Public Discussion of LAWtrust CA Inclusion Request

[Ben Wilson]

All,

This email commences a six-week public discussion of LAWtrust’s request to include the following CA certificate as a publicly trusted root certificate in one or more CCADB Root Store Member’s program. This discussion period is scheduled to close on June 16, 2023.

The purpose of this public discussion process is to promote openness and transparency. However, each Root Store makes its inclusion decisions independently, on its own timelines, and based on its own inclusion criteria. Successful completion of this public discussion process does not guarantee any favorable action by any root store.  

Anyone with concerns or questions is urged to raise them on this CCADB Public list by replying directly in this discussion thread. Likewise, a representative of the applicant must promptly respond directly in the discussion thread to all questions that are posted.

CCADB Case Number:   # 768

Organization Background Information (listed in CCADB):

• CA Owner Name: LAWtrust (Altron)

• Website:  https://www.lawtrust.co.za/

• Address:  20 Woodlands Drive, Woodmead, Gauteng 2191  South Africa

• Problem Reporting Mechanisms:

• Email:  mpk...@lawtrust.co.za

• Organization Type: Private Corporation

• Repository URL:  https://www.lawtrust.co.za/repository

Certificate Requested for Inclusion:

LAWtrust Root CA2 (4096):

• Certificate download links: (CA Repository, crt.sh)

• Use cases served/EKUs: 

• Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4

• Client Authentication 1.3.6.1.5.5.7.3.2

• Document Signing

• Test websites: N/A

Relevant Policy and Practices Documentation: 

• https://www.lawtrust.co.za/uploads/LT_ISP_IS_CP_V018%202023-03-10.pdf

• https://www.lawtrust.co.za/uploads/LT_ISP_IS_CPS_ROOT_CA2_V04%202023-03-13.pdf

• https://www.lawtrust.co.za/uploads/LT_ISP_SecureCA01_CPS_V001%2025-04-2023.pdf 

Most Recent Self-Assessment/CPS Review:

• https://bugzilla.mozilla.org/show_bug.cgi?id=1710831#c16 (completed 4/15/2022)

Value-vs-Risk Justification:

• https://bugzilla.mozilla.org/attachment.cgi?id=9326374

Audit Statements:

• Auditor: KPMG  (enrolled through WebTrust)

• Audit Criteria: WebTrust

• Date of Audit Issuance: 3/22/2023

• For Period Ending: 12/31/2022

• Audit Statement(s):  

• Standard Audit 

Thank you,

Ben, on behalf of the CCADB Steering Committee

[Ben Wilson]

All,

This is just a reminder that the public discussion period on this root inclusion request (S/MIME) ends this Friday, June 16th.

Ben

[Ben Wilson]

On May 5, 2023, we began a six-week, public discussion[1] on the following root CA certificate issued by LAWtrust (Altron):

LAWtrust Root CA2 (4096):

• Use cases served/EKUs: 

• Secure Email (S/MIME) 1.3.6.1.5.5.7.3.4

• Client Authentication 1.3.6.1.5.5.7.3.2

• Document Signing

The public discussion period ended last Friday, June 16, 2023.

We did not receive any objections or other questions or comments in opposition to LAWtrust’s request. We thank the community for its review and consideration during this period. Root Store Programs will make final inclusion decisions independently, on their own timelines, and based on each Root Store Member’s inclusion criteria. Further discussion may take place in the independently managed Root Store community forums (i.e., MDSP).

Thanks,

Ben

[1] https://groups.google.com/a/ccadb.org/g/public/c/gk8vbpg5WHo/m/T