Public Discussion of Firmaprofesional CA Inclusion Request
Ben Wilson
All,
This email commences a six-week public discussion of Firmaprofesional’s request to include the “FIRMAPROFESIONAL CA ROOT-A WEB” as a publicly trusted root certificate in one or more CCADB Root Store Member’s program. This discussion period is scheduled to close on March 13, 2024.
The purpose of this public discussion process is to promote openness and transparency. However, each Root Store makes its inclusion decisions independently, on its own timelines, and based on its own inclusion criteria. Successful completion of this public discussion process does not guarantee any favorable action by any root store.
Anyone with concerns or questions is urged to raise them on this CCADB Public list by replying directly in this discussion thread. Likewise, a representative of the applicant must promptly respond directly in the discussion thread to all questions that are posted.
CCADB Case Number: 00001044; Bugzilla: 1785215
Organization Background Information (listed in CCADB):
CA Owner Name: Autoridad de Certificacion Firmaprofesional; Firmaprofesional S.A.
Website(s): https://www.firmaprofesional.com/
Address: Passeig de Gracia 50, 2º1º, Barcelona E-08007, Spain
Problem Reporting Mechanism(s): sop...@firmaprofesional.com
Organization Type: Firmaprofesional S.A. is a commercial entity in Spain (NIF A62634068)
Repository URL: https://www.firmaprofesional.com/certification-policies-and-practices/
Certificates Requesting Inclusion:
FIRMAPROFESIONAL CA ROOT-A WEB:
Certificate download links: (CA Repository, crt.sh)
Use cases served/EKUs:
Server Authentication 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Test websites:
Existing Publicly Trusted Root CAs from Firmaprofesional S.A.:
Autoridad de Certificacion Firmaprofesional CIF A62634068:
Certificate download links: CA Repository (most recent),
crt.sh (most recent root certificate, included in Google, Microsoft, and Mozilla)
crt.sh (prior root certificate, included in Apple, Microsoft)
Use cases served/EKUs:
Server Authentication 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Certificate Corpus (subCAs and OCSP): here (requires Censys account)
Included in: Apple, Chrome, Microsoft, Mozilla
Relevant Policy and Practices Documentation:
Firmaprofesional CPS in English, version 230413
Firmaprofesional Website Authentication Certificates CP in English, version 230616
Most Recent Self-Assessment:
https://bugzilla.mozilla.org/attachment.cgi?id=9369465 (reviewed 12/19/2023)
Audit Statements:
Auditor: DEKRA Testing and Certification, S.A.U. (accredited by ENAC)
Audit Criteria: ETSI
Date of Audit Issuance: June 1, 2023
For Period Ending: March 27, 2023
Audit Statement(s): https://www.dekra.com/media/2302-fpr-fr-aal.pdf
Incident Summary (Bugzilla incidents from previous 24 months):
Thank you,
Ben, on behalf of the CCADB Steering Committee
Ben Wilson
Ben Wilson
On January 31, 2024, we began a six-week, public discussion[1] on the request from Firmaprofesional for inclusion of this root CA certificate:
FIRMAPROFESIONAL CA ROOT-A WEB
The public discussion period ended on March 13, 2024.
We did not receive any objections or other questions or comments in opposition to Firmaprofesional’s request. We thank the community for its review and consideration during this period. Root Store Programs will make final inclusion decisions independently, on their own timelines, and based on each Root Store Member’s inclusion criteria. Further discussion may take place in the independently managed Root Store community forums (i.e., MDSP).
[1] https://groups.google.com/a/ccadb.org/g/public/c/3TXrvZC0isw/m/TMkE2rb_AAAJ