On November 7, 2025, we began a six-week, public discussion regarding Microsec's request to include its root certificate:
- e-Szigno TLS Root CA 2023 <https://crt.sh/?q=B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4> The public discussion period has now ended. We received no objections, questions, or comments opposing Microsec's request. We thank the community for its review and consideration during this period. Root Store Programs will make final inclusion decisions independently, based on each Root Store Operator's inclusion criteria and timelines. Further discussion may take place in the independently managed Root Store community forums (i.e., MDSP). Thank you -Chris, on behalf of the CCADB Steering Committee On Mon, Dec 15, 2025 at 11:37 AM Chris Clements <[email protected]> wrote: > All, > > This is a reminder that the public discussion period for Microsec's > inclusion application closes on Friday, December 19, 2025. > > Thank you > -Chris, on behalf of the CCADB Steering Committee > > On Fri, Nov 7, 2025 at 9:19 AM Chris Clements <[email protected]> > wrote: > >> All, >> >> This email commences a six-week public discussion of Microsec’s request >> to include the following certificate as publicly trusted root certificates >> in one or more CCADB Root Store programs. This discussion period is >> scheduled to close on December 19, 2025. >> >> The purpose of this public discussion process is to promote openness and >> transparency. However, each Root Store makes its inclusion decisions >> independently, on its own timelines, and based on its own inclusion >> criteria. Successful completion of this public discussion process does not >> guarantee any favorable action by any root store. >> >> Anyone with concerns or questions is urged to raise them on this CCADB >> Public list by replying directly in this discussion thread. Likewise, a >> representative of Microsec Ltd. must promptly respond directly in the >> discussion thread to all questions posted. >> >> CCADB Case Number: 00001692 >> <https://ccadb.my.salesforce-sites.com/mozilla/PrintViewForCase?CaseNumber=00001692> >> >> Organization Background Information (listed in CCADB): >> >> - >> >> CA Owner Name: Microsec Ltd. >> - >> >> Website: https://e-szigno.hu/en/ >> - >> >> Address: Ángel Sanz Briz út 13. Graphisoft Park Southern Area, >> Building C Budapest, H-1033 Hungary >> - >> >> Problem Reporting Mechanisms: [email protected], >> https://e-szigno.hu/security-events-report >> - >> >> Organization Type: Private Corporation >> - >> >> Repository URL: https://e-szigno.hu/documents-and-policies >> >> Certificates Requesting Inclusion: >> >> e-Szigno TLS Root CA 2023 (requesting inclusion into three root stores) >> >> - >> >> Certificate links: (CA Repository >> <https://www.e-szigno.hu/tlsrootca2023.crt> / crt.sh >> >> <https://crt.sh/?q=B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4> >> ) >> - >> >> SHA-256 Certificate Fingerprint: >> B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4 >> - >> >> Intended use cases served/EKUs: >> - >> >> Server Authentication (TLS) 1.3.6.1.5.5.7.3.1 >> - >> >> Client Authentication 1.3.6.1.5.5.7.3.2 >> - >> >> Test websites: >> - >> >> Valid: https://eqtlsca2023-valid.e-szigno.hu >> - >> >> Revoked: https://eqtlsca2023-revoked.e-szigno.hu/ >> - >> >> Expired: https://eqtlsca2023-expired.e-szigno.hu >> - >> >> DV Automation: None >> - >> >> OV Automation: None >> - >> >> EV Automation: None >> >> Existing Publicly Trusted Root CAs from Microsec: >> >> Microsec e-Szigno Root CA 2009: >> >> - >> >> Certificate links: (CA Repository >> <http://www.e-szigno.hu/rootca2009.crt> / crt.sh >> >> <https://crt.sh/?q=3C5F81FEA5FAB82C64BFA2EAECAFCDE8E077FC8620A7CAE537163DF36EDBF378> >> ) >> - >> >> SHA-256 Certificate Fingerprint: >> 3C5F81FEA5FAB82C64BFA2EAECAFCDE8E077FC8620A7CAE537163DF36EDBF378 >> - >> >> Trust Bits/EKUs: Client Authentication;Code Signing;Secure >> Email;Server Authentication;Encrypting File System;Time Stamping;IP >> Security Tunnel Termination;IP Security User >> - >> >> Included in: Apple, Google Chrome, Microsoft, Mozilla >> - >> >> Certificate corpus: here >> >> <https://search.censys.io/search?resource=certificates&q=3C5F81FEA5FAB82C64BFA2EAECAFCDE8E077FC8620A7CAE537163DF36EDBF378+and+labels%3Dever-trusted> >> (Censys login required) >> >> e-Szigno Root CA 2017: >> >> - >> >> Certificate links: (CA Repository >> <https://www.e-szigno.hu/rootca2017.crt> / crt.sh >> >> <https://crt.sh/?q=BEB00B30839B9BC32C32E4447905950641F26421B15ED089198B518AE2EA1B99> >> ) >> - >> >> SHA-256 Certificate Fingerprint: >> BEB00B30839B9BC32C32E4447905950641F26421B15ED089198B518AE2EA1B99 >> - >> >> Trust Bits/EKUs: Client Authentication;Code Signing;Document >> Signing;Secure Email;Server Authentication;Time Stamping >> - >> >> Included in: Google Chrome, Microsoft, Mozilla >> - >> >> Certificate corpus: here >> >> <https://search.censys.io/search?resource=certificates&q=BEB00B30839B9BC32C32E4447905950641F26421B15ED089198B518AE2EA1B99+and+labels%3Dever-trusted> >> (Censys login required) >> >> e-Szigno TLS Root CA 2023: >> >> - >> >> Certificate links: (CA Repository >> <https://www.e-szigno.hu/tlsrootca2023.crt> / crt.sh >> >> <https://crt.sh/?q=B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4> >> ) >> - >> >> SHA-256 Certificate Fingerprint: >> B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4 >> - >> >> Trust Bits/EKUs: Client Authentication;Server Authentication >> - >> >> Included in: Microsoft >> - >> >> Certificate corpus: here >> >> <https://search.censys.io/search?resource=certificates&q=B49141502D00663D740F2E7EC340C52800962666121A36D09CF7DD2B90384FB4+and+labels%3Dever-trusted> >> (Censys login required) >> >> Relevant Policy and Practices Documentation: >> >> - >> >> Document Repository: https://e-szigno.hu/documents-and-policies >> - >> >> Markdown/AsciiDoc CP/CPS: https://github.com/microsec/regulations >> - >> >> CP: https://e-szigno.hu/docs/latest-regulation/eidas_hr_all_all/eng >> - >> >> CPS: https://e-szigno.hu/docs/latest-regulation/eidas_szsz_all_all/eng >> >> >> Most Recent Self-Assessment: >> >> - >> >> >> >> https://docs.google.com/spreadsheets/d/1FB1yKjnLeuX7O-8k6Fj199aNT_xA3anGySqNiLPTXDs/edit?gid=2064058180#gid=2064058180 >> >> >> Audit Statements: >> >> - >> >> Auditor: Hunguard >> - >> >> Audit Criteria: ETSI EN 319 411 >> - >> >> Recent Audit Statement(s): >> - >> >> Root Key Generation >> <https://bugzilla.mozilla.org/attachment.cgi?id=9371119> (June 7, >> 2023) >> - >> >> Standard Audit >> >> <https://www.hunguard.hu/wp-content/uploads/2024/11/Attestation_letter_010_standard_v10_ds.pdf> >> (Period: September 10, 2023 - September 9, 2024) >> - >> >> TLS BR Audit >> >> <https://www.hunguard.hu/wp-content/uploads/2024/11/Attestation_letter_010_TLS-BR_v10_ds.pdf> >> (Period: September 10, 2023 - September 9, 2024) >> - >> >> TLS EVG Audit >> >> <https://www.hunguard.hu/wp-content/uploads/2024/11/Attestation_letter_010_TLS-EV_v10_ds.pdf> >> (Period: September 10, 2023 - September 9, 2024) >> >> Incident Summary (Bugzilla incidents from previous 24 months): >> >> - >> >> 1865880 <https://bugzilla.mozilla.org/show_bug.cgi?id=1865880>: >> Microsec: Findings in 2023 Audit >> - >> >> 1886257 <https://bugzilla.mozilla.org/show_bug.cgi?id=1886257>: >> Microsec: Misissuance an EV TLS certificate without CPSuri >> - >> >> 1886998 <https://bugzilla.mozilla.org/show_bug.cgi?id=1886998>: >> Microsec: Late response to a CPR >> - >> >> 1887110 <https://bugzilla.mozilla.org/show_bug.cgi?id=1887110>: >> Microsec: Delayed revocation of the misissued certificates >> - >> >> 1889699 <https://bugzilla.mozilla.org/show_bug.cgi?id=1889699>: >> Microsec: Disallowed subject attribute field in DV certificate >> - >> >> 1925239 <https://bugzilla.mozilla.org/show_bug.cgi?id=1925239>: >> Microsec: Expired Certificates on test Pages for Revocation >> - >> >> 1952519 <https://bugzilla.mozilla.org/show_bug.cgi?id=1952519>: >> Microsec: Inconsistent Disclosure of S/MIME BR Audit Information in CCADB >> >> >> Thank you >> >> -Chris, on behalf of the CCADB Steering Committee >> >> -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/ccadb.org/d/msgid/public/CAAbw9mBT20Dotd_m0Tfg79bO8ZUV5N%2BpdztBJEd%2Bypn%2BAWEvtA%40mail.gmail.com.
