This is to announce the beginning of the public discussion phase of the Mozilla root CA process (see https://wiki.mozilla.org/CA/Application_Process#Process_Overview (Steps 4 through 9) to EV-enable the NetLock Arany (Class Gold) Főtanúsítvány Root CA, as outlined below.
This EV enablement request has been tracked in the CCADB and in Bugzilla as follows:
https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000488
https://bugzilla.mozilla.org/show_bug.cgi?id=1579454
Mozilla is considering approving Netlock’s request. This email begins a 3-week comment period, after which, if no concerns are raised, we will close the discussion and the request may proceed to the approval phase (Step 10).
Root Certificate Information:
https://netlock.hu/tanusitvanykiadok/#arany-class-gold-fotanusitvany
https://crt.sh/?q=6C61DAC3A2DEF031506BE036D2A6FE401994FBD13DF9C8D466599274C446EC98
https://bugzilla.mozilla.org/attachment.cgi?id=365241
CP/CPS:
Repository location: https://netlock.hu/aktualis-szabalyzatok/#english
Current Qualified CPS – Ver. 20210716 (July 16, 2021)
Current Non-Qualified CPS – Ver. 20200901 (Sept. 1, 2020)
Current Non-EIDAS CPS (DV SSL) – Ver. 20200731 (July 31, 2020)
Previous Mozilla CPS review (EV-only) - https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c9
Netlock Responses to CPS Review - https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c10
Audits and Reported Incidents:
Netlock’s auditor is Certop Informatikai Tanúsítási Szolgáltatások Kft. (https://hu.certop.com/en/). Certop last audited Netlock in September 2021. The 2021 audit may be downloaded here: https://it.certop.com/wp-content/uploads/2021/10/Certop_cert_Netlock_with_annex_english_2021_final_sign.pdf
Netlock’s Bugzilla-recorded incidents over the past year are:
Replacement of enduser certificates after the EVGL 1.7.4 self-audit (Open) |
|
CA Certificate Missing from Audit Reports (Open) |
|
Failure to revoke noncompliant ICA within 7 days (Closed) |
|
Issuance of >398-day precertificates after 2020-09-01 (Closed) |
|
Cumulative report connected to EV verification (Closed) |
|
Delayed revocation report connected to ticket 1680378 (Closed) |
This email begins a three-week public discussion period, which I’m scheduling to close on or about 2-December-2021.
A representative of Netlock must promptly respond directly in the discussion thread to all questions that are posted.
Sincerely yours,
Ben Wilson
Mozilla Root Program
This begins a 7-day “last call” period (through Dec. 9, 2021) for any final objections.
Thanks,
Ben