Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Thanks to all of you who reviewed and commented on this request from Guangdong Certificate Authority (GDCA) to include the GDCA TrustAUTH R5 ROOT certificate, turn on the Websites trust bit, and enabled EV treatment. I believe that all of the concerns that were raised in this discussion have

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

The updated documents are also posted on the CA's website: https://www.gdca.com.cn/customer_service/knowledge_universe/cp_cps/ Current audit statements are here: WebTrust CA: https://cert.webtrust.org/ViewSeal?id=2231 WebTrust BR: https://cert.webtrust.org/ViewSeal?id=2232 WebTrust EV SSL:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Hi All, We have just updated and published our CP/CPS, and the latest versions are available at: CP V1.7: https://bug1128392.bmoattachments.org/attachment.cgi?id=8871236 CPS V4.6: https://bug1128392.bmoattachments.org/attachment.cgi?id=8871237 EV CP V1.5:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年5月17日星期三 UTC+8下午5:18:59，Rob Stradling写道： > On 12/05/17 06:51, wangsn1206--- via dev-security-policy wrote: > > 在 2017年5月11日星期四 UTC+8下午5:58:00，Rob Stradling写道： > >> On 11/05/17 10:42, wangsn1206--- via dev-security-policy wrote: > >> > * CPS Appendix1: Certificate information of the

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 12/05/17 06:51, wangsn1206--- via dev-security-policy wrote: 在 2017年5月11日星期四 UTC+8下午5:58:00，Rob Stradling写道： On 11/05/17 10:42, wangsn1206--- via dev-security-policy wrote: * CPS Appendix1: Certificate information of the publicly trusted CAs: Most of the listed CAs can't be found in crt.sh

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年5月16日星期二 UTC+8上午5:19:14，Patrick Tronnier写道： > Greetings, I have reviewed your second BR self-assessment > (https://bugzilla.mozilla.org/attachment.cgi?id=8860627) against your updated > CP/CPS (CP V1.6, CPS V4.5, EV CP V1.4, and EV CPS V1.5) and provided the > following comments and/or

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Greetings, I have reviewed your second BR self-assessment (https://bugzilla.mozilla.org/attachment.cgi?id=8860627) against your updated CP/CPS (CP V1.6, CPS V4.5, EV CP V1.4, and EV CPS V1.5) and provided the following comments and/or recommendations. 1. BR Section 3.2.2.5 Authentication for

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年5月11日星期四 UTC+8下午5:58:00，Rob Stradling写道： > On 11/05/17 10:42, wangsn1206--- via dev-security-policy wrote: > > >> * CPS Appendix1: Certificate information of the publicly trusted CAs: Most > >> of the listed CAs can't be found in crt.sh - it would be great to get them > >> CT logged. > >>

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 11/05/17 10:42, wangsn1206--- via dev-security-policy wrote: * CPS Appendix1: Certificate information of the publicly trusted CAs: Most of the listed CAs can't be found in crt.sh - it would be great to get them CT logged. Already get CT logged for GDCA TrustAUTH R5 ROOT,and such operation

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Hi Andrew, Thanks for the comments. Please check our following responses. > * Please don't protect your PDFs for printing > We have removed the restrictions on the printing of the PDF documents and re-uploaded them to the BUG, these documents are available at:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年4月20日星期四 UTC+8下午11:31:14，Patrick Tronnier写道： > On Thursday, April 20, 2017 at 9:30:31 AM UTC-4, wangs...@gmail.com wrote: > > We have just published the updated CP/CPS documents, this version has been > > revised according to the latest Baseline Requirements and has been reviewed > >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Thursday, April 20, 2017 at 9:30:31 AM UTC-4, wangs...@gmail.com wrote: > We have just published the updated CP/CPS documents, this version has been > revised according to the latest Baseline Requirements and has been reviewed > internally, meanwhile, the points our “Analysis on the

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年3月30日星期四 UTC+8下午10:34:00，Patrick Tronnier写道： > On Sunday, March 26, 2017 at 11:48:43 PM UTC-4, wangs...@gmail.com wrote: > > We compiled an analysis document on our CP/CPS’s Compliance with the BRs > > for everyone to review and comment. You can find the document at the > > following

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2017年3月30日星期四 UTC+8下午10:34:00，Patrick Tronnier写道： > On Sunday, March 26, 2017 at 11:48:43 PM UTC-4, wangs...@gmail.com wrote: > > We compiled an analysis document on our CP/CPS’s Compliance with the BRs > > for everyone to review and comment. You can find the document at the > > following

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Sunday, March 26, 2017 at 11:48:43 PM UTC-4, wangs...@gmail.com wrote: > We compiled an analysis document on our CP/CPS’s Compliance with the BRs for > everyone to review and comment. You can find the document at the following > address of the >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

All, This request is to include the "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and enabled EV treatment. In order to help get this discussion moving again, I asked GDCA to provide a side-by-side comparison of the latest version of the BRs with their CP/CPS

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

We compiled an analysis document on our CP/CPS’s Compliance with the BRs for everyone to review and comment. You can find the document at the following address of the BUG:https://bug1128392.bmoattachments.org/attachment.cgi?id=8851230   Your suggestions will be much appreciated.

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

The answer is yes. That’s why we need to apply for root inclusion. We also upload the latest version of CP/CPS here for your convenience. 1. GDCA CP Ver 1.5 https://bug1128392.bmoattachments.org/attachment.cgi?id=8813656 2. GDCA CPS Ver 4.4

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 22/11/16 15:47, wangsn1...@gmail.com wrote: > into effect on Dec 1st, 2016. Here are the names of the files and > their URL: 1. GDCA CP Ver 1.5 > https://www.gdca.com.cn/export/sites/default/customer_service/.content/attachments/1.GDCA-CP-V1.5.pdf A bilingual edition seems like an excellent

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Thanks for all suggestions upon our CP/CPS and base on the development of our business, we have revised and prepared a bilingual edition of CP/CPS, which have been submitted to our auditor to check the consistency of major contents between Chinese version and English version, and officially

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 18/11/16 11:38, wangsn1...@gmail.com wrote: > GDCA takes security and governance seriously and we have a strict > control for Chinese version CP/CPS, all the contents are disclosed. > And The Chinese versions for CPS 4.1, 4.2, 4.3 are published on the > official website, so we cannot cover-up

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月17日星期四 UTC+8下午7:20:05，Gervase Markham写道： > Hi Kathleen, > > On 15/11/16 00:51, Kathleen Wilson wrote: > > There were some recommendations to deny this request due to the > > versioning problems between the English documents and the original > > documents. > > > > Do you all still feel

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 17/11/2016 12:19, Gervase Markham wrote: Hi Kathleen, On 15/11/16 00:51, Kathleen Wilson wrote: There were some recommendations to deny this request due to the versioning problems between the English documents and the original documents. Do you all still feel that is the proper answer to

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月16日星期三 UTC+8下午3:59:12，wangs...@gmail.com写道： > 在 2016年11月16日星期三 UTC+8上午1:11:05，Han Yuwei写道： > > 在 2016年11月15日星期二 UTC+8下午7:03:07，wangs...@gmail.com写道： > > > 在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： > > > > On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com > > >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Hi Kathleen, On 15/11/16 00:51, Kathleen Wilson wrote: > There were some recommendations to deny this request due to the > versioning problems between the English documents and the original > documents. > > Do you all still feel that is the proper answer to this root > inclusion request? As I

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月16日星期三 UTC+8上午1:11:05，Han Yuwei写道： > 在 2016年11月15日星期二 UTC+8下午7:03:07，wangs...@gmail.com写道： > > 在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： > > > On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: > > > > We have uploaded the lastest translantion of CP/CPS.

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月16日星期三 UTC+8上午6:35:22，Kathleen Wilson写道： > On Tuesday, November 15, 2016 at 10:41:28 AM UTC-8, Peter Bowen wrote: > > I think Mozilla needs to update its guidance to CAs. The information > > checklist directions > >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Tuesday, November 15, 2016 at 10:41:28 AM UTC-8, Peter Bowen wrote: > I think Mozilla needs to update its guidance to CAs. The information > checklist directions > (https://wiki.mozilla.org/CA:Information_checklist#Verification_Policies_and_Practices) > says "If the CP/CPS documents are not in

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Tue, Nov 15, 2016 at 3:02 AM, wrote: > > Because we misunderstand that we only need to provide the related chapters of > CP/CPS in English, and non-related sections are not required. We are terribly > sorry that we misinterpreted your requirement and upload an

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Tuesday, November 15, 2016 at 6:03:07 AM UTC-5, wangs...@gmail.com wrote: > 在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： > > On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: > > > We have uploaded the lastest translantion of CP/CPS. > > > CP:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 15/11/2016 18:10, Han Yuwei wrote: 在 2016年11月15日星期二 UTC+8下午7:03:07，wangs...@gmail.com写道： 在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: We have uploaded the lastest translantion of CP/CPS. CP:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月15日星期二 UTC+8下午7:03:07，wangs...@gmail.com写道： > 在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： > > On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: > > > We have uploaded the lastest translantion of CP/CPS. > > > CP:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Agree with Gerv & Tony, More patience should be given if they want to improve. And I don’t think “I posted on the solidot (Chinese Slashdot) about this. The majority comments want the application rejected. “is enough to be the reason to reject the request. For many Chinese companies, they do

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月15日星期二 UTC+8下午5:53:19，Gervase Markham写道： > On 15/11/16 08:39, Percy wrote: > > I posted on the solidot (Chinese Slashdot) about this. The majority > > comments want the application rejected. > >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Wednesday, August 3, 2016 at 2:45:23 PM UTC-7, Kathleen Wilson wrote: > This request from Guangdong Certificate Authority (GDCA) is to include the > "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and > enabled EV treatment. > > GDCA is a nationally recognized CA that

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年11月15日星期二 UTC+8上午8:51:25，Kathleen Wilson写道： > On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: > > We have uploaded the lastest translantion of CP/CPS. > > CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805543 > > CPS:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Friday, October 28, 2016 at 7:29:56 AM UTC-7, wangs...@gmail.com wrote: > We have uploaded the lastest translantion of CP/CPS. > CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805543 > CPS: https://bug1128392.bmoattachments.org/attachment.cgi?id=8805545 > EV CP:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Sun, Oct 30, 2016 at 11:34 PM, wrote: > wangs...@gmail.com於 2016年10月31日星期一 UTC+8下午2時22分05秒寫道： >> 在 2016年10月28日星期五 UTC+8上午8:19:43，Percy写道： >> > "When facing any requirements of laws and regulations or any demands for >> > undergoing legal >> > process of court and

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月30日星期日 UTC+8下午9:13:32，Gervase Markham写道： > On 29/10/16 22:23, Han Yuwei wrote: > > Is SM2 acceptable in publicy-trusted CAs? I don't think so. > > No; the BRs list the permitted algorithms, and SM2 is not one of them. > > > Maybe Gerv could explain more about this. And I am wondering

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月28日星期五 UTC+8上午8:19:43，Percy写道： > "When facing any requirements of laws and regulations or any demands for > undergoing legal > process of court and other agencies, GDCA must provide confidential > information in this CP" > > Can GDCA specify what other agencies are included? In China,

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 29/10/16 22:23, Han Yuwei wrote: > Is SM2 acceptable in publicy-trusted CAs? I don't think so. No; the BRs list the permitted algorithms, and SM2 is not one of them. > Maybe Gerv could explain more about this. And I am wondering what can > CA do if government requirement conflicts with

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月30日星期日 UTC+8上午5:30:23，Peter Bowen写道： > > On Oct 29, 2016, at 2:23 PM, Han Yuwei wrote: > > > > 在 2016年10月28日星期五 UTC+8下午9:23:01，wangs...@gmail.com写道： > >> We are not intended to cover-up anything since we had disclosed every > >> change to the Chinese version

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> > > > > > > > > From: Jakob Bohm > > > Sent: Saturday, October 22, 2016 9:07 AM > > > To: mozilla-dev-s...@lists.mozilla.org > > > Subject: Re: Guang Dong Certifica

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> On Oct 29, 2016, at 2:23 PM, Han Yuwei wrote: > > 在 2016年10月28日星期五 UTC+8下午9:23:01，wangs...@gmail.com写道： >> We are not intended to cover-up anything since we had disclosed every change >> to the Chinese version CP/CPS at once after the auditor reviewed. >> The

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月28日星期五 UTC+8下午9:23:01，wangs...@gmail.com写道： > We are not intended to cover-up anything since we had disclosed every change > to the Chinese version CP/CPS at once after the auditor reviewed. > The “ROOTCA(SM2)” CA in $1.1.3 of CPS ver4.3 is equivalent to the “SM2 ROOT > Certificate” CA

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 27/10/16 23:43, Han Yuwei wrote: > Since Mozilla's working language is English (Not sure about this), That is true. > it's your responsibility to provide an accurate translation of CPS. That is also true. However, we don't require that the English version be the master copy. Gerv

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

We have uploaded the lastest translantion of CP/CPS. CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805543 CPS: https://bug1128392.bmoattachments.org/attachment.cgi?id=8805545 EV CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805546 EV CPS:

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

We are not intended to cover-up anything since we had disclosed every change to the Chinese version CP/CPS at once after the auditor reviewed. The “ROOTCA(SM2)” CA in $1.1.3 of CPS ver4.3 is equivalent to the “SM2 ROOT Certificate” CA in $1.1.3 of CPS ver4.1. The “Guangdong Certificate

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

"When facing any requirements of laws and regulations or any demands for undergoing legal process of court and other agencies, GDCA must provide confidential information in this CP" Can GDCA specify what other agencies are included? In China, many requests are relayed simply through a phone

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> > > > > > From: Jakob Bohm > > Sent: Saturday, October 22, 2016

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> > > > > > > > > From: Jakob Bohm > > > Sent: Saturday, October 22, 2016 9:07 AM > > > To: mozilla-dev-s...@lists.mozilla.org > > > Subject: Re: Gu

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> > > > > > From: Jakob Bohm > > Sent

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> > From: Jakob Bohm > Sent: Saturday, October 22, 2016 9:07 AM > To: mozilla-dev-s...@lists.mozilla.org > Subject: Re: Guang Dong Certificate Authority (GDCA) root inclusion request > > > On 21/10/2016 10:38, Han Yuwei wrote

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

I think these are both good points and my recommendation is that Mozilla deny GDCA's request for inclusion.We should not have to explain something as basic as document versioning and version control. If GDCA can

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

We have already implemented version control on Chinese version CP/CPS, which include version number (e.g. V4.3) and effective date (e.g. 2016-08-01). The revision and release of CP/CPS are reviewed and approved by the security policy committee (see section 1.5 in CP/CPS). Meanwhile, we are a

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On 21/10/2016 10:38, Han Yuwei wrote: I think this is a major mistake and a investgation should be conducted for CPS is a critical document about CA. This is not just a translation problem but a version control problem. Sometimes it can be lying. Let me try to be more specific: When

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月21日星期五 UTC+8下午12:15:07，wangs...@gmail.com写道： > 在 2016年10月21日星期五 UTC+8上午12:15:00，Han Yuwei写道： > > 在 2016年10月20日星期四 UTC+8上午5:27:42，Andrew R. Whalley写道： > > > Hello, > > > > > > Thank you for the links. I note, however, that there's at least one > > > difference between the native

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月21日星期五 UTC+8上午12:15:00，Han Yuwei写道： > 在 2016年10月20日星期四 UTC+8上午5:27:42，Andrew R. Whalley写道： > > Hello, > > > > Thank you for the links. I note, however, that there's at least one > > difference between the native language version and the English translation: > > > >

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月21日星期五 UTC+8上午10:52:42，Percy写道： > Thanks for bringing the discrepancy into our attention. > Even the cover page of the English and Chinese version of CPS are dated > differently. > > English > Global Digital Cybersecurity Authority > CO., LTD. > Certification Practice Statement (CPS)

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Thanks for bringing the discrepancy into our attention. Even the cover page of the English and Chinese version of CPS are dated differently. English Global Digital Cybersecurity Authority CO., LTD. Certification Practice Statement (CPS) Version: V4.3 Effective Date: July 1, 2016 Chinese

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年10月20日星期四 UTC+8上午5:27:42，Andrew R. Whalley写道： > Hello, > > Thank you for the links. I note, however, that there's at least one > difference between the native language version and the English translation: > > http://www.gdca.com.cn/cps/cps version 4.3 has a section 4.2.4 covering > CAA.

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Hello, Thank you for the links. I note, however, that there's at least one difference between the native language version and the English translation: http://www.gdca.com.cn/cps/cps version 4.3 has a section 4.2.4 covering CAA. https://bug1128392.bmoattachments.org/attachment.cgi?id=8795091

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年9月27日星期二 UTC+8上午4:15:00，Andrew R. Whalley写道： > Hello, > > I have completed a read through of the English translations of the CP > (v1.2) and CPS (v4.1). Before I post my comments I wanted to see if there > were any more recent translations? It looks like the local language > versions are

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

> Dear Peter, Thanks for your comments! We think that there are some good > suggestions for our work. We’ll take notes and do better in our future work. > >> We have discussed these questions with our auditor. Here are our reply to > your comments: > > - The basic WebTrust for CA Report does

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

在 2016年9月17日星期六 UTC+8上午5:38:29，Percy写道： > On Wednesday, August 3, 2016 at 2:45:23 PM UTC-7, Kathleen Wilson wrote: > > This request from Guangdong Certificate Authority (GDCA) is to include the > > "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and > > enabled EV

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Mon, Sep 19, 2016 at 1:56 AM, wrote: > Dear Peter, Thanks for your comments! We think that there are some good > suggestions for our work. We’ll take notes and do better in our future work. > > We have discussed these questions with our auditor. Here are our reply to

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

Dear Peter, Thanks for your comments! We think that there are some good suggestions for our work. We’ll take notes and do better in our future work. We have discussed these questions with our auditor. Here are our reply to your comments: Opportunties for Improvement: - The basic

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Wed, Aug 3, 2016 at 2:45 PM, Kathleen Wilson wrote: > This request from Guangdong Certificate Authority (GDCA) is to include the > "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and > enabled EV treatment. > > * CA Hierarchy: This root certificate

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

On Wednesday, August 3, 2016 at 2:45:23 PM UTC-7, Kathleen Wilson wrote: > This request from Guangdong Certificate Authority (GDCA) is to include the > "GDCA TrustAUTH R5 ROOT" certificate, turn on the Websites trust bit, and > enabled EV treatment. > > GDCA is a nationally recognized CA that