CA/Dashboard
Dashboard for Certificate Change Requests
When Mozilla receives a request for a change to our Root Store, the request passes through the stages outlined below.
To Be Assigned
This section lists CAs who have applied for inclusion but Mozilla has not yet started processing their applications. Action needed by: Mozilla and/or CA.
| ID | Summary | Priority | Status |
|---|---|---|---|
| 1736904 | Add Algerian National Root CA certificate | P5 | ASSIGNED |
| 1748579 | Add Aspire root certificates | P5 | ASSIGNED |
| 1870013 | Add Saudi National SSL root CA | P4 | ASSIGNED |
| 1883983 | Add SOLUTI GLOBAL ROOT CA | P4 | ASSIGNED |
| 1978904 | Add NETLOCK's S/MIME & TLS Root | P3 | ASSIGNED |
| 1983217 | Add Aretiico Group PLC and Aretiico Inc root certificates to Mozilla Root store | P4 | ASSIGNED |
| 2001274 | Add Cybertrust Japan Root CA Cybertrust iTrust TLS ECCP384 Root CA 2025 | P2 | ASSIGNED |
| 2001275 | Add Cybertrust Japan Root CA Cybertrust iTrust TLS RSA4096 Root CA 2025 | P2 | ASSIGNED |
| 2007765 | Add Chunghwa Telecom CHT TrustRoot CA | P3 | ASSIGNED |
9 Total; 9 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Information Verification
This section lists CAs who are in the process of having the information provided in their application verified as complete and correct by Mozilla, which will involve a dialog between the two parties. Action needed by: Mozilla and/or CA.
| ID | Summary | Priority | Status |
|---|---|---|---|
| 1348774 | Add Thailand National Root CA - G1 | P3 | ASSIGNED |
| 1518460 | Add SISP Root CA | P5 | ASSIGNED |
| 1532206 | Add MSC Trustgate root certificate(s) | P3 | ASSIGNED |
| 1602415 | Add PostSignum Root QCA 4 and PostSignum Root QCA ECC R1 | P3 | ASSIGNED |
| 1707136 | Add GSE SMIME Roots to Mozilla root store | P4 | ASSIGNED |
| 1918570 | Add SECOM SMIME RSA Root CA 2024 | P1 | ASSIGNED |
| 1938884 | Add NAVER Cloud Trust Services Root Certificates | P2 | ASSIGNED |
| 1948085 | Add Amazon EU Roots: RSA 2048 EU M1, ECDSA 256 EU M1, and ECDSA 384 EU M1 | P2 | ASSIGNED |
| 1960408 | Add IdenTrust single purpose roots | P1 | ASSIGNED |
| 1968852 | Add Telia Companys S/MIME & TLS Roots | P2 | ASSIGNED |
| 1988341 | Add ACCV ROOT RSA TLS 2024 and ACCV ROOT ECC TLS 2024 root certificates | P3 | ASSIGNED |
| 1988361 | Add SHECA Single-purpose Root CA Certificates | P3 | ASSIGNED |
| 1990213 | Add certSIGN Root CA G4 root certificate | P2 | ASSIGNED |
| 1992971 | Add Actalis TLS Root CAs 2025 and Actalis SMIME Root CAs 2025 | P1 | ASSIGNED |
| 1996117 | Add GoDaddy and Starfield TLS R1 | P1 | ASSIGNED |
15 Total; 15 Open (100%); 0 Resolved (0%); 0 Verified (0%);
On Hold (Super CA)
This section lists CAs who have been judged to be "Super CAs". Super CAs need to have all their sub-CAs apply for inclusion and be accepted before their application can progress. Action needed by: CA.
| ID | Summary | Priority | Status |
|---|---|---|---|
| 1449941 | Add Fina Root CA certificate | P4 | ASSIGNED |
| 1565871 | Add CCA ROOT CA India | P5 | ASSIGNED |
| 1674669 | Add Autoridade Certificadora Raiz Brasileira root certificate | P5 | ASSIGNED |
3 Total; 3 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Ready for Public Discussion
This section lists CAs for whom the information verification phase is complete, and the next stage is for Mozilla to begin a public discussion in the mozilla.dev.security.policy group about the merits of their inclusion. Action needed by: Mozilla.
To see the approximate order in which discussions may be started (after the BR Self Assessment has been provided by the CA and verified by Mozilla):
- Click on the "Whiteboard" column to sort
- Whiteboard tags with "-new" indicate that the CA does not currently have a root certificate in Mozilla's program.
- Whiteboard tags without "-new" indicate that the CA already has a root certificate in Mozilla's program, so they have previously been through Mozilla's rigorous vetting process, and will be given priority in the discussions.
- In general:
- Discussions will be started according to the date when the bug became ready for discussion (the date listed in the whiteboard); i.e. the oldest date will typically be the next discussion to start.
- Only one or two of the "-new" requests may be in discussion at any given point. The amount of time that each discussion takes varies dramatically depending on the number of reviewers contributing to the discussion, and the types of concerns that are raised.
- Requests that are from CAs that already have roots included in NSS may be discussed in parallel, so several of these discussions can happen at the same time.
| ID | Summary | Priority | Status |
|---|---|---|---|
| 1845081 | Add MOIS SSL Root CA | P2 | ASSIGNED |
| 1943001 | Add SECOM TLS RSA Root CA 2024 and SECOM TLS ECC Root CA 2024 | P1 | ASSIGNED |
2 Total; 2 Open (100%); 0 Resolved (0%); 0 Verified (0%);
In Public Discussion
This section lists CAs whose inclusion is currently being publicly discussed. Action needed by: Public and CA.
| ID | Summary | Priority | Status |
|---|---|---|---|
| 1925173 | Add Cybertrust Japan SecureSign Root CA16 | P2 | ASSIGNED |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Discussions On Hold
This section lists CAs for whom the public discussion concluded with action items for the CA to complete, and the CA has not yet completed the action items. Once the action items are completed, discussion can restart. Action needed by: CA.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
Pending Approval
This section lists CAs for which public discussion has been completed, but have not yet been approved by Mozilla for inclusion. Action needed by: Mozilla.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
Approved and Pending Code Changes
This section lists CAs who have been approved and are waiting for Mozilla to add their certificates to the root store file. Action needed by: Mozilla.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);