diff options
author | J.C. Jones <jjones@mozilla.com> | 2020-06-12 21:23:06 +0000 |
---|---|---|
committer | J.C. Jones <jjones@mozilla.com> | 2020-06-12 21:23:06 +0000 |
commit | b7a6f3feb6a6ddae63eb94a4ecf1e4203afa1408 (patch) | |
tree | 35abc9b6f84a7a9f285c95753897ad8f2bf15212 | |
parent | ceb3dd8b06ef20bb9dd2f06fc9587acd113c5dea (diff) | |
download | nss-hg-b7a6f3feb6a6ddae63eb94a4ecf1e4203afa1408.tar.gz |
Bug 1618402 - Disable email trust bit for several Symantec certs r=KathleenWilson,kjacobs
Disable the Email trust bit for the following root certs"
Subject: CN=GeoTrust Global CA; O=GeoTrust Inc.; C=US
Certificate Serial Number: 023456
SHA-1 Fingerprint: DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
SHA-256 Fingerprint: FF856A2D251DCD88D36656F450126798CFABAADE40799C722DE4D2B5DB36A73A
Subject: CN=GeoTrust Primary Certification Authority - G2; OU=(c) 2007 GeoTrust Inc. - For authorized use only; O=GeoTrust Inc.; C=US
Certificate Serial Number: 3CB2F4480A00E2FEEB243B5E603EC36B
SHA-1 Fingerprint: 8D1784D537F3037DEC70FE578B519A99E610D7B0
SHA-256 Fingerprint: 5EDB7AC43B82A06A8761E8D7BE4979EBF2611F7DD79BF91C1C6B566A219ED766
Subject: CN=GeoTrust Primary Certification Authority - G3; OU=(c) 2008 GeoTrust Inc. - For authorized use only; O=GeoTrust Inc.; C=US
Certificate Serial Number: 15AC6E9419B2794B41F627A9C3180F1F
SHA-1 Fingerprint: 039EEDB80BE7A03C6953893B20D2D9323A4C2AFD
SHA-256 Fingerprint: B478B812250DF878635C2AA7EC7D155EAA625EE82916E2CD294361886CD1FBD4
Subject: CN=GeoTrust Universal CA; O=GeoTrust Inc.; C=US
Certificate Serial Number: 01
SHA-1 Fingerprint: E621F3354379059A4B68309D8A2F74221587EC79
SHA-256 Fingerprint: A0459B9F63B22559F5FA5D4C6DB3F9F72FF19342033578F073BF1D1B46CBB912
Subject: CN=GeoTrust Universal CA 2; O=GeoTrust Inc.; C=US
Certificate Serial Number: 01
SHA-1 Fingerprint: 379A197B418545350CA60369F33C2EAF474F2079
SHA-256 Fingerprint: A0234F3BC8527CA5628EEC81AD5D69895DA5680DC91D1CB8477F33F878B95B0B
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4; OU=VeriSign Trust Network, (c) 2007 VeriSign, Inc. - For authorized use only; O=VeriSign, Inc.; C=US
Certificate Serial Number: 2F80FE238C0E220F486712289187ACB3
SHA-1 Fingerprint: 22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A
SHA-256 Fingerprint: 69DDD7EA90BB57C93E135DC85EA6FCD5480B603239BDC454FC758B2A26CF7F79
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5; OU=VeriSign Trust Network, (c) 2006 VeriSign, Inc. - For authorized use only; O=VeriSign, Inc.; C=US
Certificate Serial Number: 18DAD19E267DE8BB4A2158CDCC6B3B4A
SHA-1 Fingerprint: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
SHA-256 Fingerprint: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
Depends on D79365
Differential Revision: https://phabricator.services.mozilla.com/D79366
-rw-r--r-- | lib/ckfw/builtins/certdata.txt | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/lib/ckfw/builtins/certdata.txt b/lib/ckfw/builtins/certdata.txt index fefd83d49..bdbb55e21 100644 --- a/lib/ckfw/builtins/certdata.txt +++ b/lib/ckfw/builtins/certdata.txt @@ -1568,7 +1568,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \002\003\002\064\126 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -1733,7 +1733,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \002\001\001 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -1898,7 +1898,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \002\001\001 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -5448,7 +5448,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \073\112 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -7025,7 +7025,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \017\037 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -7465,7 +7465,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \303\153 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE @@ -7803,7 +7803,7 @@ CKA_SERIAL_NUMBER MULTILINE_OCTAL \254\263 END CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE |