info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
SecureTrust
173 views
Skip to first unread message
David E. Ross
Oct 7, 2017, 3:24:13 PM10/7/17
to mozilla-dev-s...@lists.mozilla.org
Somehow, I recall there had been a problem with the SecureTrust
Corporation certification authority. It was either a problem with one
or more of the root certificates or with the way the certification
authority was operating. Can anyone refresh my memory?
--
David E. Ross
<http://www.rossde.com/>
By allowing employers to eliminate coverage for birth control
from their insurance plans, President Trump has guaranteed there
will be an increase in the demand for abortions.
Corporation certification authority. It was either a problem with one
or more of the root certificates or with the way the certification
authority was operating. Can anyone refresh my memory?
--
David E. Ross
<http://www.rossde.com/>
By allowing employers to eliminate coverage for birth control
from their insurance plans, President Trump has guaranteed there
will be an increase in the demand for abortions.
Peter Bowen
Oct 7, 2017, 4:57:23 PM10/7/17
to David E. Ross, mozilla-dev-s...@lists.mozilla.org
On Sat, Oct 7, 2017 at 12:23 PM, David E. Ross via dev-security-policy
<dev-secur...@lists.mozilla.org> wrote:
> Somehow, I recall there had been a problem with the SecureTrust
> Corporation certification authority. It was either a problem with one
> or more of the root certificates or with the way the certification
> authority was operating. Can anyone refresh my memory?
David,
<dev-secur...@lists.mozilla.org> wrote:
> Somehow, I recall there had been a problem with the SecureTrust
> Corporation certification authority. It was either a problem with one
> or more of the root certificates or with the way the certification
> authority was operating. Can anyone refresh my memory?
I can't refresh your memory directly, but I suspect this was a long time ago.
According to the CCADB, the SecureTrust roots are owned by TrustWave
and are currently ultimately controlled by the Singapore Minister for
Finance.
>From what I can find online, SecureTrust was acquired by
AmbironTrustWave in 2007.[1] AmbironTrustWave later became
TrustWave.[2] In 2015, SingTel acquired TrustWave.[3] . The SingTel
annual report states that Temasek Holdings has an interest of
approximately 52% in Singtel and that the Singapore Minister for
Finance is the owner of Temasek.[4]
Assuming it was SecureTrust that had issues, that would have been at
least 10 years ago.
Thanks,
Peter
[1] https://news.thomasnet.com/companystory/ambirontrustwave-acquires-securetrust-corporation-524708
[2] https://www.scmagazine.com/company-news-mazu-networks-names-conklin-vp-of-marketing/article/554054/
[3] http://www.eweek.com/security/singtel-completes-trustwave-acquisition-for-770-million
[4] https://www.singtel.com/content/dam/singtel/investorRelations/annualReports/2017/singtelar17-full-AR.pdf
David E. Ross
Oct 7, 2017, 8:38:23 PM10/7/17
to mozilla-dev-s...@lists.mozilla.org
about which I was thinking is covered in bugs #724942 and #724929 and
affected root certificate Trustwave SecureTrust CA. Apparently, that
root no longer exists in the NSS database and does not appear on the
"Mozilla Included CA Certificate List" Web page.
See:
<https://bugzilla.mozilla.org/show_bug.cgi?id=724929>
<https://bugzilla.mozilla.org/show_bug.cgi?id=724942>
westm...@gmail.com
Oct 8, 2017, 8:44:45 PM10/8/17
to mozilla-dev-s...@lists.mozilla.org
Hello David,
If I understand correctly, these 3 root certificates of TrustVawe were not deleted: https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReport (see bottom part)
If I understand correctly, these 3 root certificates of TrustVawe were not deleted: https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReport (see bottom part)
0 new messages