Accountapprovers, antispam, confirm, emeritus
4,925
edits
Changes
Add OneCRL
The status of whether a root is approved to issue EV certificates or not is [https://dxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp stored in PSM] rather than certdata.txt.
==OneCRL==
While not technically a modification to the root store as we don't use it for un-trusting roots, Mozilla's [https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ OneCRL] system is used for communicating information about the revocation of intermediate certificates (and high-profile misissued end-entity certificates) to Firefox clients.
==CNNIC==
