Public Discussion of Netlock's Request for EV Enablement

107 views
Skip to first unread message

Ben Wilson

unread,
Nov 11, 2021, 1:08:17 PM11/11/21
to dev-secur...@mozilla.org

This is to announce the beginning of the public discussion phase of the Mozilla root CA process (see https://wiki.mozilla.org/CA/Application_Process#Process_Overview (Steps 4 through 9) to EV-enable the NetLock Arany (Class Gold) Főtanúsítvány Root CA, as outlined below. 

This EV enablement request has been tracked in the CCADB and in Bugzilla as follows:  

https://ccadb-public.secure.force.com/mozilla/PrintViewForCase?CaseNumber=00000488

https://bugzilla.mozilla.org/show_bug.cgi?id=1579454

Mozilla is considering approving Netlock’s request. This email begins a 3-week comment period, after which, if no concerns are raised, we will close the discussion and the request may proceed to the approval phase (Step 10).

Root Certificate Information:

https://netlock.hu/tanusitvanykiadok/#arany-class-gold-fotanusitvany  

https://crt.sh/?q=6C61DAC3A2DEF031506BE036D2A6FE401994FBD13DF9C8D466599274C446EC98

https://bugzilla.mozilla.org/attachment.cgi?id=365241

 

CP/CPS:   

Repository location:  https://netlock.hu/aktualis-szabalyzatok/#english

Current Qualified CPS – Ver. 20210716 (July 16, 2021)

Current Non-Qualified CPS – Ver. 20200901 (Sept. 1, 2020)

Current Non-EIDAS CPS (DV SSL) – Ver. 20200731 (July 31, 2020)

Previous Mozilla CPS review (EV-only) - https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c9  

Netlock Responses to CPS Review - https://bugzilla.mozilla.org/show_bug.cgi?id=1579454#c10

 

Audits and Reported Incidents: 

Netlock’s auditor is Certop Informatikai Tanúsítási Szolgáltatások Kft. (https://hu.certop.com/en/).  Certop last audited Netlock in September 2021.  The 2021 audit may be downloaded here:  https://it.certop.com/wp-content/uploads/2021/10/Certop_cert_Netlock_with_annex_english_2021_final_sign.pdf

Netlock’s Bugzilla-recorded incidents over the past year are:

1680378

Replacement of enduser certificates after the EVGL 1.7.4 self-audit (Open)

1716874

CA Certificate Missing from Audit Reports (Open)

1656882

Failure to revoke noncompliant ICA within 7 days (Closed)

1676367

Issuance of >398-day precertificates after 2020-09-01 (Closed)

1676440

Cumulative report connected to EV verification (Closed)

1688844

Delayed revocation report connected to ticket 1680378 (Closed)

 

This email begins a three-week public discussion period, which I’m scheduling to close on or about 2-December-2021.

A representative of Netlock must promptly respond directly in the discussion thread to all questions that are posted.

 

Sincerely yours,

Ben Wilson

Mozilla Root Program

Ben Wilson

unread,
Dec 2, 2021, 4:57:32 PM12/2/21
to dev-secur...@mozilla.org
All,

The public discussion period has ended for this EV-enablement request.  We have received no negative comments. There does not appear any action item for Netlock to complete in order to move this request forward. This is notice that I am closing the public discussion period [Step 9 of the Application Process] and that it is Mozilla’s intent to approve the inclusion request [Step 10].

This begins a 7-day “last call” period (through Dec. 9, 2021) for any final objections.

Thanks,

Ben


Reply all
Reply to author
Forward
0 new messages