustedRootRootCAECCG22020.pem>, crt.sh <https://crt.sh/?sha256=E38655F4B0190C84D3B3893D840A687E190A256D98052F159E6D4A39F589A6EB> ) - Use cases served/EKUs: - Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4; and - Client Authentication 1.3.6.1.5.5.7.3.2 - Test websites: N/A 1. Atos TrustedRoot Root CA ECC TLS 2021: - Certificate download links (CA Repository <https://pki-crl.atos.net/certificates/AtosTrustedRootRootCAECCTLS2021.pem>, crt.sh <https://crt.sh/?sha256=B2FAE53E14CCD7AB9212064701AE279C1D8988FACB775FA8A008914E663988A8> ) - Use cases served/EKUs: - Server Authentication (TLS) 1.3.6.1.5.5.7.3.1; and - Client Authentication 1.3.6.1.5.5.7.3.2 - Test websites: - Valid: https://tls-ecc-root-2021-pki-valid.atos.net - Revoked: https://tls-ecc-root-2021-pki-revoked.atos.net - Expired: https://tls-ecc-root-2021-pki-expired.atos.net Existing Publicly Trusted Root CAs from Atos Trustcenter: 1. Atos TrustedRoot 2011 - Certificate download links (CA Repository <https://pki-crl.atos.net/certificates/AtosTrustedRoot2011.pem>, crt.sh <https://crt.sh/?sha256=F356BEA244B7A91EB35D53CA9AD7864ACE018E2D35D5F8F96DDF68A6F41AA474> ) - Use cases served/EKUs: not defined - Certificate corpus: here <https://search.censys.io/certificates?q=f356bea244b7a91eb35d53ca9ad7864ace018e2d35d5f8f96ddf68a6f41aa474> (login required) - Included in: Apple; Google Chrome; Microsoft; Mozilla Relevant Policy and Practices Documentation: The following apply to all four (4) applicant root CAs: - https://pki.atos.net/Download/Atos_TrustedRoot_CPS_RootCA_v2.7.2.pdf - https://pki.atos.net/Download/Atos_TrustedRoot_CPS_IssuingCAs_v2.7.2.pdf Most Recent Self-Assessment: - https://bugzilla.mozilla.org/attachment.cgi?id=9293279 (completed 9/6/2022) Audit Statements: - Auditor: datenschutz cert GmbH <https://www.datenschutz-cert.de/> - Audit Criteria: ETSI EN 319 411-1 - Date of Audit Issuance: June 15, 2022 - For Period Ending: April 27, 2022 - Audit Statement(s): here <https://www.datenschutz-cert.de/fileadmin/uploads/tx_dscertcertlist/DSC1161_Atos_ATCA_Audit_Attestation.pdf> Incident Summary (Bugzilla incidents from previous 24 months): - None in the previous 24 months. Quantifying Value: - Not applicable. Thank you, Chris, on behalf of the CCADB Steering Committee -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mB0Zn4wwWX5sPsE2mQPooiAgFyHrfe3zE_Hbu_nCofEmA%40mail.gmail.com.
