CA/Dashboard
Contents
Dashboard for Certificate Change Requests
When Mozilla receives a request for a change to our Root Store, the request passes through the stages outlined below.
To Be Assigned
This section lists CAs who have applied for inclusion but Mozilla has not yet started processing their applications. Action needed by: Mozilla and/or CA.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 1331364 | Add Root Certification Authority of the Republic of Kazakhstan (root.gov.kz) | UNCONFIRMED | [ca-initial] -- Concerns in Comment #2 must be resolved before proceeding with evaluation | 2017-05-05T13:51:36Z |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Information Verification
This section lists CAs who are in the process of having the information provided in their application verified as complete and correct by Mozilla, which will involve a dialog between the two parties. Action needed by: Mozilla and/or CA.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 478418 | Please add US FPKI Common Policy CA certificate | ASSIGNED | Kathleen Wilson | [ca-verifying] -- See Comment #66 | 2017-05-05T16:25:56Z |
| 555156 | Add ANF root certificate | ASSIGNED | Aaron Wu | [ca-verifying] - EV -- See Comment #106 - Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 667466 | Add PSC-FII AC Certificate as trust anchor | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-07-27T01:20:10Z |
| 1023726 | LAWtrust Root CA certificate inclusion in NSS | ASSIGNED | Aaron Wu | [ca-verifying] | 2017-07-19T11:52:10Z |
| 1024418 | Please add Signet/Orange Root CA certificate | REOPENED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-05-23T22:57:54Z |
| 1102143 | Add Renewed Autoridad de Certificacion Firmaprofesional root certificate | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 1165472 | EV-Enable DigiCert Assured ID Root CA and DigiCert Global Root CA | ASSIGNED | Aaron Wu | [ca-verifying] - EV | 2017-04-26T19:24:40Z |
| 1226100 | Add MOI GPKI Root CA certificate(s) | ASSIGNED | Aaron Wu | [ca-verifying] | 2017-08-04T04:28:35Z |
| 1281002 | Add Certicamara S.A root certificate(s) | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 1309797 | Add SHECA root certificate(s) | ASSIGNED | Aaron Wu | [ca-verifying] - BR Self Assessment Received | 2017-08-14T09:51:23Z |
| 1312957 | Add [China Internet Network Information Center (CNNIC) CA] root certificate(s) | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-05-05T20:54:31Z |
| 1313982 | Add 2 new SECOM root certificates | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-06-16T08:51:19Z |
| 1322668 | Enable EV for TeliaSonera Root CA v1 root | ASSIGNED | Aaron Wu | [ca-verifying] -- Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 1325532 | Add Google Root Certificates | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-05-25T00:42:53Z |
| 1339292 | Enable EV for "IdenTrust Commercial Root CA 1" | UNCONFIRMED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 1341604 | Add Renewed Chunghwa Telecom eCA root certificate (ePKI Root Certification Authority - G2) | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-08-07T16:38:55Z |
| 1348774 | Thailand National Root CA - G1 | ASSIGNED | Aaron Wu | [ca-verifying] - BR Self Assessment Received | 2017-08-16T18:30:29Z |
| 1377389 | Add Korea Ministry of the Interior (MOI) root | UNCONFIRMED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-08-07T16:49:16Z |
| 1381406 | Add StartCom CA root certificates | ASSIGNED | Aaron Wu | [ca-verifying] - BR Self Assessment Received | 2017-08-09T19:09:38Z |
| 1390803 | Add "GlobalSign Root CA - R6" root certificate | ASSIGNED | Aaron Wu | [ca-verifying] - Need BR Self Assessment | 2017-08-17T00:17:19Z |
20 Total; 20 Open (100%); 0 Resolved (0%); 0 Verified (0%);
On Hold (Super CA)
This section lists CAs who have been judged to be "Super CAs". Super CAs need to have all their sub-CAs apply for inclusion and be accepted before their application can progress. Action needed by: CA.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 335197 | Add KISA root CA Certificate | ASSIGNED | Kathleen Wilson | [ca-hold] -- Super-CA -- See Comment #168 | 2017-04-26T19:24:40Z |
| 438825 | Add CA Root certificate (Brazil's National PKI) | ASSIGNED | Kathleen Wilson | [ca-hold] -- Super-CA -- See Comment #126 | 2017-04-27T00:58:30Z |
| 1302431 | Add Autoridad de Certificacion Raiz del Estado Venezolano root certificate | ASSIGNED | Aaron Wu | [ca-hold] - SUSCERTE -- Super-CA of PSC-FII | 2017-04-26T19:24:40Z |
| 1310580 | Add new KISA Root certificate(KISA RootCA 4) to Trusted Root Store | UNCONFIRMED | Aaron Wu | [ca-hold] - Super-CA, need to approve subCAs first | 2017-05-09T15:54:34Z |
4 Total; 4 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Ready for Public Discussion
This section lists CAs for whom the information verification phase is complete, and the next stage is for Mozilla to begin a public discussion in the mozilla.dev.security.policy group about the merits of their inclusion. Action needed by: Mozilla.
To see the approximate order in which discussions may be started (after the BR Self Assessment has been provided by the CA and verified by Mozilla):
- Click on the "Whiteboard" column to sort
- Whiteboard tags with "-new" indicate that the CA does not currently have a root certificate in Mozilla's program.
- Whiteboard tags without "-new" indicate that the CA already has a root certificate in Mozilla's program, so they have previously been through Mozilla's rigorous vetting process, and will be given priority in the discussions.
- In general:
- Discussions will be started according to the date when the bug became ready for discussion (the date listed in the whiteboard); i.e. the oldest date will typically be the next discussion to start.
- Only one or two of the "-new" requests may be in discussion at any given point. The amount of time that each discussion takes varies dramatically depending on the number of reviewers contributing to the discussion, and the types of concerns that are raised.
- Requests that are from CAs that already have roots included in NSS may be discussed in parallel, so several of these discussions can happen at the same time.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 435026 | Add Swiss BIT Root certificate | REOPENED | Aaron Wu | [ca-ready-for-discussion-new 2017-03-15] -EV - BR Self Assessment Completed 2017-04-18 | 2017-08-16T09:27:14Z |
| 636557 | Add Visa Information Delivery Root CA certificate | ASSIGNED | Aaron Wu | [ca-ready-for-discussion 2016-10-16] - BR Self Assessment Received | 2017-08-15T09:03:25Z |
| 848766 | Please Add OATI's Root CA Certificate to Mozilla's trusted root list | ASSIGNED | Aaron Wu | [ca-ready-for-discussion-new 2016-01-07] -- BR Self Assessment Received | 2017-06-26T18:04:58Z |
| 986854 | Add Renewed AC Camerfirma root certificate. | ASSIGNED | Aaron Wu | [ca-ready-for-discussion 2017-01-23] - BR Self Assessment Completed | 2017-08-16T08:52:00Z |
| 1040072 | Add MULTICERT Root Certificate | ASSIGNED | Kathleen Wilson | [ca-ready-for-discussion-new 2016-02-12] - Need BR Self Assessment | 2017-04-26T19:24:40Z |
| 1142323 | Add SwissSign SHA2 root certificate(s) | ASSIGNED | Aaron Wu | [ca-ready-for-discussion 2017-03-16] -- EV - BR Self Assessment Completed | 2017-06-06T11:44:15Z |
| 1239329 | Add Renewed ACEDICOM root certificate(s) | ASSIGNED | Aaron Wu | [ca-ready-for-discussion 2016-01-25] - Need BR Self Assessment | 2017-04-26T19:24:40Z |
7 Total; 7 Open (100%); 0 Resolved (0%); 0 Verified (0%);
In Public Discussion
This section lists CAs whose inclusion is currently being publicly discussed. Action needed by: Public and CA.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 1065896 | Apply Taiwan Government root certificate included in mozilla | ASSIGNED | Kathleen Wilson | [ca-in-discussion] - BR Self Assessment Completed -- constrain to *.tw | 2017-08-15T09:33:26Z |
| 1231853 | Add TrustCor CA root certificate(s) | ASSIGNED | Aaron Wu | [ca-in-discussion] - BR Self Assessment Completed 2017-04-20 | 2017-05-19T02:27:04Z |
| 1233645 | Add TunRootCA2 root certificate(s) | REOPENED | Aaron Wu | [ca-in-discussion] - BR Self Assessment Completed | 2017-07-19T21:37:43Z |
| 1265683 | Add [Certigna Root CA] root certificate(s) | ASSIGNED | Kathleen Wilson | [ca-in-discussion] - BR Self Assessment Completed | 2017-05-16T00:50:15Z |
| 1277336 | Add SSL.com root certificate(s) | ASSIGNED | Aaron Wu | [ca-in-discussion] - EV - BR Self Assessment Completed | 2017-08-14T17:40:10Z |
5 Total; 5 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Discussions On Hold
This section lists CAs for whom the public discussion concluded with action items for the CA to complete, and the CA has not yet completed the action items. Once the action items are completed, discussion can restart. Action needed by: CA.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| 379152 | Add Lithuanian National Root Certificates | REOPENED | Kathleen Wilson | [ca-discussion-hold] -- EV - pending updated CP/CPS | 2017-04-26T19:24:40Z |
| 675060 | Add Comsign Global Root CA certificate | ASSIGNED | Kathleen Wilson | [ca-discussion-hold] -- Need BR Self Assessment | 2017-08-21T09:08:46Z |
| 870185 | Add Renewed Japanese Government Application CA Root certificate | ASSIGNED | Aaron Wu | [ca-discussion-hold] -- CP/CPS need more detail per Comment #48 - BR Self Assessment Completed | 2017-08-02T09:53:11Z |
| 1092963 | Add Renewed A-Trust-Root-05 root certificate | ASSIGNED | Kathleen Wilson | [ca-discussion-hold] -- EV - pending translation of updated CP/CPS | 2017-04-26T19:24:40Z |
4 Total; 4 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Pending Approval
This section lists CAs for which public discussion has been completed, but have not yet been approved by Mozilla for inclusion. Action needed by: Mozilla.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time | Depends on |
|---|
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
Approved and Pending Code Changes
This section lists CAs who have been approved and are waiting for Mozilla to add their certificates to the root store file. Action needed by: Mozilla.
| ID | Summary | Status | Assigned to | Whiteboard | Last change time | Depends on |
|---|---|---|---|---|---|---|
| 1128392 | Add GDCA Root Certificate | ASSIGNED | Aaron Wu | [ca-approved] - Pending NSS and PSM Changes | 2017-07-27T19:37:12Z | 1385063, 1385065 |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
