All,
This email commences a six-week public discussion of TrustAsia’s request to include the following certificates as publicly trusted root certificates in one or more CCADB Root Store Member’s program. This discussion period is scheduled to close on August 16, 2023.
The purpose of this public discussion process is to promote openness and transparency. However, each Root Store makes its inclusion decisions independently, on its own timelines, and based on its own inclusion criteria. Successful completion of this public discussion process does not guarantee any favorable action by any root store.
Anyone with concerns or questions is urged to raise them on this CCADB Public list by replying directly in this discussion thread. Likewise, a representative of the applicant must promptly respond directly in the discussion thread to all questions that are posted.
CCADB Case Number: 00000921; Bugzilla: 1688854
Organization Background Information (listed in CCADB):
CA Owner Name: TrustAsia Technologies, Inc.
Website: https://www.trustasia.com/
Address: 3201 Building B. New Caohejing International Business Center, 391 Guiping Rd, Shanghai, 200233 China
Problem Reporting Mechanism(s): rev...@trustasia.com
Organization Type: Private Corporation
Repository URL: https://repository.trustasia.com/
Certificates Requesting Inclusion:
TrustAsia Global Root CA G3 (4096-bit RSA):
Certificate download links: (CA Repository, crt.sh)
Use cases served/EKUs:
Server Authentication (TLS) 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Code Signing 1.3.6.1.5.5.7.3.3
Document Signing 1.3.6.1.4.1.311.10.3.12, 1.2.840.113583.1.1.5
Secure Email 1.3.6.1.5.5.7.3.4
Timestamping 1.3.6.1.5.5.7.3.8
Test websites:
TrustAsia Global Root CA G4 (384-bit ECDSA):
Certificate download links: (CA Repository, crt.sh)
Use cases served/EKUs:
Server Authentication (TLS) 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Code Signing 1.3.6.1.5.5.7.3.3
Document Signing 1.3.6.1.4.1.311.10.3.12, 1.2.840.113583.1.1.5
Secure Email 1.3.6.1.5.5.7.3.4
Timestamping 1.3.6.1.5.5.7.3.8
Test websites:
Relevant Policy and Practices Documentation:
The following applies to both applicant root CAs:
Most Recent Self-Assessment:
The following applies to both applicant root CAs:
https://bugzilla.mozilla.org/attachment.cgi?id=9308645 (completed 12/16/2022)
Audit Statements:
Auditor: Anthony KAM and associates ltd. (enrolled through WebTrust)
Audit Criteria: WebTrust
Date of Audit Issuance: 10/17/2022
For Period Ending: 7/31/2022
Audit Statement(s):
Risk-vs-Value Justification:
Thank you,
Ben Wilson, on behalf of the CCADB Steering Committee
Greetings,
On July 5, 2023, we began a six-week, public discussion[1] on the following root CA certificates issued by TrustAsia:
Use cases served/EKUs:
Server Authentication (TLS) 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Code Signing 1.3.6.1.5.5.7.3.3
Document Signing 1.3.6.1.4.1.311.10.3.12, 1.2.840.113583.1.1.5
Secure Email 1.3.6.1.5.5.7.3.4
Timestamping 1.3.6.1.5.5.7.3.8
Use cases served/EKUs:
Server Authentication (TLS) 1.3.6.1.5.5.7.3.1
Client Authentication 1.3.6.1.5.5.7.3.2
Code Signing 1.3.6.1.5.5.7.3.3
Document Signing 1.3.6.1.4.1.311.10.3.12, 1.2.840.113583.1.1.5
Secure Email 1.3.6.1.5.5.7.3.4
Timestamping 1.3.6.1.5.5.7.3.8
The public discussion period ended yesterday, August 16, 2023.
We did not receive any objections or other questions or comments in opposition to TrustAsia’s request. We thank the community for its review and consideration during this period. Root Store Programs will make final inclusion decisions independently, on their own timelines, and based on each Root Store Member’s inclusion criteria. Further discussion may take place in the independently managed Root Store community forums (i.e., MDSP).
[1] https://groups.google.com/a/ccadb.org/g/public/c/KHaSShYA-eY/m/toe8FHpnAwAJ
Thank you,
Ben Wilson, on behalf of the CCADB Steering Committee