diff options
author | Benjamin Beurdouche <bbeurdouche@mozilla.com> | 2020-05-27 21:48:05 +0000 |
---|---|---|
committer | Benjamin Beurdouche <bbeurdouche@mozilla.com> | 2020-05-27 21:48:05 +0000 |
commit | 3ec166d77d25cb845a87994b71d53d7227bffacf (patch) | |
tree | 32cf32d167f9d5b7d6441bbf39ca2a00160d338c | |
parent | c7bec658933389ebe517902dda9aed01e468e6a1 (diff) | |
download | nss-hg-3ec166d77d25cb845a87994b71d53d7227bffacf.tar.gz |
Bug 1618404 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Symantec root certs. r=jcj
Differential Revision: https://phabricator.services.mozilla.com/D77062
-rw-r--r-- | lib/ckfw/builtins/certdata.txt | 60 |
1 files changed, 48 insertions, 12 deletions
diff --git a/lib/ckfw/builtins/certdata.txt b/lib/ckfw/builtins/certdata.txt index 850b1afca..ea1492606 100644 --- a/lib/ckfw/builtins/certdata.txt +++ b/lib/ckfw/builtins/certdata.txt @@ -1810,7 +1810,10 @@ CKA_VALUE MULTILINE_OCTAL \302\005\146\200\241\313\346\063 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Wed Jan 01 00:00:00 2020 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\062\060\060\061\060\061\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Global CA" @@ -1972,7 +1975,10 @@ CKA_VALUE MULTILINE_OCTAL \244\346\216\330\371\051\110\212\316\163\376\054 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Sun Sep 30 00:00:00 2018 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\070\060\071\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Universal CA" @@ -2134,7 +2140,10 @@ CKA_VALUE MULTILINE_OCTAL \362\034\054\176\256\002\026\322\126\320\057\127\123\107\350\222 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Wed Jan 01 00:00:00 2020 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\062\060\060\061\060\061\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Universal CA 2" @@ -5332,7 +5341,10 @@ CKA_VALUE MULTILINE_OCTAL \253\022\350\263\336\132\345\240\174\350\017\042\035\132\351\131 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Primary Certification Authority" @@ -5489,7 +5501,10 @@ CKA_VALUE MULTILINE_OCTAL \215\126\214\150 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "thawte Primary Root CA" @@ -5666,7 +5681,10 @@ CKA_VALUE MULTILINE_OCTAL \254\021\326\250\355\143\152 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" @@ -7243,7 +7261,10 @@ CKA_VALUE MULTILINE_OCTAL \021\055 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Primary Certification Authority - G3" @@ -7374,7 +7395,10 @@ CKA_VALUE MULTILINE_OCTAL \367\130\077\056\162\002\127\243\217\241\024\056 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Sun Sep 30 00:00:00 2018 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\070\060\071\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "thawte Primary Root CA - G2" @@ -7536,7 +7560,10 @@ CKA_VALUE MULTILINE_OCTAL \061\324\100\032\142\064\066\077\065\001\256\254\143\240 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "thawte Primary Root CA - G3" @@ -7674,7 +7701,10 @@ CKA_VALUE MULTILINE_OCTAL \017\212 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Wed Jan 01 00:00:00 2020 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\062\060\060\061\060\061\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "GeoTrust Primary Certification Authority - G2" @@ -7846,7 +7876,10 @@ CKA_VALUE MULTILINE_OCTAL \354\315\202\141\361\070\346\117\227\230\052\132\215 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Tue Apr 30 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\064\063\060\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "VeriSign Universal Root Certification Authority" @@ -8003,7 +8036,10 @@ CKA_VALUE MULTILINE_OCTAL \055\247\330\206\052\335\056\020 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Thu Jan 31 00:00:00 2019 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\061\071\060\061\063\061\060\060\060\060\060\060\132 +END CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE # Trust for Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" |