All, This is a reminder that the public discussion period on the inclusion application of Cybertrust Japan / JCSI will close on June 21, 2024.
Thank you -Chris, on behalf of the CCADB Steering Committee On Fri, May 10, 2024 at 9:06 AM Chris Clements <[email protected]> wrote: > All, > > This email commences a six-week public discussion of Cybertrust Japan / > JCSI’s request to include the following three (3) certificates as publicly > trusted root certificates in one or more CCADB Root Store Operator’s > program. This discussion period is scheduled to close on June 21, 2024. > > The purpose of this public discussion process is to promote openness and > transparency. However, each Root Store makes its inclusion decisions > independently, on its own timelines, and based on its own inclusion > criteria. Successful completion of this public discussion process does not > guarantee any favorable action by any Root Store. > > Anyone with concerns or questions is urged to raise them on this CCADB > Public list by replying directly in this discussion thread. Likewise, a > representative of the applicant must promptly respond directly in the > discussion thread to all questions that are posted. > > CCADB Case Number: 00000585 > <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000585> > > Organization Background Information (listed in CCADB): > > - > > CA Owner Name: Cybertrust Japan / JCSI > - > > Website: https://www.cybertrust.co.jp/ > - > > Address: ARK Hills Sengokuyama Mori Tower 35F, 1-9-10 Roppongi, > Minato-ku, Tokyo, 106-0032, Japan > - > > Problem Reporting Mechanisms: [email protected] > - > > Organization Type: Public Corporation > - > > Repository URL: https://www.cybertrust.ne.jp/ssl/repository_rt/ > > Certificates Requested for Inclusion: > > 1. > > SecureSign Root CA12 (included in case 00000585 > > <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000585> > ): > - > > Certificate download links: (CA Repository > <http://rtcrl.cybertrust.ne.jp/SecureSign/rtca12/rtca12.crt>, crt.sh > > <https://crt.sh/?q=3F034BB5704D44B2D08545A02057DE93EBF3905FCE721ACBC730C06DDAEE904E> > ) > - > > Use cases served/EKUs: > 1. > > Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 > 2. > > Client Authentication 1.3.6.1.5.5.7.3.2 > - > > Test websites: > 1. > > Valid: https://ss12-valid.managedpki.ne.jp > 2. > > Revoked: https://ss12-revoked.managedpki.ne.jp > 3. > > Expired: https://ss12-expired.managedpki.ne.jp > 2. > > SecureSign Root CA14 (included in case 00000585 > > <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000585> > ): > - > > Certificate download links: (CA Repository > <http://rtcrl.cybertrust.ne.jp/SecureSign/rtca14/rtca14.crt>, crt.sh > > <https://crt.sh/?q=4B009C1034494F9AB56BBA3BA1D62731FC4D20D8955ADCEC10A925607261E338> > ) > - > > Use cases served/EKUs: > 1. > > Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 > 2. > > Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 > 3. > > Client Authentication 1.3.6.1.5.5.7.3.2 > 4. > > Code Signing 1.3.6.1.5.5.7.3.3 > 5. > > Time Stamping 1.3.6.1.5.5.7.3.8 > - > > Test websites: > 1. > > Valid: https://ss14-valid.managedpki.ne.jp > 2. > > Revoked: https://ss14-revoked.managedpki.ne.jp > 3. > > Expired: https://ss14-expired.managedpki.ne.jp > 3. > > SecureSign Root CA15 (included in case 00000585 > > <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00000585> > ): > - > > Certificate download links: (CA Repository > <http://rtcrl.cybertrust.ne.jp/SecureSign/rtca15/rtca15.crt>, crt.sh > > <https://crt.sh/?q=E778F0F095FE843729CD1A0082179E5314A9C291442805E1FB1D8FB6B8886C3A> > ) > - > > Use cases served/EKUs: > 1. > > Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 > 2. > > Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 > 3. > > Client Authentication 1.3.6.1.5.5.7.3.2 > 4. > > Code Signing 1.3.6.1.5.5.7.3.3 > 5. > > Time Stamping 1.3.6.1.5.5.7.3.8 > - > > Test websites: > 1. > > Valid: https://ss15-valid.managedpki.ne.jp > 2. > > Revoked: https://ss15-revoked.managedpki.ne.jp > 3. > > Expired: https://ss15-expired.managedpki.ne.jp > > Existing Publicly Trusted Root CAs from Cybertrust Japan / JCSI: > > 1. > > SecureSign RootCA11: > > > - > > Certificate download links: (CA Repository > > <http://rtcrl.managedpki.ne.jp/SecureSignAD/SecureSignRootCA11/SSAD-rca.crt>, > crt.sh > > <https://crt.sh/?q=BF0FEEFB9E3A581AD5F9E9DB7589985743D261085C4D314F6F5D7259AA421612> > ) > - > > Use cases served/EKUs: > - > > Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 > - > > Client Authentication 1.3.6.1.5.5.7.3.2 > - > > Certificate corpus: here > > <https://search.censys.io/search?resource=certificates&q=BF0FEEFB9E3A581AD5F9E9DB7589985743D261085C4D314F6F5D7259AA421612%09+and+labels%3Dever-trusted> > (Censys login required) > - > > Included in: Chrome, Microsoft, and Mozilla > > > 2. > > Cybertrust iTrust Root Certification Authority: > > > - > > Certificate download links: (CA Repository > <http://crl.itrust.ne.jp/CybertrustiTrustRootCA/circa.crt>, crt.sh > > <https://crt.sh/?q=E90DBEB2D360CC6F98994EEFC68C4147F2DFD9C68A3BF063C6A971F3E11BAF4E> > ) > - > > Use cases served/EKUs: > - > > Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4 > - > > Code Signing 1.3.6.1.5.5.7.3.3 > - > > Certificate corpus: here > > <https://search.censys.io/search?resource=certificates&q=e90dbeb2d360cc6f98994eefc68c4147f2dfd9c68a3bf063c6a971f3e11baf4e+and+labels%3Dever-trusted> > (Censys login required) > - > > Included in: Microsoft > > Relevant Policy and Practices Documentation: > > The following policy documents apply to all applicant root CA certificates: > > - > > CP: https://www.cybertrust.ne.jp/ssl/repository_rt/CTJCP_English.pdf > > > - > > CPS: https://www.cybertrust.ne.jp/ssl/repository_rt/CTJCPS_English.pdf > > Most Recent Self-Assessment: > > The following Self-Assessment applies to all applicant root CA > certificates: > > - > > https://bugzilla.mozilla.org/attachment.cgi?id=9370203 (completed > 12/25/2023) > > Audit Statements: > > - > > Auditor: KPMG <https://home.kpmg.com/us/en/home.html> (enrolled > > <https://www.cpacanada.ca/en/business-and-accounting-resources/audit-and-assurance/overview-of-webtrust-services/licensed-webtrust-practitioners-international> > through WebTrust) > - > > Audit Criteria: WebTrust > - > > Date of Audit Issuance: 12/6/2023 > - > > For Period Ending: 10/5/2023 > - > > Audit Statement(s): > - > > Standard Audit > > <https://cpa.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=776f4813-a74b-45c0-a0b7-d9458cb63878> > (covers all applicant root CA certificates) > - > > TLS BR Audit > > <https://cpa.cpacanada.ca//GenericHandlers/CPACHandler.ashx?AttachmentID=aebe6e0f-5e5f-4085-a02e-29b1b1284095> > (covers all applicant root CA certificates) > - > > TLS EVG Audit > > <https://cpa.cpacanada.ca//GenericHandlers/CPACHandler.ashx?AttachmentID=4a71843c-7e5d-47f6-9b76-dad821913124> > (covers all applicant root CA certificates) > > Incident Summary (Bugzilla incidents from previous 24 months): > > - > > 1827490 <https://bugzilla.mozilla.org/show_bug.cgi?id=1827490>: > Cybertrust Japan: CRL signature algorithm encoding error > > > Thank you > > -Chris, on behalf of the CCADB Steering Committee > > -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mARvXBy6ET7BFQiDb%3DOWB92XWZmdUkCm_OLAEqqQPfYTw%40mail.gmail.com.
