Audit Reminder Email Summary

Kathleen Wilson

unread,

Nov 15, 2016, 3:08:52 PM11/15/16

to mozilla-dev-s...@lists.mozilla.org

Here's a summary of the audit reminder emails that were sent today.

The following is now automatically generated when the audit reminder emails get sent.

-------- Forwarded Message --------
Subject: Summary of November 2016 Audit Reminder Emails
Date: Tue, 15 Nov 2016 20:00:42 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987&file=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988&file=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
EE Certification Centre Root CA
Standard Audit: http://www.sk.ee/en/repository/audit/
Audit Statement Date: 2015-10-30
BR Audit: https://www.sk.ee/upload/files/53_Audit%20Attestation%202015.pdf
BR Audit Statement Date: 2015-10-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
CA Disig Root R1
CA Disig Root R2
Standard Audit: http://www.disig.eu/_pdf/Audit2015_report.pdf
Audit Statement Date: 2015-10-28
BR Audit: http://www.disig.eu/_pdf/Audit2015_report.pdf
BR Audit Statement Date: 2015-10-28
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:
Root CA Generalitat Valenciana
Standard Audit: https://cert.webtrust.org/SealFile?seal=1908&file=pdf
Audit Statement Date: 2015-07-17
BR Audit: https://cert.webtrust.org/SealFile?seal=1908&file=pdf
BR Audit Statement Date: 2015-07-17
CA Comments: Per CA request, Root CA Generalitat Valenciana will be removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Overdue Audit Statements
Root Certificates:
Class 2 Primary CA
Standard Audit: http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
Audit Statement Date: 2015-04-09
BR Audit: https://bug1025095.bugzilla.mozilla.org/attachment.cgi?id=8590352
BR Audit Statement Date: 2015-04-09
EV Audit: http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
EV Audit Statement Date: 2015-04-09
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did not find reference to "Class 2 Primary CA" in the 2016 audit statements. Update: Audit of Class 2 Primary CA completed mid-October. Waiting for auditor to write attestation letter.

____

Mozilla: Audit Reminder
Root Certificates:
Secure Global CA
SecureTrust CA
XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=1951&file=pdf
Audit Statement Date: 2015-11-16
BR Audit: https://cert.webtrust.org/SealFile?seal=1954&file=pdf
BR Audit Statement Date: 2015-11-16
EV Audit: https://cert.webtrust.org/SealFile?seal=1952&file=pdf
EV Audit Statement Date: 2015-11-16
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
CFCA EV ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=1944&file=pdf
Audit Statement Date: 2015-10-16
BR Audit: https://cert.webtrust.org/SealFile?seal=1946&file=pdf
BR Audit Statement Date: 2015-10-16
EV Audit: https://cert.webtrust.org/SealFile?seal=1945&file=pdf
EV Audit Statement Date: 2015-10-16
CA Comments: null

____

Kathleen Wilson

unread,

Dec 20, 2016, 3:48:43 PM12/20/16

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of December 2016 Audit Reminder Emails
Date: Tue, 20 Dec 2016 20:00:30 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987&file=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988&file=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
EE Certification Centre Root CA
Standard Audit: http://www.sk.ee/en/repository/audit/
Audit Statement Date: 2015-10-30
BR Audit: https://www.sk.ee/upload/files/53_Audit%20Attestation%202015.pdf
BR Audit Statement Date: 2015-10-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Cybertrust Global Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1971&file=pdf
Audit Statement Date: 2016-01-06
BR Audit: https://cert.webtrust.org/SealFile?seal=2016&file=pdf
BR Audit Statement Date: 2016-03-18
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8778393 and https://cert.webtrust.org/SealFile?seal=1969&file=pdf
EV Audit Statement Date: 2016-01-06

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
TÜB?TAK UEKAE Kök Sertifika Hizmet Sa?lay?c?s? - Sürüm 3
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8738994
Audit Statement Date: 2015-12-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8738994
BR Audit Statement Date: 2015-12-28

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Microsec e-Szigno Root CA
Microsec e-Szigno Root CA 2009
Standard Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
Audit Statement Date: 2016-01-12
BR Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
BR Audit Statement Date: 2016-01-12

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5
TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H6
TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? 2007
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
Audit Statement Date: 2015-12-16
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
BR Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
BR Audit Statement Date: 2015-12-16
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
EV Audit Statement Date: 2015-12-16
EV Audit:
EV Audit Statement Date:

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

WellsSecure Public Root Certificate Authority
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8710093
Audit Statement Date: 2015-12-21
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8710092
BR Audit Statement Date: 2015-12-21

Kathleen Wilson

unread,

Jan 17, 2017, 3:17:27 PM1/17/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of January 2017 Audit Reminder Emails
Date: Tue, 17 Jan 2017 20:02:07 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987&file=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988&file=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certigna
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8722744
Audit Statement Date: 2016-02-15
BR Audit: http://www.lsti-certification.fr/images/liste_entreprise/Liste%20PSCe.pdf
BR Audit Statement Date: 2016-02-15

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

certSIGN ROOT CA
Standard Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
Audit Statement Date: 2016-02-08
BR Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
BR Audit Statement Date: 2016-02-08

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

D-TRUST Root Class 3 CA 2 2009
D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit: https://www.tuvit.de/en/zertifizierungssuchergebnisseite-1852.htm?group=SystemsInfrastructures&type=ETSITS&search-term=D-TRUST
Audit Statement Date: 2016-01-20
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
BR Audit Statement Date: 2016-01-20
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
EV Audit Statement Date: 2016-01-20

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Microsec e-Szigno Root CA
Microsec e-Szigno Root CA 2009
Standard Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
Audit Statement Date: 2016-01-12
BR Audit: http://static.e-szigno.hu/docs/NMHH_supervision_2015.pdf
BR Audit Statement Date: 2016-01-12
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TWCA Global Root CA
TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=1981&file=pdf
Audit Statement Date: 2016-02-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1985&file=pdf
BR Audit Statement Date: 2016-02-15
EV Audit: https://cert.webtrust.org/SealFile?seal=1986&file=pdf
EV Audit Statement Date: 2016-02-15

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582

BR Audit Statement Date: 2016-02-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5
TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H6
TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? 2007
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
Audit Statement Date: 2015-12-16
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
Audit Statement Date: 2015-12-16
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6749UE_s.pdf
BR Audit Statement Date: 2015-12-16

EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6745UE_s.pdf
EV Audit Statement Date: 2015-12-16

CA Comments: null

____

Kathleen Wilson

unread,

Feb 23, 2017, 9:14:28 AM2/23/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of February 2017 Audit Reminder Emails
Date: Tue, 21 Feb 2017 20:00:51 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=1987&file=pdf
Audit Statement Date: 2015-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=1988&file=pdf
BR Audit Statement Date: 2015-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G3
Staat der Nederlanden Root CA - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2010&file=pdf
Audit Statement Date: 2016-03-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2010&file=pdf
BR Audit Statement Date: 2016-03-02
EV Audit: https://cert.webtrust.org/SealFile?seal=2010&file=pdf
EV Audit Statement Date: 2016-03-02

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2018&file=pdf
Audit Statement Date: 2016-03-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2018&file=pdf

BR Audit Statement Date: 2016-03-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
certSIGN ROOT CA
Standard Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
Audit Statement Date: 2016-02-08
BR Audit: https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA.pdf
BR Audit Statement Date: 2016-02-08
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Cybertrust Global Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=2165&file=pdf
Audit Statement Date: 2016-10-24

BR Audit: https://cert.webtrust.org/SealFile?seal=2016&file=pdf
BR Audit Statement Date: 2016-03-18

EV Audit: https://cert.webtrust.org/SealFile?seal=2166&file=pdf
EV Audit Statement Date: 2016-10-24

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
D-TRUST Root Class 3 CA 2 2009
D-TRUST Root Class 3 CA 2 EV 2009

Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
Audit Statement Date: 2016-01-20
Standard Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf

Audit Statement Date: 2016-01-20
BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6765UE_s.pdf
BR Audit Statement Date: 2016-01-20

BR Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf

BR Audit Statement Date: 2016-01-20
EV Audit: https://www.tuvit.de/data/content_data/tuevit_en/6766UE_s.pdf
EV Audit Statement Date: 2016-01-20
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACEDICOM Root
Standard Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
Audit Statement Date: 2015-11-03
BR Audit: https://cert.webtrust.org/SealFile?seal=1958&file=pdf
BR Audit Statement Date: 2015-11-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Hongkong Post Root CA 1
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8732899
Audit Statement Date: 2016-02-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8746166
BR Audit Statement Date: 2016-03-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

StartCom Certification Authority
StartCom Certification Authority
StartCom Certification Authority G2
Standard Audit: https://www.startssl.com/ey-webtrust.pdf
Audit Statement Date: 2016-03-18
BR Audit: https://www.startssl.com/ey-webtrust-br.pdf

BR Audit Statement Date: 2016-03-18

EV Audit: https://www.startssl.com/ey-webtrust-ev.pdf
EV Audit Statement Date: 2016-03-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Gold CA - G2
SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
Audit Statement Date: 2016-03-18
BR Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268

BR Audit Statement Date: 2016-03-18

EV Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
EV Audit Statement Date: 2016-03-18

CA WoSign ECC Root
Certification Authority of WoSign G2
CA ?????
Certification Authority of WoSign
Standard Audit: https://cert.webtrust.org/SealFile?seal=2014&file=pdf
Audit Statement Date: 2016-02-29
BR Audit: https://cert.webtrust.org/SealFile?seal=2019&file=pdf
BR Audit Statement Date: 2016-03-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2023&file=pdf
EV Audit Statement Date: 2016-02-29

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Amazon Root CA 3
Amazon Root CA 2
Starfield Services Root Certificate Authority - G2
Amazon Root CA 1
Amazon Root CA 4
Standard Audit: https://cert.webtrust.org/SealFile?seal=1998&file=pdf
Audit Statement Date: 2016-02-24
BR Audit: https://cert.webtrust.org/SealFile?seal=1999&file=pdf
BR Audit Statement Date: 2016-02-24
EV Audit: https://cert.webtrust.org/SealFile?seal=2000&file=pdf
EV Audit Statement Date: 2016-02-24
CA Comments: null

____

Kathleen Wilson

unread,

Mar 21, 2017, 5:17:58 PM3/21/17

to mozilla-dev-s...@lists.mozilla.org

Here's a summary of the audit reminder email that was sent today.

Note that the email now tells CAs to provide their annual updates via the Common CA Database, as follows.

"Please provide your annual updates via the Common CA Database (CCADB), as described here:
https://wiki.mozilla.org/CA:CommonCADatabase#Updating_Audit_Information
"

Also note that for root certificates with the Websites trust bit enabled, the annual updates must include:
1) Current audit statements
2) Update CP/CPS documents*
3) Test websites (valid, revoked, expired)**

* Section 2 of the BRs: The CA SHALL develop, implement, enforce, and *annually update* a Certificate Policy and/or Certification Practice Statement that describes in detail how the CA implements the latest version of these Requirements.

** Section 2.2 of the BRs: The CA SHALL host test Web pages that allow Application Software Suppliers to test their software with Subscriber Certificates that chain up to each publicly trusted Root Certificate. At a minimum, the *CA SHALL host separate Web pages using Subscriber Certificates that are (i) valid, (ii) revoked, and (iii) expired.*

-------- Forwarded Message --------
Subject: Summary of March 2017 Audit Reminder Emails
Date: Tue, 21 Mar 2017 19:03:58 +0000 (GMT)
From: Mozilla CA Program Manager

Mozilla: Audit Reminder
Root Certificates:
SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2018&file=pdf
Audit Statement Date: 2016-03-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2018&file=pdf
BR Audit Statement Date: 2016-03-18
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being presented to the auditors. Primary issues are use of UTF8 instead of PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish law that required privat

____

Mozilla: Audit Reminder
Root Certificates:

Buypass Class 2 Root CA
Buypass Class 3 Root CA
Standard Audit: http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
Audit Statement Date: 2016-03-23
BR Audit: http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
BR Audit Statement Date: 2016-03-23
EV Audit: http://www.buypass.no/om-buypass/etsi-102-042/_attachment/33325?_download=true&_ts=14bc532b650
EV Audit Statement Date: 2016-03-23

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Cybertrust Global Root

DigiCert Assured ID Root G2
DigiCert Assured ID Root G3
DigiCert Global Root G2
DigiCert Global Root G3
DigiCert High Assurance EV Root CA
DigiCert Trusted Root G4

Standard Audit: https://cert.webtrust.org/SealFile?seal=2165&file=pdf
Audit Statement Date: 2016-10-24

Standard Audit: https://cert.webtrust.org/SealFile?seal=2020&file=pdf
Audit Statement Date: 2016-06-27

BR Audit: https://cert.webtrust.org/SealFile?seal=2016&file=pdf
BR Audit Statement Date: 2016-03-18

BR Audit: https://cert.webtrust.org/SealFile?seal=2021&file=pdf
BR Audit Statement Date: 2016-06-27

EV Audit: https://cert.webtrust.org/SealFile?seal=2166&file=pdf
EV Audit Statement Date: 2016-10-24

EV Audit: https://cert.webtrust.org/SealFile?seal=2022&file=pdf
EV Audit Statement Date: 2016-04-07

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Hongkong Post Root CA 1
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8732899
Audit Statement Date: 2016-02-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8746166
BR Audit Statement Date: 2016-03-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3
QuoVadis Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2013&file=pdf
Audit Statement Date: 2016-03-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2011&file=pdf
BR Audit Statement Date: 2016-03-28
EV Audit: https://cert.webtrust.org/SealFile?seal=2012&file=pdf
EV Audit Statement Date: 2016-03-28
CA Comments: https://www.wisekey.com/investors_press-release/wisekey-sixwihn-signs-letter-of-intent-to-acquire-quovadis-consolidating-certification-authority-power-for-eidas-and-iot

____

Mozilla: Audit Reminder
Root Certificates:
SwissSign Gold CA - G2
SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
Audit Statement Date: 2016-03-18
BR Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
BR Audit Statement Date: 2016-03-18
EV Audit: https://bug343756.bmoattachments.org/attachment.cgi?id=8781268
EV Audit Statement Date: 2016-03-18
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
BR Audit Statement Date: 2016-02-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Kathleen Wilson

unread,

Apr 18, 2017, 3:22:27 PM4/18/17

to mozilla-dev-s...@lists.mozilla.org

Below is a summary of the audit reminder email that was sent today.

CA annual updates and audit statements should be provided via the CCADB, as described here:
https://wiki.mozilla.org/CA:CommonCADatabase#How_To_Provide_Annual_Updates

Please note that I have not caught up from my vacation, and there are Audit Cases in the CCADB for me to review, which means that some of these CAs may have already provided their audit statements, but I have not gotten to them yet.

-------- Forwarded Message --------
Subject: Summary of April 2017 Audit Reminder Emails
Date: Tue, 18 Apr 2017 19:10:50 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

Symantec Class 1 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G6
Symantec Class 1 Public Primary Certification Authority - G6
Standard Audit: https://www.symantec.com/content/en/us/about/media/repository/1_symantec_stn_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13

ComSign CA
ComSign Secured CA
Standard Audit: https://bug1269275.bmoattachments.org/attachment.cgi?id=8778667
Audit Statement Date: 2016-04-26

GeoTrust Global CA
GeoTrust Global CA 2
GeoTrust Primary Certification Authority
GeoTrust Primary Certification Authority - G2
GeoTrust Primary Certification Authority - G3
GeoTrust Universal CA
GeoTrust Universal CA 2
Standard Audit: https://www.symantec.com/content/en/us/about/media/repository/3_symantec_geotrust_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13
BR Audit: https://www.symantec.com/content/en/us/about/media/repository/6_symantec_geotrust_wtbr_6-15-2016.pdf
BR Audit Statement Date: 2016-05-13
EV Audit: https://www.symantec.com/content/en/us/about/media/repository/9_symantec_geotrust_wtev_6-15-2016.pdf
EV Audit Statement Date: 2016-05-13

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

thawte Primary Root CA
thawte Primary Root CA - G2
thawte Primary Root CA - G3
Standard Audit: https://www.symantec.com/content/en/us/about/media/repository/2_symantec_thawte_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13
BR Audit: https://www.symantec.com/content/en/us/about/media/repository/5_symantec_thawte_wtbr_6-15-2016.pdf
BR Audit Statement Date: 2016-05-13
EV Audit: https://www.symantec.com/content/en/us/about/media/repository/8_symantec_thawte_wtev_6-15-2016.pdf
EV Audit Statement Date: 2016-05-13

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

VeriSign Class 1 Public PCA - G3
VeriSign Class 2 Public PCA - G3
VeriSign Class 3 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G4
VeriSign Class 3 Public Primary Certification Authority - G5
VeriSign Universal Root Certification Authority
Standard Audit: https://www.symantec.com/content/en/us/about/media/repository/1_symantec_stn_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13
BR Audit:
BR Audit Statement Date:
BR Audit: https://www.symantec.com/content/en/us/about/media/repository/4_symantec_stn_wtbr_6-15-2016.pdf
BR Audit Statement Date: 2016-05-13
EV Audit: https://www.symantec.com/content/en/us/about/media/repository/7_symantec_stn_wtev_6-15-2016.pdf
EV Audit Statement Date: 2016-05-13

Kathleen Wilson

unread,

May 16, 2017, 10:07:31 PM5/16/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of May 2017 Audit Reminder Emails
Date: Tue, 16 May 2017 19:00:29 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

COMODO RSA Certification Authority
USERTrust ECC Certification Authority
AAA Certificate Services
AddTrust Class 1 CA Root
AddTrust External CA Root
AddTrust Public CA Root
AddTrust Qualified CA Root
COMODO Certification Authority
COMODO ECC Certification Authority
Secure Certificate Services
Trusted Certificate Services
UTN-USERFirst-Client Authentication and Email
UTN-USERFirst-Hardware
UTN-USERFirst-Object
USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2058&file=pdf
Audit Statement Date: 2016-06-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2060&file=pdf
BR Audit Statement Date: 2016-06-03

BR Audit:
BR Audit Statement Date:

EV Audit: https://cert.webtrust.org/SealFile?seal=2059&file=pdf
EV Audit Statement Date: 2016-06-03

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ComSign CA
ComSign Secured CA
Standard Audit: https://bug1269275.bmoattachments.org/attachment.cgi?id=8778667
Audit Statement Date: 2016-04-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

EC-ACC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2043&file=pdf
Audit Statement Date: 2016-05-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815404
BR Audit Statement Date: 2016-05-30
CA Comments: Per CA: ETSI-EIDAS audits to be released by the 1st of June 2017.

____

Mozilla: Audit Reminder
Root Certificates:

S-TRUST Universal Root CA
TC TrustCenter Class 3 CA II
Standard Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6778UE_s.pdf
Audit Statement Date: 2016-05-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Entrust Root Certification Authority - EC1
Entrust Root Certification Authority - G2
Entrust Root Certification Authority
Entrust.net Certification Authority (2048)
Standard Audit: https://cert.webtrust.org/SealFile?seal=328&file=pdf
Audit Statement Date: 2016-05-18
BR Audit: https://www.entrust.com/wp-content/uploads/2016/06/2104-01-WebTrust-for-CA-SSL-Baseline-with-Network-Security-Report-002.pdf
BR Audit Statement Date: 2016-05-18
EV Audit: https://cert.webtrust.org/SealFile?seal=328&file=pdf
EV Audit Statement Date: 2016-05-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign ECC Root CA - R5
GlobalSign Root CA - R3
GlobalSign Root CA
GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being treated as root during transition
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
EV Audit Statement Date: 2016-06-10

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GeoTrust Global CA 2

Standard Audit: https://www.symantec.com/content/en/us/about/media/repository/3_symantec_geotrust_wtca_6-15-2016.pdf
Audit Statement Date: 2016-05-13
BR Audit: https://www.symantec.com/content/en/us/about/media/repository/6_symantec_geotrust_wtbr_6-15-2016.pdf
BR Audit Statement Date: 2016-05-13

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Trustis Limited - Trustis FPS Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
Audit Statement Date: 2016-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8745582
BR Audit Statement Date: 2016-02-03

CA Comments: 2017 audit submitted via CCADB Audit Case is under review

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2064&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2066&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2065&file=pdf
EV Audit Statement Date: 2016-06-10

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

FNMT-RCM - SHA256
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8766584
Audit Statement Date: 2016-05-18
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8766583
BR Audit Statement Date: 2016-05-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign ECC Root CA - R4
GlobalSign Root CA - R2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Kathleen Wilson

unread,

Jun 20, 2017, 3:20:35 PM6/20/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of June 2017 Audit Reminder Emails
Date: Tue, 20 Jun 2017 19:00:06 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

Atos TrustedRoot 2011
Standard Audit: https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2&aoemydqs%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d&aoemydqs%5Baction%5D=downloadDocument&cHash=9653a97e7fec91c2194d
Audit Statement Date: 2016-07-11
BR Audit: https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-27B09FD368FD11E6BE26005056BA67F7-_v2&aoemydqs%5BdownloadKey%5D=615a9f0920a27ede37762410735c2deadd67547d&aoemydqs%5Baction%5D=downloadDocument&cHash=9653a97e7fec91c2194d
BR Audit Statement Date: 2016-07-11

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05

CA Comments: BR and EV audits have happened, but there are action plans being presented to the auditors. Primary issues are use of UTF8 instead of PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish law that required privat

____

Mozilla: Audit Reminder
Root Certificates:

Chambers of Commerce Root
Chambers of Commerce Root - 2008
Global Chambersign Root
Global Chambersign Root - 2008
Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807

BR Audit Statement Date: 2016-08-05

EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811

EC-ACC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2043&file=pdf
Audit Statement Date: 2016-05-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815404
BR Audit Statement Date: 2016-05-30
CA Comments: Per CA: ETSI-EIDAS audits to be released by the 1st of June 2017.

____

Mozilla: Audit Reminder
Root Certificates:

AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium
AffirmTrust Premium ECC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2115&file=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://cert.webtrust.org/SealFile?seal=2116&file=pdf
BR Audit Statement Date: 2016-06-30
EV Audit: https://cert.webtrust.org/SealFile?seal=2093&file=pdf
EV Audit Statement Date: 2016-06-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
GlobalSign ECC Root CA - R5
GlobalSign Root CA - R3
GlobalSign Root CA
GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being treated as root during transition
Standard Audit: https://cert.webtrust.org/SealFile?seal=2056&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2050&file=pdf
Audit Statement Date: 2016-06-29
BR Audit: https://cert.webtrust.org/SealFile?seal=2051&file=pdf
BR Audit Statement Date: 2016-06-29

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Hellenic Academic and Research Institutions RootCA 2011
Hellenic Academic and Research Institutions ECC RootCA 2015
Hellenic Academic and Research Institutions RootCA 2015
Standard Audit: http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
Audit Statement Date: 2016-07-08
BR Audit: http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
BR Audit Statement Date: 2016-07-08

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Sonera Class2 CA
TeliaSonera
Standard Audit: https://cert.webtrust.org/SealFile?seal=2061&file=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8774542
BR Audit Statement Date: 2016-06-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Deutsche Telekom Root CA 2
T-TeleSec GlobalRoot Class 2
T-TeleSec GlobalRoot Class 3
Standard Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6763UD_s.pdf
Audit Statement Date: 2016-06-17
Standard Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6761UD_s.pdf
Audit Statement Date: 2016-06-17
BR Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6763UD_s.pdf
BR Audit Statement Date: 2016-06-17
BR Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6761UD_s.pdf
BR Audit Statement Date: 2016-06-17
EV Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6761UD_s.pdf
EV Audit Statement Date: 2016-06-17

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2064&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2066&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2065&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

OISTE WISeKey Global Root GB CA
OISTE WISeKey Global Root GA CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2071&file=pdf
Audit Statement Date: 2016-07-04
BR Audit: https://cert.webtrust.org/SealFile?seal=2078&file=pdf
BR Audit Statement Date: 2016-07-04
EV Audit: https://cert.webtrust.org/SealFile?seal=2079&file=pdf
EV Audit Statement Date: 2016-07-04
CA Comments: null

____

Kathleen Wilson

unread,

Jul 18, 2017, 3:22:03 PM7/18/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of July 2017 Audit Reminder Emails
Date: Tue, 18 Jul 2017 19:00:05 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

LuxTrust Global Root 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
Audit Statement Date: 2016-07-26
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
BR Audit Statement Date: 2016-07-26
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8777887
EV Audit Statement Date: 2016-07-26

COMODO RSA Certification Authority**
USERTrust ECC Certification Authority**
AAA Certificate Services**
AddTrust External CA Root**
COMODO Certification Authority**
COMODO ECC Certification Authority**
UTN-USERFirst-Client Authentication and Email**
USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root certificate.

Hellenic Academic and Research Institutions ECC RootCA 2015
Hellenic Academic and Research Institutions RootCA 2015
Standard Audit: http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
Audit Statement Date: 2016-07-08
BR Audit: http://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_REV1.pdf
BR Audit Statement Date: 2016-07-08
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Izenpe.com
Standard Audit: https://bug361957.bmoattachments.org/attachment.cgi?id=8775763
Audit Statement Date: 2016-07-22
BR Audit: https://bug361957.bmoattachments.org/attachment.cgi?id=8775763
BR Audit Statement Date: 2016-07-22
EV Audit: https://bug361957.bmoattachments.org/attachment.cgi?id=8775763
EV Audit Statement Date: 2016-07-22

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

PSCProcert
Standard Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
Audit Statement Date: 2016-08-02
BR Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
BR Audit Statement Date: 2016-08-02

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Swisscom Root CA 2
Standard Audit: https://bug1015839.bmoattachments.org/attachment.cgi?id=8781165
Audit Statement Date: 2016-08-15
BR Audit: https://bug1015839.bmoattachments.org/attachment.cgi?id=8781165
BR Audit Statement Date: 2016-08-15

Network Solutions Certificate Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2108&file=pdf
Audit Statement Date: 2016-08-05
BR Audit: https://cert.webtrust.org/SealFile?seal=2111&file=pdf

BR Audit Statement Date: 2016-08-05

EV Audit: https://cert.webtrust.org/SealFile?seal=2110&file=pdf

EV Audit Statement Date: 2016-08-05
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Kathleen Wilson

unread,

Aug 15, 2017, 4:06:40 PM8/15/17

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of August 2017 Audit Reminder Emails
Date: Tue, 15 Aug 2017 19:00:07 +0000 (GMT)

Mozilla: Overdue Audit Statements

Certinomis - Root CA
Certinomis - Autorité Racine
Standard Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
Audit Statement Date: 2016-08-23
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
BR Audit Statement Date: 2016-08-23

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium
AffirmTrust Premium ECC
Standard Audit: https://cert.webtrust.org/SealFile?seal=2115&file=pdf
Audit Statement Date: 2016-06-30
BR Audit: https://cert.webtrust.org/SealFile?seal=2116&file=pdf
BR Audit Statement Date: 2016-06-30
EV Audit: https://cert.webtrust.org/SealFile?seal=2093&file=pdf
EV Audit Statement Date: 2016-06-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

E-Tugra Certification Authority
Standard Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
Audit Statement Date: 2016-09-09
BR Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
BR Audit Statement Date: 2016-09-09
EV Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
EV Audit Statement Date: 2016-09-09

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign ECC Root CA - R5**
GlobalSign Root CA - R3**
GlobalSign Root CA**
GlobalSign Extended Validation CA - SHA256 - G2 - intermediate cert being treated as root during transition**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2056&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2054&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Go Daddy Class 2 CA
Go Daddy Root Certificate Authority - G2
Starfield Class 2 CA
Starfield Root Certificate Authority - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2170&file=pdf
Audit Statement Date: 2016-08-17
BR Audit: https://cert.webtrust.org/SealFile?seal=2171&file=pdf
BR Audit Statement Date: 2016-08-17

CA Comments: Per CA request, Root CA Generalitat Valenciana will be removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
Root Certificates:

IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST ACES CA X6
DST Root CA X3
Standard Audit: https://cert.webtrust.org/SealFile?seal=2107&file=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106&file=pdf
BR Audit Statement Date: 2016-08-19

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

OpenTrust Root CA G1
OpenTrust Root CA G2
Certplus Root CA G1
OpenTrust Root CA G3
Certplus Root CA G2
Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did not find reference to "Class 2 Primary CA" in the 2016 audit statements. Update: Audit of Class 2 Primary CA completed mid-October. Waiting for auditor to write attestation letter.

____

Mozilla: Audit Reminder
Root Certificates:
PSCProcert
Standard Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
Audit Statement Date: 2016-08-02
BR Audit: https://bug593805.bmoattachments.org/attachment.cgi?id=8795484
BR Audit Statement Date: 2016-08-02
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Security Communication EV RootCA1
SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
Audit Statement Date: 2016-08-22
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
BR Audit Statement Date: 2016-08-22
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
EV Audit Statement Date: 2016-08-22

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Swisscom Root CA 2
Standard Audit: https://bug1015839.bmoattachments.org/attachment.cgi?id=8781165
Audit Statement Date: 2016-08-15

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

T-TeleSec GlobalRoot Class 3
Standard Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/Browser_Audit_Attestation_2017_V2.2_s.pdf
Audit Statement Date: 2017-06-30

BR Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/6761UD_s.pdf
BR Audit Statement Date: 2016-06-17

EV Audit: https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf
EV Audit Statement Date: 2017-07-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2**
Certum CA**
Certum Trusted Network CA**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2064&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2066&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2065&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Visa eCommerce Root
Standard Audit: https://bug1301210.bmoattachments.org/attachment.cgi?id=8789076
Audit Statement Date: 2016-08-23
BR Audit: https://bug1301210.bmoattachments.org/attachment.cgi?id=8795503
BR Audit Statement Date: 2016-09-16

Kathleen Wilson

unread,

Sep 19, 2017, 7:09:25 PM9/19/17

to mozilla-dev-s...@lists.mozilla.org

AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
Audit Statement Date: 2016-09-15

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certinomis - Root CA**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
Audit Statement Date: 2016-08-23
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8784555
BR Audit Statement Date: 2016-08-23
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

E-Tugra Certification Authority
Standard Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
Audit Statement Date: 2016-09-09
BR Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
BR Audit Statement Date: 2016-09-09
EV Audit: https://bug877744.bmoattachments.org/attachment.cgi?id=8792625
EV Audit Statement Date: 2016-09-09
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
GlobalSign ECC Root CA - R5

Standard Audit: https://cert.webtrust.org/SealFile?seal=2287&file=pdf
Audit Statement Date: 2017-07-26
BR Audit: https://bug1388488.bmoattachments.org/attachment.cgi?id=8895040
BR Audit Statement Date: 2017-07-26

EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Go Daddy Class 2 CA**
Go Daddy Root Certificate Authority - G2**
Starfield Class 2 CA**
Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST ACES CA X6
DST Root CA X3
Standard Audit: https://cert.webtrust.org/SealFile?seal=2107&file=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106&file=pdf
BR Audit Statement Date: 2016-08-19
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
OpenTrust Root CA G1
OpenTrust Root CA G2
Certplus Root CA G1
OpenTrust Root CA G3
Certplus Root CA G2
Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2**

Kurt Roeckx

unread,

Sep 20, 2017, 9:34:04 AM9/20/17

to mozilla-dev-s...@lists.mozilla.org

On 2017-09-20 01:09, Kathleen Wilson wrote:
> -------- Forwarded Message --------
> Subject: Summary of September 2017 Audit Reminder Emails
> Date: Tue, 19 Sep 2017 19:00:08 +0000 (GMT)
>
> Mozilla: Overdue Audit Statements
> Root Certificates:
> Autoridad de Certificacion Firmaprofesional CIF A62634068
> Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
> Audit Statement Date: 2016-04-11
> BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
> BR Audit Statement Date: 2016-08-05
> EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
> EV Audit Statement Date: 2016-08-05
> CA Comments: BR and EV audits have happened, but there are action plans being presented to the auditors. Primary issues are use of UTF8 instead of PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish law that required privat

Does that mean the standard audit did not happen? The currently linked
one covered the period 2015-03-10 to 2016-03-09. The next period of 1
year is now over for more than 6 months.

If the audits happened, why don't we have the audit statement yet?

> Mozilla: Audit Reminder
> Root Certificates:
> Chambers of Commerce Root
> Chambers of Commerce Root - 2008
> Global Chambersign Root
> Global Chambersign Root - 2008
> Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
> Audit Statement Date: 2016-06-17
> BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
> BR Audit Statement Date: 2016-08-05
> EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
> EV Audit Statement Date: 2016-08-05
> CA Comments: null

The standard audit was for the period of 2015-04-14 to 2016-04-13, and
so are also late with their audit.

> Mozilla: Audit Reminder
> Root Certificates:
> GlobalSign ECC Root CA - R5
> Standard Audit: https://cert.webtrust.org/SealFile?seal=2287&file=pdf
> Audit Statement Date: 2017-07-26
> BR Audit: https://bug1388488.bmoattachments.org/attachment.cgi?id=8895040
> BR Audit Statement Date: 2017-07-26
> EV Audit: https://cert.webtrust.org/SealFile?seal=2055&file=pdf
> EV Audit Statement Date: 2016-06-10
> CA Comments: null

The EV period was from 2015-04-01 to 2013-03-31. The others are new,
maybe forgot to update something?

> Mozilla: Audit Reminder
> Root Certificates:
> Certum Trusted Network CA 2**
> Certum Trusted Network CA**
>
> ** Audit Case in the Common CA Database is under review for this root certificate.
>
> Standard Audit: https://cert.webtrust.org/SealFile?seal=2064&file=pdf
> Audit Statement Date: 2016-06-10
> BR Audit: https://cert.webtrust.org/SealFile?seal=2066&file=pdf
> BR Audit Statement Date: 2016-06-10
> EV Audit: https://cert.webtrust.org/SealFile?seal=2065&file=pdf
> EV Audit Statement Date: 2016-06-10
> CA Comments: null

The period was 2015-04-15 to 2016-04-14.

Kurt

Chema Lopez

unread,

Sep 23, 2017, 6:38:21 AM9/23/17

to mozilla-dev-s...@lists.mozilla.org

The audit statements has been updated in the Case https://ccadb.force.com/5001J00000TMlAf

Kathleen Wilson

unread,

Oct 17, 2017, 5:44:11 PM10/17/17

to mozilla-dev-s...@lists.mozilla.org

A lot of the delay this time is in regards to our new Audit Case process. We'll work to get this cleared up this month.

-------- Forwarded Message --------
Subject: Summary of October 2017 Audit Reminder Emails
Date: Tue, 17 Oct 2017 19:00:06 +0000 (GMT)

Mozilla: Overdue Audit Statements
Root Certificates:
Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: BR and EV audits have happened, but there are action plans being presented to the auditors. Primary issues are use of UTF8 instead of PrintableString in jurisdictionOfIncorporation, and a recently repealed Spanish law that required privat

____

Mozilla: Audit Reminder
Root Certificates:

CA Disig Root R1
CA Disig Root R2

Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:

Chambers of Commerce Root**
Chambers of Commerce Root - 2008**
Global Chambersign Root**
Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bug986854.bmoattachments.org/attachment.cgi?id=8775118
Audit Statement Date: 2016-06-17
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800807
BR Audit Statement Date: 2016-08-05
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8800811
EV Audit Statement Date: 2016-08-05
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
Audit Statement Date: 2016-09-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2277&file=pdf
Audit Statement Date: 2016-11-04
BR Audit: https://cert.webtrust.org/SealFile?seal=2278&file=pdf
BR Audit Statement Date: 2016-11-04
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Go Daddy Class 2 CA**
Go Daddy Root Certificate Authority - G2**
Starfield Class 2 CA**
Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815072
Audit Statement Date: 2016-08-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815073
BR Audit Statement Date: 2016-08-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8815074
EV Audit Statement Date: 2016-08-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

IdenTrust Commercial Root CA 1**
IdenTrust Public Sector Root CA 1**
DST ACES CA X6**
DST Root CA X3**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2107&file=pdf
Audit Statement Date: 2016-08-19
BR Audit: https://cert.webtrust.org/SealFile?seal=2106&file=pdf
BR Audit Statement Date: 2016-08-19
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

NetLock Arany (Class Gold) F?tanúsítvány
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
Audit Statement Date: 2016-10-20
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8803550
BR Audit Statement Date: 2016-10-20
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

OpenTrust Root CA G1**
OpenTrust Root CA G2**
Certplus Root CA G1**
OpenTrust Root CA G3**
Certplus Root CA G2**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did not find reference to "Class 2 Primary CA" in the 2016 audit statements. Update: Audit of Class 2 Primary CA completed mid-October. Waiting for auditor to write attestation letter.

____

Mozilla: Audit Reminder
Root Certificates:

Security Communication EV RootCA1

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
Audit Statement Date: 2016-08-22
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
BR Audit Statement Date: 2016-08-22
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8805235
EV Audit Statement Date: 2016-08-22
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Swisscom Root CA 2
Standard Audit: https://bug1015839.bmoattachments.org/attachment.cgi?id=8781165
Audit Statement Date: 2016-08-15
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:

Certum Trusted Network CA 2**
Certum Trusted Network CA**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2064&file=pdf
Audit Statement Date: 2016-06-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2066&file=pdf
BR Audit Statement Date: 2016-06-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2065&file=pdf
EV Audit Statement Date: 2016-06-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Visa eCommerce Root**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://bug1301210.bmoattachments.org/attachment.cgi?id=8789076
Audit Statement Date: 2016-08-23
BR Audit: https://bug1301210.bmoattachments.org/attachment.cgi?id=8795503
BR Audit Statement Date: 2016-09-16
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Network Solutions Certificate Authority**

** Audit Case in the Common CA Database is under review for this root certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2108&file=pdf
Audit Statement Date: 2016-08-05
BR Audit: https://cert.webtrust.org/SealFile?seal=2111&file=pdf

BR Audit Statement Date: 2016-08-05

EV Audit: https://cert.webtrust.org/SealFile?seal=2110&file=pdf

EV Audit Statement Date: 2016-08-05
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

CFCA EV ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2186&file=pdf
Audit Statement Date: 2016-10-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2185&file=pdf
BR Audit Statement Date: 2016-10-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2187&file=pdf
EV Audit Statement Date: 2016-10-31
CA Comments: null

____

Kathleen Wilson

unread,

Oct 17, 2017, 5:57:06 PM10/17/17

to mozilla-dev-s...@lists.mozilla.org

On Tuesday, October 17, 2017 at 2:44:11 PM UTC-7, Kathleen Wilson wrote:
> A lot of the delay this time is in regards to our new
> Audit Case process.
> We'll work to get this cleared up this month.

To those of you CAs who have correctly followed the instructions for providing your annual updates -- THANK YOU!!!
Many of you have done this successfully without any problems.

To the rest of the CAs, Please help us out here, by reading and following the instructions.

http://ccadb.org/cas/updates

"The process for submitting an annual update is as follows: CAs will create a single Audit Case for a particular set of audits (e.g. WebTrust CA, WebTrust BR, and WebTrust EV). Then the CA will create a set of corresponding Root Cases, one per root, to tell the CCADB which Root Certificate records the audit statements in that Audit Case apply to."

We've had CAs file multiple Audit Cases for the same audit statements, with different information. Please don't do that. You only need to file one Audit Case for each set of audit statements. If you are unsure, please just create one Audit Case and then send email to me and Aaron so we can help you out.

Some CAs do not create the corresponding Root Cases to indicate which root certs were in scope of the audits and to provide the 3 test websites that are required by the BRs.

Many of the CAs unfortunately have not tested their 3 test websites to ensure that the TLS certs chain up to those root certs and have the correct results.

All of this is described in
http://ccadb.org/cas/updates

We continue to work to improve the interface to make it more obvious what you need to do. But in the meantime please carefully read and follow the instructions.

Thanks,
Kathleen

Kathleen Wilson

unread,

Nov 21, 2017, 3:17:05 PM11/21/17

to mozilla-dev-s...@lists.mozilla.org

Note to CAs: The indicator that an Audit Case is under review for
particular root certs will only be added if there has been a
corresponding Audit Root Case created for that particular root cert. If
you have only created the Audit Case (and not the Audit Root Cases),
that will not be indicated below.

http://ccadb.org/cas/updates

"CAs will create a single Audit Case for a particular set of audits
(e.g. WebTrust CA, WebTrust BR, and WebTrust EV). Then the CA will
create a set of corresponding Root Cases, one per root, to tell the
CCADB which Root Certificate records the audit statements in that Audit
Case apply to."

-------- Forwarded Message --------
Subject: Summary of November 2017 Audit Reminder Emails
Date: Tue, 21 Nov 2017 20:00:14 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

EE Certification Centre Root CA
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
Audit Statement Date: 2016-11-25
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
BR Audit Statement Date: 2016-11-25

CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:

Autoridad de Certificacion Firmaprofesional CIF A62634068**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1412950
Misunderstanding when switching from WebTrust to eIDAS/ETSI audit -
resulted in point-in-time audit that Mozilla has not accepted. On
October 31 CA requested 90 days to get period-of-time audits.

____

Mozilla: Audit Reminder
Root Certificates:
CA Disig Root R1
CA Disig Root R2
Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
Audit Statement Date: 2016-09-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

D-TRUST Root CA 3 2013
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6768UE_s.pdf
Audit Statement Date: 2016-11-21

BR Audit:
BR Audit Statement Date:

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit:
https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
Audit Statement Date: 2016-12-19
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
BR Audit Statement Date: 2016-12-19

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

NetLock Arany (Class Gold) F?tanúsítvány**

** Audit Case in the Common CA Database is under review for this root
certificate.

Secure Global CA
SecureTrust CA

XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2138&file=pdf
Audit Statement Date: 2016-11-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2139&file=pdf
BR Audit Statement Date: 2016-11-18
EV Audit: https://cert.webtrust.org/SealFile?seal=2140&file=pdf
EV Audit Statement Date: 2016-11-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Visa eCommerce Root**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1301210.bmoattachments.org/attachment.cgi?id=8789076
Audit Statement Date: 2016-08-23
BR Audit: https://bug1301210.bmoattachments.org/attachment.cgi?id=8795503
BR Audit Statement Date: 2016-09-16
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

CFCA EV ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2186&file=pdf
Audit Statement Date: 2016-10-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2185&file=pdf
BR Audit Statement Date: 2016-10-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2187&file=pdf
EV Audit Statement Date: 2016-10-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign ECC Root CA - R4**
GlobalSign Root CA - R2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://bug1325532.bmoattachments.org/attachment.cgi?id=8844281
Audit Statement Date: 2016-11-17
BR Audit: https://bug1325532.bmoattachments.org/attachment.cgi?id=8844281
BR Audit Statement Date: 2016-11-17
CA Comments: null

____

Kathleen Wilson

unread,

Jan 3, 2018, 7:36:55 PM1/3/18

to mozilla-dev-s...@lists.mozilla.org

Wishing all of you a happy 2018!

Below is the summary of the audit reminder email that was automatically
sent by the CCADB in December.

PS: I am back at work as of today, but I will appreciate your patience
while to catch up on my email inbox. If there is anything urgent, you
might want to prepend URGENT to the subject and re-send to me.

-------- Forwarded Message --------
Subject: Summary of December 2017 Audit Reminder Emails
Date: Tue, 19 Dec 2017 20:00:20 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

TrustCor RootCert CA-2
TrustCor RootCert CA-1
TrustCor ECA-1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2169&file=pdf
Audit Statement Date: 2016-12-15
BR Audit: https://cert.webtrust.org/SealFile?seal=2163&file=pdf
BR Audit Statement Date: 2016-12-15

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

EE Certification Centre Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
Audit Statement Date: 2016-11-25
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
BR Audit Statement Date: 2016-11-25
CA Comments: null

____

Mozilla: Your root is in danger of being removed

Root Certificates:
Autoridad de Certificacion Firmaprofesional CIF A62634068**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2032&file=pdf
Audit Statement Date: 2016-04-11
BR Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809981
BR Audit Statement Date: 2016-08-05
EV Audit: https://bug521439.bmoattachments.org/attachment.cgi?id=8809982
EV Audit Statement Date: 2016-08-05
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1412950
Misunderstanding when switching from WebTrust to eIDAS/ETSI audit -
resulted in point-in-time audit that Mozilla has not accepted. On
October 31 CA requested 90 days to get period-of-time audits.

____

Mozilla: Audit Reminder
Root Certificates:

CA Disig Root R2
Standard Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
Audit Statement Date: 2016-10-26
BR Audit: https://eidas.disig.sk/pdf/Audit2016_report.pdf
BR Audit Statement Date: 2016-10-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
Audit Statement Date: 2016-09-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

D-TRUST Root CA 3 2013**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6768UE_s.pdf
Audit Statement Date: 2016-11-21
BR Audit:
BR Audit Statement Date:
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit:
https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
Audit Statement Date: 2016-12-19
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8819839
BR Audit Statement Date: 2016-12-19
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:

OpenTrust Root CA G1**
OpenTrust Root CA G2**
Certplus Root CA G1**

Class 2 Primary CA

OpenTrust Root CA G3**
Certplus Root CA G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
Audit Statement Date: 2016-08-19

Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
Audit Statement Date: 2017-01-14

BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
BR Audit Statement Date: 2016-08-19

BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14

EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8783476
EV Audit Statement Date: 2016-08-19

EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did
not find reference to "Class 2 Primary CA" in the 2016 audit statements.
Update: Audit of Class 2 Primary CA completed mid-October. Waiting for
auditor to write attestation letter.

____

Mozilla: Audit Reminder
Root Certificates:
Secure Global CA
SecureTrust CA
XRamp Global Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2138&file=pdf
Audit Statement Date: 2016-11-18
BR Audit: https://cert.webtrust.org/SealFile?seal=2139&file=pdf
BR Audit Statement Date: 2016-11-18
EV Audit: https://cert.webtrust.org/SealFile?seal=2140&file=pdf
EV Audit Statement Date: 2016-11-18
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TÜRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8828490
Audit Statement Date: 2016-12-31
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6749UE_s.pdf
BR Audit Statement Date: 2016-12-31

Kathleen Wilson

unread,

Jan 16, 2018, 3:16:43 PM1/16/18

to mozilla-dev-s...@lists.mozilla.org

Below is the summary of the audit reminder email that was automatically

sent by the CCADB today.

-------- Forwarded Message --------
Subject: Summary of January 2018 Audit Reminder Emails
Date: Tue, 16 Jan 2018 20:00:04 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

ISRG Root X1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2193&file=pdf
Audit Statement Date: 2017-02-07
BR Audit: https://cert.webtrust.org/SealFile?seal=2194&file=pdf
BR Audit Statement Date: 2017-02-07

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
EE Certification Centre Root CA

Standard Audit:
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf
Audit Statement Date: 2017-11-24

BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8826692
BR Audit Statement Date: 2016-11-25
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:

AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
Audit Statement Date: 2016-09-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certigna
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8836773
Audit Statement Date: 2017-02-03
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8836773
BR Audit Statement Date: 2017-02-03

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

certSIGN ROOT CA
Standard Audit:

https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
Audit Statement Date: 2017-02-08
BR Audit:
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
BR Audit Statement Date: 2017-02-08

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Class 2 Primary CA

Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
Audit Statement Date: 2017-01-14

BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14

EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14
CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1297034 Did
not find reference to "Class 2 Primary CA" in the 2016 audit statements.
Update: Audit of Class 2 Primary CA completed mid-October. Waiting for
auditor to write attestation letter.

____

Mozilla: Audit Reminder
Root Certificates:

Kathleen Wilson

unread,

Jan 17, 2018, 7:24:56 PM1/17/18

to mozilla-dev-s...@lists.mozilla.org

On 1/4/18 3:53 AM, Kurt Roeckx wrote:

> On 2018-01-04 01:36, Kathleen Wilson wrote:
>>
>> Mozilla: Audit Reminder
>> Root Certificates:
>> AC Raíz Certicámara S.A.
>> Standard Audit: https://cert.webtrust.org/SealFile?seal=2120&file=pdf
>> Audit Statement Date: 2016-09-15
>> CA Comments: null
>

> The audit period of that is 2015-07-01 to 2016-04-30. They clearly
> overdue, instead of just a reminder.
>
>
> Kurt

There are two root certs with
Certificate Issuer Common Name: AC Raíz Certicámara S.A.
Certificate Issuer Organization: Sociedad Cameral de Certificación
Digital - Certicámara S.A.

One is included in Mozilla's program with only the Email trust bit
enabled. The other is not yet included in Mozilla's program
(https://bugzilla.mozilla.org/show_bug.cgi?id=1281002).

There had been a mistake in the way that the Audit Case was handled, so
the root cert included in Mozilla's program had not been updated with
the current audit statement.
https://cert.webtrust.org/SealFile?seal=2333&file=pdf

I have resolved this discrepency.

Thanks,
Kathleen

Kathleen Wilson

unread,

Feb 20, 2018, 6:11:48 PM2/20/18

to mozilla-dev-s...@lists.mozilla.org

Summary of audit statements that are due:

-------- Forwarded Message --------
Subject: Summary of February 2018 Audit Reminder Emails
Date: Tue, 20 Feb 2018 20:00:05 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

ISRG Root X1

Standard Audit: https://cert.webtrust.org/SealFile?seal=2193&file=pdf
Audit Statement Date: 2017-02-07
BR Audit: https://cert.webtrust.org/SealFile?seal=2194&file=pdf
BR Audit Statement Date: 2017-02-07
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G3

Staat der Nederlanden Root CA - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2204&file=pdf
Audit Statement Date: 2017-03-03
BR Audit: https://cert.webtrust.org/SealFile?seal=2204&file=pdf
BR Audit Statement Date: 2017-03-03
EV Audit: https://cert.webtrust.org/SealFile?seal=2204&file=pdf
EV Audit Statement Date: 2017-03-03
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

certSIGN ROOT CA
Standard Audit:
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
Audit Statement Date: 2017-02-08
BR Audit:
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
BR Audit Statement Date: 2017-02-08
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Symantec Class 1 Public Primary Certification Authority - G4**
Symantec Class 2 Public Primary Certification Authority - G4**
Symantec Class 2 Public Primary Certification Authority - G6**
VeriSign Class 1 Public Primary Certification Authority - G3**
VeriSign Class 2 Public Primary Certification Authority - G3**
VeriSign Class 3 Public Primary Certification Authority - G3**
VeriSign Class 3 Public Primary Certification Authority - G4**
VeriSign Class 3 Public Primary Certification Authority - G5**
VeriSign Universal Root Certification Authority**
Symantec Class 1 Public Primary Certification Authority - G6**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.symantec.com/content/en/us/about/media/repository/18_Symantec_STN_WTCA_period_end_11-30-2016.pdf
Audit Statement Date: 2017-02-28

BR Audit:
BR Audit Statement Date:

BR Audit:
https://www.symantec.com/content/en/us/about/media/repository/21_Symantec_STN_WTBR_period_end_11-30-2016.pdf
BR Audit Statement Date: 2017-02-28
EV Audit:
EV Audit Statement Date:
EV Audit:
https://www.symantec.com/content/en/us/about/media/repository/24_Symantec_STN_WTEV_period_end_11-30-2016.pdf
EV Audit Statement Date: 2017-02-28
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Hongkong Post Root CA 1

Standard Audit: https://cert.webtrust.org/SealFile?seal=2208&file=pdf
Audit Statement Date: 2017-02-28
BR Audit:
http://www.hongkongpost.gov.hk/product/cps/ecert/img/HKPCA_WebTrust_BR_2016-17.pdf
BR Audit Statement Date: 2017-02-28
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Class 2 Primary CA

Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
Audit Statement Date: 2017-01-14

BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
BR Audit Statement Date: 2017-01-14

EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
EV Audit Statement Date: 2017-01-14

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TWCA Global Root CA
TWCA Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2197&file=pdf
Audit Statement Date: 2017-02-16
BR Audit: https://cert.webtrust.org/SealFile?seal=2195&file=pdf
BR Audit Statement Date: 2017-02-16
EV Audit: https://cert.webtrust.org/SealFile?seal=2196&file=pdf
EV Audit Statement Date: 2017-02-16
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5

Kathleen Wilson

unread,

Mar 20, 2018, 3:08:35 PM3/20/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of March 2018 Audit Reminder Emails
Date: Tue, 20 Mar 2018 19:00:18 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

GDCA TrustAUTH R5 ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2231&file=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232&file=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233&file=pdf
EV Audit Statement Date: 2017-04-14

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SZAFIR ROOT CA2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2239&file=pdf
Audit Statement Date: 2017-04-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2239&file=pdf
BR Audit Statement Date: 2017-04-12

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
Audit Statement Date: 2017-02-08
BR Audit:
https://www.certsign.ro/certsign_en/files/certSIGN_Webtrust_CA_8.02.2017.pdf
BR Audit Statement Date: 2017-02-08

CA Comments: Previous audit statement date was same as audit period end
date, Feb 8 2017. The 2018 audit period end date is Feb 7 2018, which
means CertSign has until early May 2018 to provide their new audit
statement.

____

Mozilla: Audit Reminder
Root Certificates:

Baltimore CyberTrust Root
Cybertrust Global Root
DigiCert Assured ID Root CA

DigiCert Assured ID Root G2
DigiCert Assured ID Root G3

DigiCert High Assurance EV Root CA
DigiCert Trusted Root G4

Standard Audit: https://cert.webtrust.org/SealFile?seal=2228&file=pdf
Audit Statement Date: 2017-04-13
BR Audit: https://cert.webtrust.org/SealFile?seal=2229&file=pdf
BR Audit Statement Date: 2017-04-13
EV Audit: https://cert.webtrust.org/SealFile?seal=2230&file=pdf
EV Audit Statement Date: 2017-04-13

QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3

QuoVadis Root Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2223&file=pdf
Audit Statement Date: 2017-03-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2222&file=pdf
BR Audit Statement Date: 2017-03-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2221&file=pdf
EV Audit Statement Date: 2017-03-31
CA Comments:
https://www.wisekey.com/investors_press-release/wisekey-sixwihn-signs-letter-of-intent-to-acquire-quovadis-consolidating-certification-authority-power-for-eidas-and-iot

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Platinum CA - G2

SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30

Mozilla: Audit Reminder
Root Certificates:

Amazon Root CA 3
Amazon Root CA 2
Starfield Services Root Certificate Authority - G2
Amazon Root CA 1
Amazon Root CA 4

Standard Audit: https://cert.webtrust.org/SealFile?seal=2217&file=pdf
Audit Statement Date: 2017-03-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2218&file=pdf
BR Audit Statement Date: 2017-03-28
EV Audit: https://cert.webtrust.org/SealFile?seal=2219&file=pdf
EV Audit Statement Date: 2017-03-28
CA Comments: null

____

Kurt Roeckx

unread,

Mar 20, 2018, 3:44:07 PM3/20/18

to Kathleen Wilson, mozilla-dev-s...@lists.mozilla.org

On Tue, Mar 20, 2018 at 12:07:54PM -0700, Kathleen Wilson via dev-security-policy wrote:
> Mozilla: Audit Reminder
> Root Certificates:
> Class 2 Primary CA
> Standard Audit:
> https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> Audit Statement Date: 2017-01-14
> BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> BR Audit Statement Date: 2017-01-14
> EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8849236
> EV Audit Statement Date: 2017-01-14
> CA Comments: null

The audit period was 2015-10-14 to 2016-10-14, we should already
have received a new audit statement.

Kurt

Kathleen Wilson

unread,

Mar 20, 2018, 7:30:51 PM3/20/18

to mozilla-dev-s...@lists.mozilla.org

Bug filed: https://bugzilla.mozilla.org/show_bug.cgi?id=1447497

Thanks,
Kathleen

Weitsong Lin

unread,

Mar 20, 2018, 10:49:49 PM3/20/18

to mozilla-dev-s...@lists.mozilla.org

TWCA have been updated the CAADB.
Do we have to open the bug to update audit report status?

Thanks,
Robin Lin

Kathleen Wilson於 2018年3月21日星期三 UTC+8上午7時30分51秒寫道：

Kathleen Wilson

unread,

Apr 23, 2018, 12:48:42 PM4/23/18

to mozilla-dev-s...@lists.mozilla.org

Here's the summary of the audit reminder email that was sent last
Tuesday, while I was on Spring Break.

Kathleen

-------- Forwarded Message --------
Subject:Summary of April 2018 Audit Reminder Emails
Date: Tue, 17 Apr 2018 19:00:32 +0000 (GMT)
From: Mozilla CA Program Manager <kwi...@mozilla.com>
To: kwi...@mozilla.com <kwi...@mozilla.com>

Mozilla: Audit Reminder
Root Certificates:

GDCA TrustAUTH R5 ROOT
Standard Audit: https://cert.webtrust.org/SealFile?seal=2231&file=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232&file=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233&file=pdf
EV Audit Statement Date: 2017-04-14

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SZAFIR ROOT CA2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2239&file=pdf
Audit Statement Date: 2017-04-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2239&file=pdf
BR Audit Statement Date: 2017-04-12

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

ComSign CA
Standard Audit:
https://bug1368471.bmoattachments.org/attachment.cgi?id=8872330
Audit Statement Date: 2017-04-26

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SecureSign RootCA11
Standard Audit: https://cert.webtrust.org/SealFile?seal=2251&file=pdf
Audit Statement Date: 2017-05-10
BR Audit: https://bug1369520.bmoattachments.org/attachment.cgi?id=8873589
BR Audit Statement Date: 2017-05-10

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Baltimore CyberTrust Root
Cybertrust Global Root
DigiCert Assured ID Root CA
DigiCert Assured ID Root G2
DigiCert Assured ID Root G3
DigiCert High Assurance EV Root CA
DigiCert Trusted Root G4
Standard Audit: https://cert.webtrust.org/SealFile?seal=2228&file=pdf
Audit Statement Date: 2017-04-13
BR Audit: https://cert.webtrust.org/SealFile?seal=2229&file=pdf
BR Audit Statement Date: 2017-04-13
EV Audit: https://cert.webtrust.org/SealFile?seal=2230&file=pdf
EV Audit Statement Date: 2017-04-13

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Amazon Root CA 3**
Amazon Root CA 2**
Starfield Services Root Certificate Authority - G2**
Amazon Root CA 1**
Amazon Root CA 4**

** Audit Case in the Common CA Database is under review for this root
certificate.

Kathleen Wilson

unread,

May 15, 2018, 3:11:30 PM5/15/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of May 2018 Audit Reminder Emails
Date: Tue, 15 May 2018 19:00:06 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

GDCA TrustAUTH R5 ROOT**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2231&file=pdf
Audit Statement Date: 2017-04-14
BR Audit: https://cert.webtrust.org/SealFile?seal=2232&file=pdf
BR Audit Statement Date: 2017-04-14
EV Audit: https://cert.webtrust.org/SealFile?seal=2233&file=pdf
EV Audit Statement Date: 2017-04-14

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

COMODO RSA Certification Authority
USERTrust ECC Certification Authority
AAA Certificate Services
AddTrust Class 1 CA Root
AddTrust External CA Root

COMODO Certification Authority
COMODO ECC Certification Authority

UTN-USERFirst-Client Authentication and Email
USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2270&file=pdf
Audit Statement Date: 2017-06-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2274&file=pdf
BR Audit Statement Date: 2017-06-02

BR Audit:
BR Audit Statement Date:

EV Audit: https://cert.webtrust.org/SealFile?seal=2272&file=pdf
EV Audit Statement Date: 2017-06-02

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

ComSign CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://bug1368471.bmoattachments.org/attachment.cgi?id=8872330
Audit Statement Date: 2017-04-26

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SecureSign RootCA11
Standard Audit: https://cert.webtrust.org/SealFile?seal=2251&file=pdf
Audit Statement Date: 2017-05-10
BR Audit: https://bug1369520.bmoattachments.org/attachment.cgi?id=8873589
BR Audit Statement Date: 2017-05-10

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Entrust Root Certification Authority - EC1
Entrust Root Certification Authority - G2

AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium
AffirmTrust Premium ECC

Entrust Root Certification Authority
Entrust.net Certification Authority (2048)

Standard Audit: https://cert.webtrust.org/SealFile?seal=2248&file=pdf
Audit Statement Date: 2017-05-17
Standard Audit:
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-WebTrust-for-CA.pdf
Audit Statement Date: 2017-06-12
BR Audit: https://cert.webtrust.org/SealFile?seal=2248&file=pdf
BR Audit Statement Date: 2017-05-17
BR Audit:
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-SSL-Baseline-Requirements..pdf
BR Audit Statement Date: 2017-06-12
EV Audit: https://cert.webtrust.org/SealFile?seal=2248&file=pdf
EV Audit Statement Date: 2017-05-17
EV Audit:
https://www.affirmtrust.com/wp-content/uploads/20170114-20170531-AffirmTrust-WebTrust-for-EV-SSL.pdf
EV Audit Statement Date: 2017-06-12

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Government Root Certification Authority - Taiwan

Standard Audit: https://cert.webtrust.org/SealFile?seal=2252&file=pdf
Audit Statement Date: 2017-05-24
BR Audit: https://cert.webtrust.org/SealFile?seal=2253&file=pdf
BR Audit Statement Date: 2017-05-24

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
Audit Statement Date: 2017-03-01
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=8862399
BR Audit Statement Date: 2017-03-01

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1360184#c10

____

Kathleen Wilson

unread,

Jun 19, 2018, 5:00:06 PM6/19/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of June 2018 Audit Reminder Emails
Date: Tue, 19 Jun 2018 19:00:17 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

Atos TrustedRoot 2011
Standard Audit:

https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65&aoemydqs%5Baction%5D=downloadDocument&cHash=f4c93332780df1788265
Audit Statement Date: 2017-06-14
BR Audit:
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65&aoemydqs%5Baction%5D=downloadDocument&cHash=f4c93332780df1788265
BR Audit Statement Date: 2017-06-14

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Chambers of Commerce Root
Chambers of Commerce Root - 2008
Global Chambersign Root
Global Chambersign Root - 2008

Standard Audit: https://cert.webtrust.org/SealFile?seal=2283&file=pdf
Audit Statement Date: 2017-07-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2284&file=pdf
BR Audit Statement Date: 2017-07-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2285&file=pdf
EV Audit Statement Date: 2017-07-10

Government Root Certification Authority - Taiwan
Standard Audit: https://cert.webtrust.org/SealFile?seal=2252&file=pdf
Audit Statement Date: 2017-05-24
BR Audit: https://cert.webtrust.org/SealFile?seal=2253&file=pdf
BR Audit Statement Date: 2017-05-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Hellenic Academic and Research Institutions RootCA 2011

Hellenic Academic and Research Institutions ECC RootCA 2015
Hellenic Academic and Research Institutions RootCA 2015
Standard Audit:

https://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7.pdf
Audit Statement Date: 2017-06-29
BR Audit:
https://www.harica.gr/documents/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7.pdf
BR Audit Statement Date: 2017-06-29

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Sonera Class2 CA
TeliaSonera Root CA v1
Standard Audit:
https://support.partnergate.sonera.com/download/CA/WebTrust-Audit-Report-2017-06-30.pdf

Audit Statement Date: 2017-06-30
BR Audit:

https://support.partnergate.sonera.com/download/CA/WebTrust-BR-Audit-Report-2017-06-30.pdf
BR Audit Statement Date: 2017-06-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Deutsche Telekom Root CA 2
T-TeleSec GlobalRoot Class 2

T-TeleSec GlobalRoot Class 3
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/Browser_Audit_Attestation_2017_V2.2_s.pdf
Audit Statement Date: 2017-06-30
BR Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6760UE_s.pdf
BR Audit Statement Date: 2017-07-31
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf
BR Audit Statement Date: 2017-07-31

EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf
EV Audit Statement Date: 2017-07-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA

Standard Audit: https://cert.webtrust.org/SealFile?seal=2301&file=pdf
Audit Statement Date: 2017-07-05
BR Audit: https://cert.webtrust.org/SealFile?seal=2298&file=pdf
BR Audit Statement Date: 2017-08-05
EV Audit: https://cert.webtrust.org/SealFile?seal=2296&file=pdf
EV Audit Statement Date: 2017-07-05
CA Comments: null

____

Kurt Roeckx

unread,

Jun 19, 2018, 5:06:40 PM6/19/18

to Kathleen Wilson, mozilla-dev-s...@lists.mozilla.org

On Tue, Jun 19, 2018 at 01:59:26PM -0700, Kathleen Wilson via dev-security-policy wrote:
>
> Mozilla: Audit Reminder
> Root Certificates:
> SwissSign Platinum CA - G2
> SwissSign Silver CA - G2
> Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> Audit Statement Date: 2017-03-30
> BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> BR Audit Statement Date: 2017-03-30
> CA Comments: null

This was a point in time audit on 2017-03-08. They should have a
new report by now.

Kurt

Kathleen Wilson

unread,

Jul 17, 2018, 7:06:45 PM7/17/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of July 2018 Audit Reminder Emails
Date: Tue, 17 Jul 2018 19:00:10 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

LuxTrust Global Root 2
Standard Audit:

https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf
Audit Statement Date: 2017-07-24
BR Audit:
https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf
BR Audit Statement Date: 2017-07-24
EV Audit:
https://www.luxtrust.lu/upload/data/repository/attestation_letter_luxtrust_2017_s.pdf
EV Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Atos TrustedRoot 2011
Standard Audit:
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65&aoemydqs%5Baction%5D=downloadDocument&cHash=f4c93332780df1788265
Audit Statement Date: 2017-06-14
BR Audit:
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-00DCD7AE71E211E7B653005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=91bdb1288df96a7e719d7ebcad82dc822d5b1a65&aoemydqs%5Baction%5D=downloadDocument&cHash=f4c93332780df1788265
BR Audit Statement Date: 2017-06-14
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Chambers of Commerce Root
Chambers of Commerce Root - 2008
Global Chambersign Root
Global Chambersign Root - 2008
Standard Audit: https://cert.webtrust.org/SealFile?seal=2283&file=pdf
Audit Statement Date: 2017-07-10
BR Audit: https://cert.webtrust.org/SealFile?seal=2284&file=pdf
BR Audit Statement Date: 2017-07-10
EV Audit: https://cert.webtrust.org/SealFile?seal=2285&file=pdf
EV Audit Statement Date: 2017-07-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2333&file=pdf
Audit Statement Date: 2017-08-09
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certinomis - Root CA
Standard Audit:
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

COMODO RSA Certification Authority
USERTrust ECC Certification Authority
AAA Certificate Services
AddTrust Class 1 CA Root
AddTrust External CA Root
COMODO Certification Authority
COMODO ECC Certification Authority
UTN-USERFirst-Client Authentication and Email
USERTrust RSA Certification Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2270&file=pdf
Audit Statement Date: 2017-06-02
BR Audit: https://cert.webtrust.org/SealFile?seal=2274&file=pdf
BR Audit Statement Date: 2017-06-02
BR Audit:
BR Audit Statement Date:
EV Audit: https://cert.webtrust.org/SealFile?seal=2272&file=pdf
EV Audit Statement Date: 2017-06-02
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign
GlobalSign
GlobalSign Root CA
GlobalSign Extended Validation CA - SHA256 - G2

Standard Audit: https://cert.webtrust.org/SealFile?seal=2287&file=pdf
Audit Statement Date: 2017-07-26

BR Audit: https://cert.webtrust.org/SealFile?seal=2338&file=pdf
BR Audit Statement Date: 2017-09-22
EV Audit: https://cert.webtrust.org/SealFile?seal=2288&file=pdf
EV Audit Statement Date: 2017-07-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2299&file=pdf
Audit Statement Date: 2017-07-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2300&file=pdf
BR Audit Statement Date: 2017-07-28

CA Comments: Per CA request, Root CA Generalitat Valenciana will be
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
Root Certificates:

Izenpe.com
Standard Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
Audit Statement Date: 2017-07-25
BR Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
BR Audit Statement Date: 2017-07-25
EV Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
EV Audit Statement Date: 2017-07-25
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

OpenTrust Root CA G1
OpenTrust Root CA G2
Certplus Root CA G1

Class 2 Primary CA

OpenTrust Root CA G3
Certplus Root CA G2
Standard Audit:

https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
EV Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
EV Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1374381

____

Mozilla: Audit Reminder
Root Certificates:

Sonera Class2 CA**
TeliaSonera Root CA v1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://support.partnergate.sonera.com/download/CA/WebTrust-Audit-Report-2017-06-30.pdf
Audit Statement Date: 2017-06-30
BR Audit:
https://support.partnergate.sonera.com/download/CA/WebTrust-BR-Audit-Report-2017-06-30.pdf
BR Audit Statement Date: 2017-06-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Deutsche Telekom Root CA 2
T-TeleSec GlobalRoot Class 2
T-TeleSec GlobalRoot Class 3
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/Browser_Audit_Attestation_2017_V2.2_s.pdf
Audit Statement Date: 2017-06-30
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6760UE_s.pdf
BR Audit Statement Date: 2017-07-31
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf
BR Audit Statement Date: 2017-07-31
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/6761UE_s.pdf
EV Audit Statement Date: 2017-07-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit: https://cert.webtrust.org/SealFile?seal=2301&file=pdf
Audit Statement Date: 2017-07-05
BR Audit: https://cert.webtrust.org/SealFile?seal=2298&file=pdf
BR Audit Statement Date: 2017-08-05
EV Audit: https://cert.webtrust.org/SealFile?seal=2296&file=pdf
EV Audit Statement Date: 2017-07-05
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Visa eCommerce Root
Standard Audit: http://enroll.visaca.com/WTCA%20eComm.pdf
Audit Statement Date: 2017-07-26
BR Audit: http://enroll.visaca.com/WTBR%20eComm.pdf

BR Audit Statement Date: 2017-07-26

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Network Solutions Certificate Authority
Standard Audit: https://cert.webtrust.org/SealFile?seal=2290&file=pdf
Audit Statement Date: 2017-07-21
BR Audit: https://cert.webtrust.org/SealFile?seal=2291&file=pdf
BR Audit Statement Date: 2017-07-21
EV Audit: https://cert.webtrust.org/SealFile?seal=2292&file=pdf
EV Audit Statement Date: 2017-07-21
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

OISTE WISeKey Global Root GB CA
OISTE WISeKey Global Root GA CA

Standard Audit: https://cert.webtrust.org/SealFile?seal=2293&file=pdf
Audit Statement Date: 2017-07-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2294&file=pdf
BR Audit Statement Date: 2017-07-28
EV Audit: https://cert.webtrust.org/SealFile?seal=2295&file=pdf
EV Audit Statement Date: 2017-07-28
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SSL.com EV Root Certification Authority ECC
SSL.com Root Certification Authority ECC
SSL.com Root Certification Authority RSA
SSL.com EV Root Certification Authority RSA R2
Standard Audit:
https://www.ssl.com/app/uploads/2017/07/SSL-COM-WTCA-Indp-Accountant-Report-and-Mgmt-Assertion-FINAL-2017.pdf
Audit Statement Date: 2017-07-27
BR Audit:
https://www.ssl.com/app/uploads/2017/07/SSL-COM-WTBR-Indp-Accountant-Report-and-Mgmt-Assertion-FINAL-2017.pdf
BR Audit Statement Date: 2017-07-27
EV Audit: https://cert.webtrust.org/SealFile?seal=2286&file=pdf
EV Audit Statement Date: 2017-07-27
CA Comments: null

____

Kathleen Wilson

unread,

Aug 21, 2018, 3:04:19 PM8/21/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of August 2018 Audit Reminder Emails
Date: Tue, 21 Aug 2018 19:00:10 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

AC Raíz Certicámara S.A.
Standard Audit: https://cert.webtrust.org/SealFile?seal=2333&file=pdf
Audit Statement Date: 2017-08-09
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Certinomis - Root CA
Standard Audit:
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

E-Tugra Certification Authority
Standard Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf
Audit Statement Date: 2017-09-09
BR Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf
BR Audit Statement Date: 2017-09-09
EV Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2017.pdf
EV Audit Statement Date: 2017-09-09

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Go Daddy Class 2 CA
Go Daddy Root Certificate Authority - G2
Starfield Class 2 CA

Starfield Root Certificate Authority - G2
Standard Audit: https://cert.webtrust.org/SealFile?seal=2332&file=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2332&file=pdf
BR Audit Statement Date: 2017-08-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2332&file=pdf
EV Audit Statement Date: 2017-08-31

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACCVRAIZ1
Standard Audit: https://cert.webtrust.org/SealFile?seal=2299&file=pdf
Audit Statement Date: 2017-07-28
BR Audit: https://cert.webtrust.org/SealFile?seal=2300&file=pdf
BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
Root Certificates:

IdenTrust Commercial Root CA 1**
IdenTrust Public Sector Root CA 1**

DST Root CA X3**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://cert.webtrust.org/SealFile?seal=2331&file=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2334&file=pdf
BR Audit Statement Date: 2017-09-18

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2

Standard Audit: https://cert.webtrust.org/SealFile?seal=2321&file=pdf
Audit Statement Date: 2017-08-31
BR Audit: https://cert.webtrust.org/SealFile?seal=2323&file=pdf
BR Audit Statement Date: 2017-08-31
EV Audit: https://cert.webtrust.org/SealFile?seal=2322&file=pdf
EV Audit Statement Date: 2017-08-31
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:
SwissSign Platinum CA - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
Audit Statement Date: 2017-03-30
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
BR Audit Statement Date: 2017-03-30

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Visa eCommerce Root
Standard Audit: http://enroll.visaca.com/WTCA%20eComm.pdf
Audit Statement Date: 2017-07-26
BR Audit: http://enroll.visaca.com/WTBR%20eComm.pdf
BR Audit Statement Date: 2017-07-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Kurt Roeckx

unread,

Aug 22, 2018, 4:32:25 AM8/22/18

to mozilla-dev-s...@lists.mozilla.org

On 2018-08-21 21:03, Kathleen Wilson wrote:
> Mozilla: Overdue Audit Statements
> Root Certificates:
> SwissSign Platinum CA - G2**
>
> ** Audit Case in the Common CA Database is under review for this root
> certificate.
>
> Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> Audit Statement Date: 2017-03-30
> BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> BR Audit Statement Date: 2017-03-30
> CA Comments: null

Is this not properly marked in the database?

I found https://bugzilla.mozilla.org/show_bug.cgi?id=1374381, which
seems to be related to it, and was closed.

The linked audits there:
- For one claiming the period covering 2015: The statement does not
state which period was covered.
- For one claiming the period covering 2016: The statement does not
state which period was covered. A previous report from the auditor for
that period stated that it was a point in time audit.
The changed report removed this sentence: "KPMG has performed a point in
time audit. The reference date is 8 March 2017." and replaced
"We were not engaged to and did not conduct an examination, the object
of which would be the expression of an opinion on the Application for
Extended Validation (EV) Certificate. Accordingly, we do not express
such an opinion. Had we performed additional procedures, other matters
might have come to our attention that would have been reported to you"
with:
"KPMG has assessed the architecture, operation and procedures on a
sample approach although we have not assessed every configuration
setting on technical devices."
- The report from a new auditor covered the period: March, 9th 2017
until June, 6th 2018, which is longer than 1 year.

Kurt

Wayne Thayer

unread,

Aug 22, 2018, 9:40:15 PM8/22/18

to Kurt Roeckx, mozilla-dev-security-policy

Kurt,

Thank your for raising this issue.

As documented in the bug you referenced, there was a good deal of confusion
about Mozilla's acceptance (or not) of SwissSign's 2017 audit statements.
Mozilla rejected the first statements and then asked questions about the
second set of statements but never clearly rejected them.

A verbal agreement was reached that SwissSign would obtain new audits, but
it resulted in only one of their 3 included roots being re-audited later in
2017. Given the lack of documentation, I am willing to accept that as a
misunderstanding of scope between Mozilla and SwissSign. The result is that
we have 2017 audit statements in CCADB that are marked as having been
accepted despite the significant concerns that were raised in the bug you
referenced.

I believe the fact that the audit period extended for more than a year was
caused by SwissSign's (understandable) decision to use a different auditor
this year. However, I agree that this is a problem because it directly
contradicts BR section 8.1 which states "An audit period MUST NOT exceed
one year in duration" and Mozilla's requirement that "Full-surveillance
period-of-time audits MUST be conducted and updated audit information
provided no less frequently than annually". I believe these new audit
statements (both for the Platinum and Silver roots) should be rejected on
that basis, and I would also welcome a response from SwissSign and/or their
auditors. In addition, Kathleen is researching why this was not flagged by
CCADB when the audit cases were processed.

When choosing to switch auditors for 2018, SwissSign asked Mozilla to
permit them to use TUV Austria prior to the firm's formal eIDAS
accreditation. Given that the individuals performing the audits were
well-known as auditors for TUV Germany who moved to the Austrian entity,
Mozilla agreed to this exception as permitted under Root Store Policy
section 3.2. TUV Austria has since informed us that they have received
their accreditation.

Finally, the audit submitted for the (not yet included) SwissSign Silver G3
root is point-in-time, and thus not acceptable as documented in
https://bugzilla.mozilla.org/show_bug.cgi?id=1142323#c44 I have discussed
this with SwissSign's auditors, and their belief was that a point-in-time
report is appropriate when no certificates have been issued from a root
during the period. I do not agree with this interpretation and plan to have
further discussions with ETSI folks on this topic (WebTrust has already
confirmed that it is possible report on a root over a period-of-time even
when no issuance has occurred). Meanwhile, I believe that TUV Austria may
reissue the reports for this root as period-of-time since the audits
themselves covered the entire period.

- Wayne

On Wed, Aug 22, 2018 at 1:32 AM Kurt Roeckx via dev-security-policy <
dev-secur...@lists.mozilla.org> wrote:

> On 2018-08-21 21:03, Kathleen Wilson wrote:

> > Mozilla: Overdue Audit Statements
> > Root Certificates:
> > SwissSign Platinum CA - G2**
> >
> > ** Audit Case in the Common CA Database is under review for this root
> > certificate.
> >
> > Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> > Audit Statement Date: 2017-03-30
> > BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8861552
> > BR Audit Statement Date: 2017-03-30
> > CA Comments: null
>

> Is this not properly marked in the database?
>
> I found https://bugzilla.mozilla.org/show_bug.cgi?id=1374381, which
> seems to be related to it, and was closed.
>
> The linked audits there:
> - For one claiming the period covering 2015: The statement does not
> state which period was covered.
> - For one claiming the period covering 2016: The statement does not
> state which period was covered. A previous report from the auditor for
> that period stated that it was a point in time audit.
> The changed report removed this sentence: "KPMG has performed a point in
> time audit. The reference date is 8 March 2017." and replaced
> "We were not engaged to and did not conduct an examination, the object
> of which would be the expression of an opinion on the Application for
> Extended Validation (EV) Certificate. Accordingly, we do not express
> such an opinion. Had we performed additional procedures, other matters
> might have come to our attention that would have been reported to you"
> with:
> "KPMG has assessed the architecture, operation and procedures on a
> sample approach although we have not assessed every configuration
> setting on technical devices."
> - The report from a new auditor covered the period: March, 9th 2017
> until June, 6th 2018, which is longer than 1 year.
>
>
> Kurt

> _______________________________________________
> dev-security-policy mailing list
> dev-secur...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>

bloedsin...@gmail.com

unread,

Aug 27, 2018, 2:25:38 AM8/27/18

to mozilla-dev-s...@lists.mozilla.org

Dear all

This is a joint answer to Waynes' request.

it was mentioned that the audit period was exceeded. We would like to explain the situation and what was undertaken to avoid such situation again.

We all are aware that the audit period was exceeded by two months. However the conducted audit from April 2018 also covers the 2 months extension. As you already mentioned, the reason is that SwissSign decided to change the auditors after 12 years for quality assurance reason. Additionally, it is a best practice within the IT security world or the financial sector to change the external auditors on a regular base.
During the process, SwissSign defined some criteria in order to choose the new auditors these are:

The auditors shall:
- possess a knowledge and experience since years performing PKI audits as a full time job.

- have experience in auditing different international CA which are also included in the Root Stores.

- take their time to understand in detail the processes, infrastructure, implementations, etc. of SwissSign.
- support SwissSign being conform over time between the annual audits, e.g. by pre-assessments of new solutions/processes/applications before these are going in live production.
- be well known in the community.
- be active in international and national working groups in order to keep their knowledge about requirements up-to-date.
- are /going to be accredited to perform audit according the relevant standards.
- Fullfills requirement according to BR 8.2 and BR 8.3

The whole process took its time because of the complexity of such a change. At the end, SwissSign decided to work together with the qualified auditors from TÜV Austria which will perform all audits for all PKI in the future. The upcoming audit for the Silver and Platinum PKI was performed as soon as the contract was agreed and signed.
We would also like to point out that both PKI are maintained under exact the same physical, technical, organizational and logical conditions and measures as the Gold PKI which is was audited in October 2017. Additionally, the Platinum PKI is also audited according the Swiss Law on an annual base.

In order to avoid such exceeding, the contract with the auditors was signed for the next several years, in order to ensure that the audits are planned and performed in time as required by the CA/B Forum and the Browser Root CA Policies. It is already planned that in September 2018 a new full audit for all PKI (Silver, Platinum and Gold G2 and G3) will be performed. After the audit for all three PKI, completely new audit attestations will be issued covering the period until the last audit day. This will be the start point for a full annual audit for all PKI together so that there is not any timely separation between them. Additionally, the audits for the next years are already planned, so that an exceeding of the audit period will be prevented.

We hope that this sheds some lights on the situation.

Thanks and kindest regards

Reinhard Dietrich

Wayne Thayer

unread,

Aug 27, 2018, 12:27:56 PM8/27/18

to Reinhard Dietrich, mozilla-dev-security-policy

> I'm glad to hear that planning is being done to prevent future audit
problems. Reinhard, what will be the period covered by the September 2018
audits?

It occurs to me that Mozilla could accept the recently submitted audit
statements that cover 14 months by ignoring the extra two months. The next
audit period would need to end no later than March 8, 2019. Does anyone
have concerns with this?

Reinhard, what is SwissSign planning to do regarding the point-in-time
audit for the Silver G3 root?

Ryan Sleevi

unread,

Aug 29, 2018, 11:56:08 AM8/29/18

to bloedsin...@gmail.com, mozilla-dev-security-policy

On Mon, Aug 27, 2018 at 2:25 AM reinhard.dietrich--- via

Could you explain a bit more about your selection process? The auditors you
selected did not meet BR 8.2 at the time you selected them, hence the
e-mail to multiple browser programs to accept audits from a non-accredited
entity, on the promise that the principals involved were respected and that
accreditation would be coming "soon".

In April, an attempt was made to determine the accreditation status of TUV
Austria Cert GMBH. Based on EA [1], the NAB for Austria is Akkreditierung
Austria's Federal Ministry for Digital and Economi Afairs (BMDW). The list
of CABs accredited by the NAB are available at [2]

Looking at the BRs, the expectation would be that the auditor is accredited
in the application of ISO 17065:2012 with the application of ETSI EN 319
403. Looking at the most recently updated list of Certification Bodies of
Products, Processes, and Services, according to EN ISO/IEC 17065:2012, TUV
Austria Cert GMBH's certification is [4], which doesn't cover that norm.

Looking at the eIDAS list of CABs [5], which is informational but updated
as of 2018-07-27, I don't see TUV Austria under AA either.

So it doesn't appear to meet either ISO/IEC 17065 or the eIDAS norms (of
which 17065 is effectively a pre-requisite).

Could you help me understand more how TUV Austria Cert GMBH meets the
criteria of BR 8.2 and 8.3?

[1] http://www.european-accreditation.org/ea-members
[2]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Seiten/AkkreditiertePIZ-Stellen.aspx
[3]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Documents/product%20certification%20bodies.pdf
[4]
https://www.bmdw.gv.at/TechnikUndVermessung/Akkreditierung/Documents/AA_0943_17065_TueV_AUSTRIA_CERT_GMBH.pdf
[5]
https://ec.europa.eu/futurium/en/content/list-conformity-assessment-bodies-cabs-accredited-against-requirements-eidas-regulation
[6]
https://ec.europa.eu/futurium/en/system/files/ged/list_of_eidas_accredited_cabs-2018-07-27.pdf

bloedsin...@gmail.com

unread,

Sep 3, 2018, 8:54:28 AM9/3/18

to mozilla-dev-s...@lists.mozilla.org

Dear all,
as already mentioned above, qualified auditors (nat person/organization) have been selected which fulfil the points as listed in our previous response. The auditors fulfilled these relevant requirements. Even the organization of TÜV AUSTRIA CERT was accredited according to ISO 17065 by that time –the only thing missing was the formal acknowledgement of the Austrian Federal Ministry for Digital and Economy Affairs (BMDW) for amending that accreditation by the ETSI ENs.
The accreditation audit had successfully been performed by the Ministry BMDW in June and a corresponding positive report had been issued to TÜV AUSTRIA CERT. That report had been forwarded immediately to the Browsers. Following this time frame, at the time when our Audit Attestations were issued, the auditors already passed its accreditation audit. Hereafter however, the formal completion of the accreditation process by the Ministry requires time until the accreditation certificate is finally issued. Now – after summer holiday season -, the accreditation certificate is expected to be delivered every day. Along with that all public lists will be updated so that TÜV AUSTRIA CERT’s ETSI expansion of their accreditation according to ISO 17065 will finally be visible.

Related to our own SwissSign audit which was required to be performed as soon as possible, we decided to ask the browsers before the audit was started, whether they would accept the audit performed by our auditors under that circumstances described above. Based on the Mozilla Root Policy, clause 3.2, para 2 Mozilla can decide to accept the auditor. On top we considered that as the auditors are well known in the community and have long term experience auditing several CA included in the Root Stores according ETSI and BRG, therefore they should easily be accepted to perform our audit. We discussed that with Mozilla and Microsoft and both finally agreed to a one time exception so that we decided to start the audit project. That given exception included an agreement that the Audit Attestations will be re-issued now, after the formal accreditation process is finalized – which will happen during the next few weeks. All the Browsers will receive an updated Audit Attestation then referring the amended accreditation documentation.
On top of that and as already mentioned above, we will repeat all the audits during the next weeks in order to start over and synchronize the audit period for the complete PKI of SwissSign. At this time the expansion of TÜV AUSTRIA CERTS accreditation according ISO 17065 and ETSI EN 319 403 will certainly be visible.

Best Regards

Reinhard Dietrich

Ryan Sleevi

unread,

Sep 4, 2018, 1:01:40 PM9/4/18

to bloedsin...@gmail.com, mozilla-dev-security-policy

On Mon, Sep 3, 2018 at 8:54 AM reinhard.dietrich--- via dev-security-policy
<dev-secur...@lists.mozilla.org> wrote:

> Dear all,
> as already mentioned above, qualified auditors (nat person/organization)
> have been selected which fulfil the points as listed in our previous
> response. The auditors fulfilled these relevant requirements. Even the
> organization of TÜV AUSTRIA CERT was accredited according to ISO 17065 by
> that time –the only thing missing was the formal acknowledgement of the
> Austrian Federal Ministry for Digital and Economy Affairs (BMDW) for
> amending that accreditation by the ETSI ENs.
>

I think this is an incredibly important and meaningful distinction, for all
CAs.

It appears that, even today, September 4, there's no way to independently
confirm or assess TUV AUSTRIA CERT's accreditation to ISO 17065 in any of
the related or appropriate standards. If a WebTrust audit was presented by
an auditor who was not licensed by WebTrust, or could not be independently
assessed as such, it would absolutely be rejected - and CPA Canada/AICPA
would likely pursue action through misuse of the term WebTrust.

That ETSI lacks this is already problematic, but equally problematic is the
lack of demonstration through the agreed-upon method of determining an
auditor's competence to perform audits. The process that is recognized for
the ETSI norms is to look through european-accreditation.org to determine
the NAB, and from the NAB, determine the appropriate CABs. With respect to
Section 8.2, I'm having trouble understanding how the information presented
can meet the requirements of Item 2, 4, and 6. As my previous mail
suggested, the ability to determine that, independently, has been lacking
since April.

Related to our own SwissSign audit which was required to be performed as
> soon as possible, we decided to ask the browsers before the audit was
> started, whether they would accept the audit performed by our auditors
> under that circumstances described above. Based on the Mozilla Root Policy,
> clause 3.2, para 2 Mozilla can decide to accept the auditor. On top we
> considered that as the auditors are well known in the community and have
> long term experience auditing several CA included in the Root Stores
> according ETSI and BRG, therefore they should easily be accepted to perform
> our audit.

My understanding here is that your use of the term "auditors" refers to the
individuals, not to the organization TUV Austria, is that correct?

> We discussed that with Mozilla and Microsoft and both finally agreed to a
> one time exception so that we decided to start the audit project. That
> given exception included an agreement that the Audit Attestations will be
> re-issued now, after the formal accreditation process is finalized – which
> will happen during the next few weeks. All the Browsers will receive an
> updated Audit Attestation then referring the amended accreditation
> documentation.
> On top of that and as already mentioned above, we will repeat all the
> audits during the next weeks in order to start over and synchronize the
> audit period for the complete PKI of SwissSign. At this time the expansion
> of TÜV AUSTRIA CERTS accreditation according ISO 17065 and ETSI EN 319 403
> will certainly be visible.
>

As it stands, the information for TUV AUSTRIA CERTS still does not appear
to meet the requirements of Section 8.2. I appreciate that the promise is
that it's forthcoming, that it's BMDW's fault, that everything surely is in
order, but you can surely see how from an objective and consistent
application of policies, this fails to meet Section 8.2 even to this day.

Kathleen Wilson

unread,

Sep 18, 2018, 4:51:39 PM9/18/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of September 2018 Audit Reminder Emails
Date: Tue, 18 Sep 2018 19:00:14 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
AC Raíz Certicámara S.A.
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

Audit Statement Date: 2017-08-31
BR Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

BR Audit Statement Date: 2017-08-31
EV Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042

EV Audit Statement Date: 2017-08-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACCVRAIZ1
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221168

Audit Statement Date: 2017-07-28
BR Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221169

BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
Root Certificates:

Izenpe.com
Standard Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
Audit Statement Date: 2017-07-25
BR Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
BR Audit Statement Date: 2017-07-25
EV Audit:
http://www.izenpe.eus/contenidos/informacion/auditorias_acreditaciones/en_def/adjuntos/6757_Izenpe_Browser_Attestation_2017.pdf
EV Audit Statement Date: 2017-07-25
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit:
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf

Audit Statement Date: 2017-10-05
BR Audit:

http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf
BR Audit Statement Date: 2017-10-05

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
OpenTrust Root CA G1
OpenTrust Root CA G2
Certplus Root CA G1
Class 2 Primary CA
OpenTrust Root CA G3
Certplus Root CA G2
Standard Audit:
https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221101

Audit Statement Date: 2017-08-31
BR Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221098

BR Audit Statement Date: 2017-08-31
EV Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221100

EV Audit Statement Date: 2017-08-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Visa eCommerce Root**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: http://enroll.visaca.com/WTCA%20eComm.pdf
Audit Statement Date: 2017-07-26
BR Audit: http://enroll.visaca.com/WTBR%20eComm.pdf
BR Audit Statement Date: 2017-07-26
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

SSL.com EV Root Certification Authority ECC**
SSL.com Root Certification Authority ECC**
SSL.com Root Certification Authority RSA**
SSL.com EV Root Certification Authority RSA R2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.ssl.com/app/uploads/2017/07/SSL-COM-WTCA-Indp-Accountant-Report-and-Mgmt-Assertion-FINAL-2017.pdf
Audit Statement Date: 2017-07-27
BR Audit:
https://www.ssl.com/app/uploads/2017/07/SSL-COM-WTBR-Indp-Accountant-Report-and-Mgmt-Assertion-FINAL-2017.pdf
BR Audit Statement Date: 2017-07-27
EV Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221182

Kathleen Wilson

unread,

Oct 16, 2018, 3:49:51 PM10/16/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of October 2018 Audit Reminder Emails
Date: Tue, 16 Oct 2018 19:00:37 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:
AC Raíz Certicámara S.A.
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203
Audit Statement Date: 2017-08-09
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Certinomis - Root CA
Standard Audit:
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Go Daddy Class 2 CA**
Go Daddy Root Certificate Authority - G2**
Starfield Class 2 CA**

Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042
Audit Statement Date: 2017-08-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042
BR Audit Statement Date: 2017-08-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221042
EV Audit Statement Date: 2017-08-31
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
ACCVRAIZ1
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221168
Audit Statement Date: 2017-07-28
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221169
BR Audit Statement Date: 2017-07-28
CA Comments: Per CA request, Root CA Generalitat Valenciana will be
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
Root Certificates:

NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit:
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf
Audit Statement Date: 2017-10-05
BR Audit:
http://www.netlock.hu/docs/dokumentumok/Certificate%20ETSI%20ENG.pdf
BR Audit Statement Date: 2017-10-05
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

CFCA EV ROOT
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221153
Audit Statement Date: 2017-11-10
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221154
BR Audit Statement Date: 2017-11-10
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221155
EV Audit Statement Date: 2017-11-10

CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

GlobalSign
GlobalSign
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221087
Audit Statement Date: 2017-10-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221088
BR Audit Statement Date: 2017-11-01
CA Comments: null

____

Kurt Roeckx

unread,

Oct 16, 2018, 4:40:09 PM10/16/18

to Kathleen Wilson, mozilla-dev-s...@lists.mozilla.org

On Tue, Oct 16, 2018 at 12:49:41PM -0700, Kathleen Wilson via dev-security-policy wrote:
> -------- Forwarded Message --------
> Subject: Summary of October 2018 Audit Reminder Emails
> Date: Tue, 16 Oct 2018 19:00:37 +0000 (GMT)
>
> Mozilla: Audit Reminder
> Root Certificates:
> AC Raíz Certicámara S.A.
> Standard Audit: http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203
> Audit Statement Date: 2017-08-09
> CA Comments: null

It covers the period of 2016-05-01 to 2017-04-30. They should have
a new audit report by now.

> Mozilla: Audit Reminder
> Root Certificates:
> Certinomis - Root CA
> Standard Audit:
> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> Audit Statement Date: 2017-07-24
> BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> BR Audit Statement Date: 2017-07-24
> CA Comments: null

This seems to be in French, and does not seem to even indicate
when the audit was done, just that the report itself is valid for
2 years.

Kurt

Kathleen Wilson

unread,

Oct 23, 2018, 5:35:46 PM10/23/18

to mozilla-dev-s...@lists.mozilla.org

On 10/16/18 1:39 PM, Kurt Roeckx wrote:
> On Tue, Oct 16, 2018 at 12:49:41PM -0700, Kathleen Wilson via dev-security-policy wrote:
>> -------- Forwarded Message --------
>> Subject: Summary of October 2018 Audit Reminder Emails
>> Date: Tue, 16 Oct 2018 19:00:37 +0000 (GMT)
>>
>> Mozilla: Audit Reminder
>> Root Certificates:
>> AC Raíz Certicámara S.A.
>> Standard Audit: http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221203
>> Audit Statement Date: 2017-08-09
>> CA Comments: null
>
> It covers the period of 2016-05-01 to 2017-04-30. They should have
> a new audit report by now.

I filed the following Bugzilla Bug to remove this cert in the next batch
of root changes:
https://bugzilla.mozilla.org/show_bug.cgi?id=1501457

Reason for removal: No current audit statement for this root, and CA
failed to respond to the September 2018 CA Communication survey.

>
>> Mozilla: Audit Reminder
>> Root Certificates:
>> Certinomis - Root CA
>> Standard Audit:
>> https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
>> Audit Statement Date: 2017-07-24
>> BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
>> BR Audit Statement Date: 2017-07-24
>> CA Comments: null
>
> This seems to be in French, and does not seem to even indicate
> when the audit was done, just that the report itself is valid for
> 2 years.

Our official requirement for the audit statements to be in English is
new in version 2.6 of our policy (effective date July 1, 2018). Also,
last July we were still having difficulty getting the ETSI auditors on
board with specifying audit periods in their audit statements.

Thanks,
Kathleen

Kathleen Wilson

unread,

Nov 20, 2018, 4:58:42 PM11/20/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of November 2018 Audit Reminder Emails
Date: Tue, 20 Nov 2018 20:00:09 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

TrustCor RootCert CA-2
TrustCor RootCert CA-1
TrustCor ECA-1
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221175
Audit Statement Date: 2017-12-15
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221176
BR Audit Statement Date: 2017-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

EE Certification Centre Root CA
Standard Audit:

https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf
Audit Statement Date: 2017-11-24
BR Audit:

https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf
BR Audit Statement Date: 2017-11-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:
Certinomis - Root CA
Standard Audit:
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

D-TRUST Root CA 3 2013**

D-TRUST Root Class 3 CA 2 2009**
D-TRUST Root Class 3 CA 2 EV 2009**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120703_Browser_Auidt_Attestation_s.pdf
Audit Statement Date: 2017-12-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120702_Browser_Audit_Attestation_s.pdf
Audit Statement Date: 2017-12-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf
Audit Statement Date: 2017-12-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120703_Browser_Auidt_Attestation_s.pdf
BR Audit Statement Date: 2017-12-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120702_Browser_Audit_Attestation_s.pdf
BR Audit Statement Date: 2017-12-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf
BR Audit Statement Date: 2017-12-07
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017120701_Browser_Audit_Atestation_s.pdf
EV Audit Statement Date: 2017-12-07
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Standard Audit:

https://bug1262809.bmoattachments.org/attachment.cgi?id=8937952
Audit Statement Date: 2017-12-08
BR Audit: https://bug1262809.bmoattachments.org/attachment.cgi?id=8937952
BR Audit Statement Date: 2017-12-08
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Microsec e-Szigno Root CA 2009
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121401_Browser_Audit_Attestation_s.pdf
Audit Statement Date: 2017-12-14
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121402_Browser_Audit_Attestation_s.pdf
BR Audit Statement Date: 2017-12-14
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Class 2 Primary CA
Standard Audit:

https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

BR Audit Statement Date: 2017-07-24
CA Comments:

https://bugzilla.mozilla.org/show_bug.cgi?id=1465629
https://bugzilla.mozilla.org/attachment.cgi?id=9024032
Need CA to create Audit Case in CCADB

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Gold CA - G2
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
Audit Statement Date: 2017-11-30
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
BR Audit Statement Date: 2017-11-30
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
EV Audit Statement Date: 2017-11-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Secure Global CA
SecureTrust CA
XRamp Global Certification Authority
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221135
Audit Statement Date: 2017-11-17
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221136
BR Audit Statement Date: 2017-11-17
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221137
EV Audit Statement Date: 2017-11-17
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

CFCA EV ROOT
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221153
Audit Statement Date: 2017-11-10
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221154
BR Audit Statement Date: 2017-11-10
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221155
EV Audit Statement Date: 2017-11-10
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Kurt Roeckx

unread,

Nov 20, 2018, 5:15:57 PM11/20/18

to Kathleen Wilson, mozilla-dev-s...@lists.mozilla.org

On Tue, Oct 23, 2018 at 02:35:37PM -0700, Kathleen Wilson via dev-security-policy wrote:
> > > Mozilla: Audit Reminder
> > > Root Certificates:
> > > Certinomis - Root CA
> > > Standard Audit:
> > > https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > Audit Statement Date: 2017-07-24
> > > BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
> > > BR Audit Statement Date: 2017-07-24
> > > CA Comments: null
> >
> > This seems to be in French, and does not seem to even indicate
> > when the audit was done, just that the report itself is valid for
> > 2 years.
>

> Our official requirement for the audit statements to be in English is new in
> version 2.6 of our policy (effective date July 1, 2018). Also, last July we
> were still having difficulty getting the ETSI auditors on board with
> specifying audit periods in their audit statements.

So it seems nothing changed related to this in the last month,
they are clearly late in providing a new audit statement.

Kurt

Wayne Thayer

unread,

Nov 20, 2018, 7:00:29 PM11/20/18

to Kurt Roeckx, Kathleen Wilson, mozilla-dev-security-policy

Thanks for pointing this out Kurt. The Certinomis / Docapost audit report
is now almost one month late. Also, last week the Certinomis representative
informed root programs that he was leaving his post and two others would be
taking his place. I have just emailed the two new representatives and asked
them to explain when we will see the audit report. I'm also concerned about
their numerous compliance bugs.

- Wayne

On Tue, Nov 20, 2018 at 3:15 PM Kurt Roeckx via dev-security-policy <
dev-secur...@lists.mozilla.org> wrote:

> > Our official requirement for the audit statements to be in English is
> new in
> > version 2.6 of our policy (effective date July 1, 2018). Also, last July
> we
> > were still having difficulty getting the ETSI auditors on board with
> > specifying audit periods in their audit statements.
>
> So it seems nothing changed related to this in the last month,
> they are clearly late in providing a new audit statement.
>
>
> Kurt
>

Wayne Thayer

unread,

Nov 26, 2018, 4:39:45 PM11/26/18

to Kurt Roeckx, Kathleen Wilson, mozilla-dev-security-policy

Update: I heard back from Certinomis quickly. They provided the following
attestation statement from LSTI dated 23-November on the same day. The
audit was conducted back in July, so we still need an explanation from
Certinomis of why it took LSTI so long to provide the report.

https://bugzilla.mozilla.org/attachment.cgi?id=9027230

Unfortunately, the audit period listed in the report begins a week after
the prior audit period ended. Certinomis says that this is a reporting
mistake, so I have asked them to provide an updated attestation statement
from LSTI.

- Wayne

On Tue, Nov 20, 2018 at 5:00 PM Wayne Thayer <wth...@mozilla.com> wrote:

> Thanks for pointing this out Kurt. The Certinomis / Docapost audit report
> is now almost one month late. Also, last week the Certinomis representative
> informed root programs that he was leaving his post and two others would be
> taking his place. I have just emailed the two new representatives and asked
> them to explain when we will see the audit report. I'm also concerned about
> their numerous compliance bugs.
>
> - Wayne
>
> On Tue, Nov 20, 2018 at 3:15 PM Kurt Roeckx via dev-security-policy <
> dev-secur...@lists.mozilla.org> wrote:
>

Kathleen Wilson

unread,

Dec 18, 2018, 3:33:07 PM12/18/18

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of December 2018 Audit Reminder Emails
Date: Tue, 18 Dec 2018 20:00:20 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

TrustCor RootCert CA-2
TrustCor RootCert CA-1
TrustCor ECA-1
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221175
Audit Statement Date: 2017-12-15
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221176
BR Audit Statement Date: 2017-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

EE Certification Centre Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf
Audit Statement Date: 2017-11-24
BR Audit:
https://sk.ee/upload/files/AA2017112401_Audit%20Attestation_final.pdf
BR Audit Statement Date: 2017-11-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certigna
Certigna Root CA
Standard Audit:
https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405
Audit Statement Date: 2018-01-12
BR Audit: https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405
BR Audit Statement Date: 2018-01-12
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:
Certinomis - Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
Audit Statement Date: 2017-07-24
BR Audit: https://bug937589.bmoattachments.org/attachment.cgi?id=8898169
BR Audit Statement Date: 2017-07-24
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Microsec e-Szigno Root CA 2009**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121401_Browser_Audit_Attestation_s.pdf
Audit Statement Date: 2017-12-14
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017121402_Browser_Audit_Attestation_s.pdf
BR Audit Statement Date: 2017-12-14
CA Comments: null

____

Mozilla: Overdue Audit Statements
Root Certificates:
Class 2 Primary CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590
Audit Statement Date: 2017-07-24
BR Audit: https://bug1297034.bmoattachments.org/attachment.cgi?id=8916590

BR Audit Statement Date: 2017-07-24

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1465629

____

Mozilla: Audit Reminder
Root Certificates:

SwissSign Gold CA - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
Audit Statement Date: 2017-11-30
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
BR Audit Statement Date: 2017-11-30
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2017113001_Browser_Audit_Attestation_s.pdf
EV Audit Statement Date: 2017-11-30
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Secure Global CA**
SecureTrust CA**
XRamp Global Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

marc.m...@gmail.com

unread,

Jan 3, 2019, 11:48:47 AM1/3/19

to mozilla-dev-s...@lists.mozilla.org

Franck Leroy explained that LSTI was about to deliver the audit letter to Certinomis, but regarding the recent issue with TUV-IT, LSTI decided to postpone any attestation letter and to do further investigation on all their PTC CA clients"
Certinomis had to provide further information to the LSTI, before they would issue their audit statement.

In a second time,in December 2018, LSTI explained that the 3 months delay to provide the final audit statement result of an overload work of their auditors so they delayed the validation of the Audit

Kathleen Wilson

unread,

Jan 15, 2019, 4:59:36 PM1/15/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of January 2019 Audit Reminder Emails
Date: Tue, 15 Jan 2019 20:01:18 +0000 (GMT)

Mozilla: Audit Reminder
Root Certificates:

ISRG Root X1
Standard Audit:
https://bug1441413.bmoattachments.org/attachment.cgi?id=8954264
Audit Statement Date: 2018-01-25
BR Audit: https://bug1441413.bmoattachments.org/attachment.cgi?id=8954265

BR Audit Statement Date: 2018-01-25
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

TrustCor RootCert CA-2**
TrustCor RootCert CA-1**
TrustCor ECA-1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221175
Audit Statement Date: 2017-12-15
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221176
BR Audit Statement Date: 2017-12-15
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G3
Staat der Nederlanden Root CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958479
Audit Statement Date: 2018-02-09
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958475
BR Audit Statement Date: 2018-03-09
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958477
EV Audit Statement Date: 2018-02-09
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Certigna
Certigna Root CA
Standard Audit:

https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405
Audit Statement Date: 2018-01-12
BR Audit: https://bug1265683.bmoattachments.org/attachment.cgi?id=8947405
BR Audit Statement Date: 2018-01-12
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

certSIGN ROOT CA
Standard Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf
Audit Statement Date: 2018-02-08
BR Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf
BR Audit Statement Date: 2018-02-08
CA Comments: null

____

Mozilla: Audit Reminder
Root Certificates:

Symantec Class 1 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G6
GeoTrust Global CA
GeoTrust Primary Certification Authority
GeoTrust Primary Certification Authority - G2
GeoTrust Primary Certification Authority - G3
GeoTrust Universal CA
GeoTrust Universal CA 2
thawte Primary Root CA
thawte Primary Root CA - G2
thawte Primary Root CA - G3
VeriSign Class 1 Public Primary Certification Authority - G3
VeriSign Class 2 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G4
VeriSign Class 3 Public Primary Certification Authority - G5
VeriSign Universal Root Certification Authority
Symantec Class 1 Public Primary Certification Authority - G6
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221188
Audit Statement Date: 2018-01-31
Standard Audit:
https://www.websecurity.symantec.com/content/dam/websitesecurity/digitalassets/desktop/pdfs/repository/Symantec-WTCA-Opinion-Letter%2010-31-17.pdf

Audit Statement Date: 2018-01-31
BR Audit:

BR Audit Statement Date:
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221187
BR Audit Statement Date: 2018-01-31
EV Audit:
EV Audit Statement Date:
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221189
EV Audit Statement Date: 2018-01-31
CA Comments: null

____

Kathleen Wilson

unread,

Feb 25, 2019, 3:13:39 PM2/25/19

to mozilla-dev-s...@lists.mozilla.org

Here's the summary of Mozilla's audit reminder emails that were sent
last Tuesday. (I was on vacation last week).

Note that per previous discussion, the date logic for sending these
emails has been updated, and is documented here:

https://wiki.mozilla.org/CA/Email_templates#Audit_Reminder_Email_Templates

- Audit Reminder is sent when previous Audit Period End date is 1 year
plus 31 days to 93 days old.

- Overdue Notice is sent when previous Audit Period End date is 1 year
plus 93 days to 150 days old.

- Danger of being removed warning is sent when previous Audit Period End
date is older than 1 year plus 150 days.

Thanks,
Kathleen

-------- Forwarded Message --------
Subject: Summary of February 2019 Audit Reminder Emails
Date: Tue, 19 Feb 2019 20:00:52 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Government of The Netherlands, PKIoverheid (Logius)

Root Certificates:
Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G3
Staat der Nederlanden Root CA - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958479

Standard Audit Period End Date: 2017-12-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958475
BR Audit Period End Date: 2017-12-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8958477
EV Audit Period End Date: 2017-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221051
Standard Audit Period End Date: 2017-12-18
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221052
BR Audit Period End Date: 2017-12-18

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Buypass
Root Certificates:
Buypass Class 2 Root CA
Buypass Class 3 Root CA
Standard Audit:
https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295
Standard Audit Period End Date: 2017-11-30
BR Audit: https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295
BR Audit Period End Date: 2017-11-30
EV Audit: https://bug1359516.bmoattachments.org/attachment.cgi?id=8956295
EV Audit Period End Date: 2017-11-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
Hongkong Post Root CA 1
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221045
Standard Audit Period End Date: 2017-12-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221044
BR Audit Period End Date: 2017-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: QuoVadis
Root Certificates:
QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3
QuoVadis Root Certification Authority
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221092
Standard Audit Period End Date: 2017-12-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221093
BR Audit Period End Date: 2017-12-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221094
EV Audit Period End Date: 2017-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
TWCA Global Root CA
TWCA Root Certification Authority
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221109
Standard Audit Period End Date: 2017-12-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221112
BR Audit Period End Date: 2017-12-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221111
EV Audit Period End Date: 2017-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
FNMT-RCM - SHA256
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf
Standard Audit Period End Date: 2018-01-12
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf
BR Audit Period End Date: 2018-01-12

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Amazon Trust Services

Root Certificates:
Amazon Root CA 3

Amazon Root CA 2
Starfield Services Root Certificate Authority - G2
Amazon Root CA 1
Amazon Root CA 4
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221192
Standard Audit Period End Date: 2018-01-15
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221193
BR Audit Period End Date: 2018-01-15
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221194
EV Audit Period End Date: 2018-01-15
CA Comments: null

____

Kathleen Wilson

unread,

Mar 19, 2019, 3:07:47 PM3/19/19

to mozilla-dev-s...@lists.mozilla.org

Here's the summary of Mozilla's audit reminder emails that were sent

today by the CCADB.

Reminder: The date logic for sending these emails is documented in the
following wiki page.

https://wiki.mozilla.org/CA/Email_templates#Audit_Reminder_Email_Templates

- Audit Reminder is sent when previous Audit Period End date is 1 year
plus 31 days to 93 days old.

- Overdue Notice is sent when previous Audit Period End date is 1 year
plus 93 days to 150 days old.

- Danger of being removed warning is sent when previous Audit Period End
date is older than 1 year plus 150 days.

-------- Forwarded Message --------
Subject: Summary of March 2019 Audit Reminder Emails
Date: Tue, 19 Mar 2019 19:00:09 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221051
Standard Audit Period End Date: 2017-12-18
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221052
BR Audit Period End Date: 2017-12-18
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: certSIGN

Root Certificates:
certSIGN ROOT CA
Standard Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf

Standard Audit Period End Date: 2018-02-08
BR Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf
BR Audit Period End Date: 2018-02-08

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3
QuoVadis Root Certification Authority
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221092
Standard Audit Period End Date: 2017-12-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221093
BR Audit Period End Date: 2017-12-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221094
EV Audit Period End Date: 2017-12-31
CA Comments: null

____

Mozilla: Audit Reminder

Kathleen Wilson

unread,

Apr 22, 2019, 5:24:40 PM4/22/19

to mozilla-dev-s...@lists.mozilla.org

Here's the summary of the automated audit reminder email that was sent
last week.

-------- Forwarded Message --------
Subject: Summary of April 2019 Audit Reminder Emails
Date: Tue, 16 Apr 2019 19:00:28 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly
Guang Dong Certificate Authority (GDCA))

Root Certificates:
GDCA TrustAUTH R5 ROOT

Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221127
Standard Audit Period End Date: 2018-02-28
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221128
BR Audit Period End Date: 2018-02-28
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221129
EV Audit Period End Date: 2018-02-28

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
certSIGN ROOT CA
Standard Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf
Standard Audit Period End Date: 2018-02-08
BR Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf
BR Audit Period End Date: 2018-02-08
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Cybertrust Japan / JCSI
Root Certificates:
SecureSign RootCA11
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221213
Standard Audit Period End Date: 2018-02-28
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221212
BR Audit Period End Date: 2018-02-28

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Entrust

Root Certificates:
Entrust Root Certification Authority - EC1
Entrust Root Certification Authority - G2
AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium
AffirmTrust Premium ECC
Entrust Root Certification Authority
Entrust.net Certification Authority (2048)
Standard Audit:

https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforca_2018.pdf
Standard Audit Period End Date: 2018-02-28
Standard Audit:
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-CA-Report.pdf
Standard Audit Period End Date: 2018-02-28
BR Audit:
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_baselinerequirements_2018.pdf?la=en&hash=BC08BAF5AE81B2EE66A2146EE7710FB2F4F33BA6
BR Audit Period End Date: 2018-02-28
BR Audit:
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-BR-NetSec-Report.pdf
BR Audit Period End Date: 2018-02-28
EV Audit:
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/entrust_wforevssl_2018.pdf?la=en&hash=B7F759CB298E973AB9A53F28AAED22AD9C7BE145
EV Audit Period End Date: 2018-02-28
EV Audit:
https://www.affirmtrust.com/wp-content/uploads/2018-AFT-EVSSL-Report.pdf
EV Audit Period End Date: 2018-02-28
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:

FNMT-RCM - SHA256**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf
Standard Audit Period End Date: 2018-01-12
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018041201_Audit_Attestation_s.pdf
BR Audit Period End Date: 2018-01-12

CA Comments: Findings in audit statement:
https://bugzilla.mozilla.org/show_bug.cgi?id=1544586

____

Kathleen Wilson

unread,

May 21, 2019, 3:31:04 PM5/21/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of May 2019 Audit Reminder Emails
Date: Tue, 21 May 2019 19:01:45 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: LuxTrust

Root Certificates:
LuxTrust Global Root 2
Standard Audit:

https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
Standard Audit Period End Date: 2018-03-30
BR Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
BR Audit Period End Date: 2018-03-30
EV Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
EV Audit Period End Date: 2018-03-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Autoridad de Certificacion Firmaprofesional
Root Certificates:
Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit:
https://bug1412950.bmoattachments.org/attachment.cgi?id=9018966
Standard Audit Period End Date: 2018-03-27
BR Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
BR Audit Period End Date: 2018-03-27
EV Audit: https://bug1412950.bmoattachments.org/attachment.cgi?id=9018971
EV Audit Period End Date: 2018-03-27

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: AC Camerfirma, S.A.

Root Certificates:
Chambers of Commerce Root
Chambers of Commerce Root - 2008
Global Chambersign Root
Global Chambersign Root - 2008

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13

CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: certSIGN
Root Certificates:

certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-Report-2018.pdf
Standard Audit Period End Date: 2018-02-08
BR Audit:
https://www.certsign.ro/certsign/files/certSIGN-Webtrust-CA-SSL-Report-2018.pdf
BR Audit Period End Date: 2018-02-08

CA Comments: The audit statements are reviewed and fine, just waiting
for the Webtrust Seals to be provided.

____

Mozilla: Audit Reminder
CA Owner: Sectigo

Root Certificates:
COMODO RSA Certification Authority
USERTrust ECC Certification Authority
AAA Certificate Services
AddTrust Class 1 CA Root
AddTrust External CA Root
COMODO Certification Authority
COMODO ECC Certification Authority
UTN-USERFirst-Client Authentication and Email

USERTrust RSA Certification Authority
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989406
Standard Audit Period End Date: 2018-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989407
BR Audit Period End Date: 2018-03-31
BR Audit:

BR Audit Period End Date:

EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8989408
EV Audit Period End Date: 2018-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
EC-ACC
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013271
Standard Audit Period End Date: 2018-03-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013273
BR Audit Period End Date: 2018-03-28

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Cybertrust Japan / JCSI
Root Certificates:
SecureSign RootCA11
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221213
Standard Audit Period End Date: 2018-02-28
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221212
BR Audit Period End Date: 2018-02-28
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: DigiCert
Root Certificates:
Baltimore CyberTrust Root
Cybertrust Global Root
DigiCert Assured ID Root CA
DigiCert Assured ID Root G2
DigiCert Assured ID Root G3
DigiCert Trusted Root G4
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124
Standard Audit Period End Date: 2018-03-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125
BR Audit Period End Date: 2018-03-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126
EV Audit Period End Date: 2018-03-31

Mozilla: Audit Reminder
CA Owner: GlobalSign

Root Certificates:
GlobalSign
GlobalSign
GlobalSign
GlobalSign Root CA

GlobalSign Extended Validation CA - SHA256 - G2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995395
Standard Audit Period End Date: 2018-03-31
Standard Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221720
Standard Audit Period End Date: 2018-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995396
BR Audit Period End Date: 2018-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221721
BR Audit Period End Date: 2018-03-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995398
EV Audit Period End Date: 2018-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221722
EV Audit Period End Date: 2018-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Taiwan, Government Root Certification Authority
(GRCA)

Root Certificates:
Government Root Certification Authority - Taiwan
Standard Audit:

http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221221
Standard Audit Period End Date: 2018-03-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221222
BR Audit Period End Date: 2018-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: HARICA

Root Certificates:
Hellenic Academic and Research Institutions RootCA 2011
Hellenic Academic and Research Institutions ECC RootCA 2015
Hellenic Academic and Research Institutions RootCA 2015
Standard Audit:

https://www.qmscert.com/share/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7-REV1.pdf
Standard Audit Period End Date: 2018-03-30
BR Audit:
https://www.qmscert.com/share/HARICA-ETSI_CERTIFICATE_AUTH_W_ANNEX_290617-7-REV1.pdf
BR Audit Period End Date: 2018-03-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Swisscom (Switzerland) Ltd
Root Certificates:
Swisscom Root CA 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8985611
Standard Audit Period End Date: 2018-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Telia Company (formerly TeliaSonera)

Root Certificates:
Sonera Class2 CA
TeliaSonera Root CA v1
Standard Audit:

https://support.trust.telia.com/download/CA/TeliaWebTrustForCAReport2018.pdf
Standard Audit Period End Date: 2018-03-31
BR Audit:
https://support.trust.telia.com/download/CA/TeliaSSLBaselineReport2018.pdf
BR Audit Period End Date: 2018-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)

Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:

https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516
Standard Audit Period End Date: 2018-03-26
BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
BR Audit Period End Date: 2018-03-26
EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515
EV Audit Period End Date: 2018-03-26

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Web.com

Root Certificates:
Network Solutions Certificate Authority
Standard Audit:

https://bug1321015.bmoattachments.org/attachment.cgi?id=8996067
Standard Audit Period End Date: 2018-03-31
BR Audit: https://bug1321015.bmoattachments.org/attachment.cgi?id=8996069
BR Audit Period End Date: 2018-03-31
EV Audit: https://bug1321015.bmoattachments.org/attachment.cgi?id=8996068
EV Audit Period End Date: 2018-03-31
CA Comments: null

____

Kathleen Wilson

unread,

Jun 18, 2019, 3:17:01 PM6/18/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of June 2019 Audit Reminder Emails
Date: Tue, 18 Jun 2019 19:00:30 +0000 (GMT)

Mozilla: Audit Reminder
CA Owner: LuxTrust
Root Certificates:
LuxTrust Global Root 2
Standard Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
Standard Audit Period End Date: 2018-03-30
BR Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
BR Audit Period End Date: 2018-03-30
EV Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
EV Audit Period End Date: 2018-03-30
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Shanghai Electronic Certification Authority Co., Ltd. (SHECA)
Root Certificates:
UCA Extended Validation Root
UCA Global G2 Root
Standard Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221269
Standard Audit Period End Date: 2018-04-30
BR Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221270
BR Audit Period End Date: 2018-04-30
EV Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221271
EV Audit Period End Date: 2018-04-30

EC-ACC**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013271
Standard Audit Period End Date: 2018-03-28
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9013273
BR Audit Period End Date: 2018-03-28
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: DigiCert
Root Certificates:
Baltimore CyberTrust Root
Cybertrust Global Root
DigiCert Assured ID Root CA
DigiCert Assured ID Root G2
DigiCert Assured ID Root G3
DigiCert Trusted Root G4
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124
Standard Audit Period End Date: 2018-03-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125
BR Audit Period End Date: 2018-03-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126
EV Audit Period End Date: 2018-03-31
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Entrust
Root Certificates:

Entrust Root Certification Authority - EC1**
Entrust Root Certification Authority - G2**
AffirmTrust Commercial**
AffirmTrust Networking**
AffirmTrust Premium**
AffirmTrust Premium ECC
Entrust Root Certification Authority**
Entrust.net Certification Authority (2048)**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat
Valenciana (ACCV)

Root Certificates:
ACCVRAIZ1
Standard Audit:

https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223215
Standard Audit Period End Date: 2018-04-30
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223216
BR Audit Period End Date: 2018-04-30

CA Comments: Per CA request, Root CA Generalitat Valenciana will be
removed via https://bugzilla.mozilla.org/show_bug.cgi?id=1272158

____

Mozilla: Audit Reminder
CA Owner: Government of Taiwan, Government Root Certification Authority
(GRCA)
Root Certificates:
Government Root Certification Authority - Taiwan
Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221221
Standard Audit Period End Date: 2018-03-31
BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221222
BR Audit Period End Date: 2018-03-31
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Swisscom (Switzerland) Ltd
Root Certificates:
Swisscom Root CA 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8985611
Standard Audit Period End Date: 2018-03-31
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Telia Company (formerly TeliaSonera)
Root Certificates:
Sonera Class2 CA
TeliaSonera Root CA v1
Standard Audit:
https://support.trust.telia.com/download/CA/TeliaWebTrustForCAReport2018.pdf
Standard Audit Period End Date: 2018-03-31
BR Audit:
https://support.trust.telia.com/download/CA/TeliaSSLBaselineReport2018.pdf
BR Audit Period End Date: 2018-03-31
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: T-Systems International GmbH (Deutsche Telekom)

Root Certificates:
Deutsche Telekom Root CA 2
T-TeleSec GlobalRoot Class 2
T-TeleSec GlobalRoot Class 3
Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2018072001_T-Systems_Deutsche-Telekom-Root-CA-2_V2_s.pdf
Standard Audit Period End Date: 2018-05-17
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018072003_Audit_Attestation_E_T-TeleSec-GlobalRoot-Class-2_20180723_s.pdf
Standard Audit Period End Date: 2018-05-17
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018072004_Audit_Attestation_E_T-TeleSec-GlobalRoot-Class-3_20180723_s.pdf
Standard Audit Period End Date: 2018-05-17
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2018072001_T-Systems_Deutsche-Telekom-Root-CA-2_V2_s.pdf
BR Audit Period End Date: 2018-05-17
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018072003_Audit_Attestation_E_T-TeleSec-GlobalRoot-Class-2_20180723_s.pdf
BR Audit Period End Date: 2018-05-17
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018072004_Audit_Attestation_E_T-TeleSec-GlobalRoot-Class-3_20180723_s.pdf
BR Audit Period End Date: 2018-05-17
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018072004_Audit_Attestation_E_T-TeleSec-GlobalRoot-Class-3_20180723_s.pdf
EV Audit Period End Date: 2018-05-17

Mozilla: Audit Reminder
CA Owner: WISeKey

Root Certificates:
OISTE WISeKey Global Root GB CA
OISTE WISeKey Global Root GA CA

OISTE WISeKey Global Root GC CA
Standard Audit:
https://cdn.wisekey.com/uploads/images/Audit-Report-and-Management-Assertions.pdf
Standard Audit Period End Date: 2018-05-08
BR Audit:
https://cdn.wisekey.com/uploads/images/Audit-Report-and-Management-Assertions-SSL.pdf
BR Audit Period End Date: 2018-05-08
EV Audit:
https://cdn.wisekey.com/uploads/images/Audit-Report-and-Management-Assertions-EV.pdf
EV Audit Period End Date: 2018-05-08
CA Comments: null

____

Kurt Roeckx

unread,

Jul 16, 2019, 3:26:02 PM7/16/19

to Kathleen Wilson, mozilla-dev-s...@lists.mozilla.org

On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via dev-security-policy wrote:
> Mozilla: Overdue Audit Statements

> CA Owner: LuxTrust
> Root Certificates:
> LuxTrust Global Root 2
> Standard Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> Standard Audit Period End Date: 2018-03-30
> BR Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> BR Audit Period End Date: 2018-03-30
> EV Audit:
> https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
> EV Audit Period End Date: 2018-03-30
> CA Comments: null

For the overdue statements, I always see a comment, ussually
something like:

| ** Audit Case in the Common CA Database is under review for this root
| certificate.

But this root CA doesn't seem to have have any comment. Nor does this one:

> Mozilla: Overdue Audit Statements

> CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
> Root Certificates:
> Certum Trusted Network CA 2
> Certum CA
> Certum Trusted Network CA
> Standard Audit:
> https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516
> Standard Audit Period End Date: 2018-03-26
> BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
> BR Audit Period End Date: 2018-03-26
> EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515
> EV Audit Period End Date: 2018-03-26
> CA Comments: null

Will you open such audit cases? Is this just some timing problem
that the mails got sent before it could be opened?

I also miss things like the state in the intermediate summary you
sent.

Kurt

Kathleen Wilson

unread,

Jul 16, 2019, 4:38:14 PM7/16/19

to mozilla-dev-s...@lists.mozilla.org

On 7/16/19 12:25 PM, Kurt Roeckx wrote:
> On Tue, Jul 16, 2019 at 12:12:57PM -0700, Kathleen Wilson via dev-security-policy wrote:
>> Mozilla: Overdue Audit Statements
>> CA Owner: LuxTrust

>> <snip>

>> Standard Audit Period End Date: 2018-03-30

>> <snip>

> For the overdue statements, I always see a comment, ussually
> something like:
> | ** Audit Case in the Common CA Database is under review for this root
> | certificate.
>
> But this root CA doesn't seem to have have any comment. Nor does this one:
>
>> Mozilla: Overdue Audit Statements
>> CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)

>> <snip>

>> Standard Audit Period End Date: 2018-03-26

>> <snip>

>
> Will you open such audit cases? Is this just some timing problem
> that the mails got sent before it could be opened?

Hi Kurt,

The comment "** Audit Case..." means that the CA has created an Audit
Case providing updated audits for those root certs, but those audit
statements have not yet reviewed/accepted by Mozilla.

https://ccadb.org/cas/updates

There was no commentary about LuxTrust and Asseco, because those CAs
have not yet submitted their Audit Case.

Thanks to you for the reminder, I have filed the following CA Compliance
bugs.

https://bugzilla.mozilla.org/show_bug.cgi?id=1566580
LuxTrust: Overdue Audit Statements 2019

https://bugzilla.mozilla.org/show_bug.cgi?id=1566586
Asseco/Certum: Overdue Audit Statements 2019

> I also miss things like the state in the intermediate summary you
> sent.

For intermediate certs, the CAs update the audit statements directly in
the corresponding record in the CCADB. I do not currently review those
audit statements, but I am working on adding Audit Letter Validation
(ALV) to intermediate certs.

By the way:

> Mozilla: Audit Reminder
> CA Owner: Swisscom (Switzerland) Ltd
> Root Certificates:
> Swisscom Root CA 2
> Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8985611

> Standard Audit Period End Date: 2018-03-31
> CA Comments: null

I filed
https://bugzilla.mozilla.org/show_bug.cgi?id=1566569
Remove Swisscom Root CA 2 root certificate
(per an email I had previously received from the CA)

Thanks,
Kathleen

Kathleen Wilson

unread,

Jul 16, 2019, 4:38:15 PM7/16/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of July 2019 Audit Reminder Emails
Date: Tue, 16 Jul 2019 19:00:29 +0000 (GMT)

Mozilla: Overdue Audit Statements
CA Owner: LuxTrust

Root Certificates:
LuxTrust Global Root 2
Standard Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

Standard Audit Period End Date: 2018-03-30

BR Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf
BR Audit Period End Date: 2018-03-30
EV Audit:
https://www.lsti-certification.fr/images/LSTI--11085-57-AL-V1.0_LUXTRUST.pdf

EV Audit Period End Date: 2018-03-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: AC Camerfirma, S.A.
Root Certificates:

Chambers of Commerce Root**
Chambers of Commerce Root - 2008**
Global Chambersign Root
Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931

EV Audit Period End Date: 2018-04-13
CA Comments: null

Comment: The new audit statements don't appear to cover all of these roots.

____

Mozilla: Audit Reminder
CA Owner: Chunghwa Telecom
Root Certificates:
Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority
Standard Audit:
https://bug1483068.bmoattachments.org/attachment.cgi?id=8999772
Standard Audit Period End Date: 2018-05-31
BR Audit: https://bug1483068.bmoattachments.org/attachment.cgi?id=8999773
BR Audit Period End Date: 2018-05-31
CA Comments: null

____

Mozilla: Overdue Audit Statements
CA Owner: DigiCert
Root Certificates:
Cybertrust Global Root**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221124

Standard Audit Period End Date: 2018-03-31

BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221125
BR Audit Period End Date: 2018-03-31
EV Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221126

EV Audit Period End Date: 2018-03-31
CA Comments: null

Comment: ALV fails for Code Signing, so assigned Audit Case to
Microsoft. Audits for this root look good from Mozilla's perspective.

____

Mozilla: Overdue Audit Statements
CA Owner: GlobalSign
Root Certificates:
GlobalSign**
GlobalSign**
GlobalSign**
GlobalSign Root CA**
GlobalSign Extended Validation CA - SHA256 - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995395

Standard Audit Period End Date: 2018-03-31

Standard Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221720

Standard Audit Period End Date: 2018-03-31

BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995396
BR Audit Period End Date: 2018-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221721
BR Audit Period End Date: 2018-03-31
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995398
EV Audit Period End Date: 2018-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=221722

EV Audit Period End Date: 2018-03-31
CA Comments: null

Comment: Waiting for WebTrust Seals

____

Mozilla: Audit Reminder

CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat
Valenciana (ACCV)
Root Certificates:
ACCVRAIZ1
Standard Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223215
Standard Audit Period End Date: 2018-04-30
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223216

BR Audit Period End Date: 2018-04-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Government of Taiwan, Government Root Certification Authority
(GRCA)
Root Certificates:

Government Root Certification Authority - Taiwan**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221221

Standard Audit Period End Date: 2018-03-31

BR Audit:
http://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=221222
BR Audit Period End Date: 2018-03-31
CA Comments: null

Comment: Test Website Validation fails for some of the test websites.

____

Mozilla: Audit Reminder
CA Owner: SECOM Trust Systems CO., LTD.

Root Certificates:
SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit:

https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222449
Standard Audit Period End Date: 2018-06-08
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222450
BR Audit Period End Date: 2018-06-08
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222451
EV Audit Period End Date: 2018-06-08
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Swisscom (Switzerland) Ltd
Root Certificates:
Swisscom Root CA 2
Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8985611
Standard Audit Period End Date: 2018-03-31
CA Comments: null

Comment: CA has requested that this root be removed from Mozilla's root
store, because they are focusing their business on electronic signing.

____

Mozilla: Audit Reminder

Mozilla: Overdue Audit Statements
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)

Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:
https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516

Standard Audit Period End Date: 2018-03-26

BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
BR Audit Period End Date: 2018-03-26
EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515

EV Audit Period End Date: 2018-03-26
CA Comments: null

____

Mozilla: Audit Reminder

Kathleen Wilson

unread,

Aug 20, 2019, 4:54:17 PM8/20/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of August 2019 Audit Reminder Emails
Date: Tue, 20 Aug 2019 19:00:34 +0000 (GMT)

Mozilla: Overdue Audit Statements

CA Owner: AC Camerfirma, S.A.
Root Certificates:

Chambers of Commerce Root - 2008**
Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13

CA Comments: CA is requesting audit statement updates from their
auditors, who are not available until first week of September.

____

Mozilla: Audit Reminder
CA Owner: GoDaddy

Root Certificates:
Go Daddy Class 2 CA

Go Daddy Root Certificate Authority - G2
Starfield Class 2 CA

Starfield Root Certificate Authority - G2
Standard Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222460
Standard Audit Period End Date: 2018-06-30
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222461
BR Audit Period End Date: 2018-06-30
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222462
EV Audit Period End Date: 2018-06-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: IdenTrust Services, LLC
Root Certificates:
IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST Root CA X3
Standard Audit:
https://bug1484318.bmoattachments.org/attachment.cgi?id=9006625
Standard Audit Period End Date: 2018-06-30
BR Audit: https://bug1484318.bmoattachments.org/attachment.cgi?id=9006626
BR Audit Period End Date: 2018-06-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222449
Standard Audit Period End Date: 2018-06-08
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222450
BR Audit Period End Date: 2018-06-08
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222451
EV Audit Period End Date: 2018-06-08
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:
https://bug1286477.bmoattachments.org/attachment.cgi?id=9001516
Standard Audit Period End Date: 2018-03-26
BR Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001514
BR Audit Period End Date: 2018-03-26
EV Audit: https://bug1286477.bmoattachments.org/attachment.cgi?id=9001515
EV Audit Period End Date: 2018-03-26

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1566586
Update 8/16: "We are waiting for publication. We will update CCADB as
soon as possible when we get information from EY Poland."
____

Mozilla: Audit Reminder
CA Owner: SSL.com

Root Certificates:
SSL.com EV Root Certification Authority ECC**
SSL.com Root Certification Authority ECC**
SSL.com Root Certification Authority RSA**
SSL.com EV Root Certification Authority RSA R2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTCA-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf
Standard Audit Period End Date: 2018-06-30
BR Audit:
https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTBR-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf
BR Audit Period End Date: 2018-06-30
EV Audit:
https://cdn.ssl.com/app/uploads/2018/09/SSL-COM-WTEV-SSL-Indp-Acct-Report-and-Mgmt-Assertion-June-2018.pdf
EV Audit Period End Date: 2018-06-30
CA Comments: null

____

Kathleen Wilson

unread,

Sep 17, 2019, 3:20:24 PM9/17/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of September 2019 Audit Reminder Emails
Date: Tue, 17 Sep 2019 19:00:10 +0000 (GMT)

Mozilla: Your root is in danger of being removed

CA Owner: AC Camerfirma, S.A.
Root Certificates:
Chambers of Commerce Root - 2008**
Global Chambersign Root - 2008**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995928
Standard Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995931
EV Audit Period End Date: 2018-04-13

CA Comments: null

Note: CA requested updated BR and EV audit statements from their auditor
for these roots.

____

Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
E-Tugra Certification Authority
Standard Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
Standard Audit Period End Date: 2018-08-03
BR Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
BR Audit Period End Date: 2018-08-03
EV Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
EV Audit Period End Date: 2018-08-03

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST Root CA X3
Standard Audit:
https://bug1484318.bmoattachments.org/attachment.cgi?id=9006625
Standard Audit Period End Date: 2018-06-30
BR Audit: https://bug1484318.bmoattachments.org/attachment.cgi?id=9006626
BR Audit Period End Date: 2018-06-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:

SECOM Trust.net - Security Communication RootCA1**
Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222449
Standard Audit Period End Date: 2018-06-08
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222450
BR Audit Period End Date: 2018-06-08
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=222451
EV Audit Period End Date: 2018-06-08
CA Comments: null

Note: Audit Case looks good from Mozilla's perspective.

____

Mozilla: Audit Reminder
CA Owner: China Financial Certification Authority (CFCA)

Root Certificates:
CFCA EV ROOT
Standard Audit:

https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223505
Standard Audit Period End Date: 2018-07-31
BR Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223506
BR Audit Period End Date: 2018-07-31
EV Audit:
https://www.cpacanada.ca/generichandlers/aptifyattachmenthandler.ashx?attachmentid=223507
EV Audit Period End Date: 2018-07-31
CA Comments: null

____

Kathleen Wilson

unread,

Oct 15, 2019, 3:03:56 PM10/15/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of October 2019 Audit Reminder Emails
Date: Tue, 15 Oct 2019 19:00:07 +0000 (GMT)

Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
E-Tugra Certification Authority
Standard Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
Standard Audit Period End Date: 2018-08-03
BR Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
BR Audit Period End Date: 2018-08-03
EV Audit:
https://www.e-tugra.com.tr/Portals/6/Documents/LSTIAL_ETugra_2018.pdf
EV Audit Period End Date: 2018-08-03
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: NetLock Ltd.
Root Certificates:

NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit:

https://netlock.hu/download/etsi-certification-netlock/?wpdmdl=57340
Standard Audit Period End Date: 2018-09-03
BR Audit:
https://netlock.hu/download/etsi-certification-netlock/?wpdmdl=57340
BR Audit Period End Date: 2018-09-03

CA Comments: null

____

Mozilla: Audit Reminder

Kathleen Wilson

unread,

Nov 19, 2019, 3:09:01 PM11/19/19

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of November 2019 Audit Reminder Emails
Date: Tue, 19 Nov 2019 20:00:22 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: D-TRUST

Root Certificates:
D-TRUST Root CA 3 2013

D-TRUST Root Class 3 CA 2 2009

D-TRUST Root Class 3 CA 2 EV 2009

Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120703_D-Trust_Root_CA3_s.pdf
Standard Audit Period End Date: 2018-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120702_D-Trust-Root_Class3_CA2_s.pdf
Standard Audit Period End Date: 2018-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf
Standard Audit Period End Date: 2018-10-07
BR Audit:

BR Audit Period End Date:

BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120702_D-Trust-Root_Class3_CA2_s.pdf
BR Audit Period End Date: 2018-10-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf
BR Audit Period End Date: 2018-10-07
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018120701_D-Trust_Root_Class3_CA2_EV_s.pdf
EV Audit Period End Date: 2018-10-07

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Microsec Ltd.

Root Certificates:
Microsec e-Szigno Root CA 2009

Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018121301_Microsec-eSzignoRoot-CA-2009_nonEV-CAs_s.pdf
Standard Audit Period End Date: 2018-09-14
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2018121301_Microsec-eSzignoRoot-CA-2009_nonEV-CAs_s.pdf
BR Audit Period End Date: 2018-09-14

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SwissSign AG

Root Certificates:
SwissSign Gold CA - G2

SwissSign Platinum CA - G2
SwissSign Silver CA - G2
Standard Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
Standard Audit Period End Date: 2018-09-28
Standard Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122001_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf
Standard Audit Period End Date: 2018-09-28
Standard Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
Standard Audit Period End Date: 2018-09-28
BR Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
BR Audit Period End Date: 2018-09-28
BR Audit:

BR Audit Period End Date:

BR Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
BR Audit Period End Date: 2018-09-28
EV Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122002_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
EV Audit Period End Date: 2018-09-28

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SecureTrust

Root Certificates:
Secure Global CA
SecureTrust CA

XRamp Global Certification Authority
Standard Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223500
Standard Audit Period End Date: 2018-09-30
BR Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223501
BR Audit Period End Date: 2018-09-30
EV Audit:
https://www.cpacanada.ca/GenericHandlers/AptifyAttachmentHandler.ashx?AttachmentID=223502
EV Audit Period End Date: 2018-09-30
CA Comments: Changed CA Name from Trustwave to SecureTrust on February
1, 2019.

____

Kathleen Wilson

unread,

Jan 21, 2020, 4:53:51 PM1/21/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of January 2020 Audit Reminder Emails
Date: Tue, 21 Jan 2020 20:00:22 +0000 (GMT)
From: Mozilla CA Program Manager <kwi...@mozilla.com>
To: kwi...@mozilla.com <kwi...@mozilla.com>

Mozilla: Audit Reminder

CA Owner: Internet Security Research Group (ISRG)

Root Certificates:
ISRG Root X1
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224233
Standard Audit Period End Date: 2018-11-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224234
BR Audit Period End Date: 2018-11-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226440
Standard Audit Period End Date: 2018-12-18
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226441
BR Audit Period End Date: 2018-12-18

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Buypass
Root Certificates:
Buypass Class 2 Root CA
Buypass Class 3 Root CA
Standard Audit:

https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf
Standard Audit Period End Date: 2018-10-31
BR Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf
BR Audit Period End Date: 2018-10-31
EV Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/2db33e7e-5528-4cd4-83fa-50e3873f039e:b106edfa18530c142d3d0e2a899098244472bba6/ETS%20018.pdf
EV Audit Period End Date: 2018-10-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Dhimyotis / Certigna
Root Certificates:
Certigna
Certigna Root CA
Standard Audit:
https://www.lsti-certification.fr/images/23-_1373_AT_V3_0.pdf
Standard Audit Period End Date: 2018-11-23
BR Audit: https://www.lsti-certification.fr/images/23-_1373_AT_V3_0.pdf
BR Audit Period End Date: 2018-11-23

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: DigiCert

Root Certificates:
Symantec Class 1 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G6
GeoTrust Global CA
GeoTrust Primary Certification Authority
GeoTrust Primary Certification Authority - G2
GeoTrust Primary Certification Authority - G3
GeoTrust Universal CA
GeoTrust Universal CA 2
thawte Primary Root CA
thawte Primary Root CA - G2
thawte Primary Root CA - G3
VeriSign Class 1 Public Primary Certification Authority - G3
VeriSign Class 2 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G3
VeriSign Class 3 Public Primary Certification Authority - G4
VeriSign Class 3 Public Primary Certification Authority - G5
VeriSign Universal Root Certification Authority
Symantec Class 1 Public Primary Certification Authority - G6
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224491
Standard Audit Period End Date: 2018-10-31

BR Audit:
BR Audit Period End Date:
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224492
BR Audit Period End Date: 2018-10-31
EV Audit:

EV Audit Period End Date:

EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224493
EV Audit Period End Date: 2018-10-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:

Hongkong Post Root CA 3
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225877
Standard Audit Period End Date: 2018-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225878
BR Audit Period End Date: 2018-12-31
EV Audit:
https://www.ecert.gov.hk/ev/Webtrust%20EV%20SSL%20Report%2020181219_FINAL%20(with%20Management%20Assertion%20Letter).pdf
EV Audit Period End Date: 2018-11-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: SwissSign AG
Root Certificates:

SwissSign Platinum CA - G2**
SwissSign Silver CA - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122001_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf
Standard Audit Period End Date: 2018-09-28
Standard Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
Standard Audit Period End Date: 2018-09-28
BR Audit:

BR Audit Period End Date:
BR Audit:
https://it-tuv.com/wp-content/uploads/2018/12/AA2018122003_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
BR Audit Period End Date: 2018-09-28

CA Comments: Audit Cases under review by Microsoft, due to their Code
Signing trust bit.

____

Kathleen Wilson

unread,

Feb 18, 2020, 3:04:36 PM2/18/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of February 2020 Audit Reminder Emails
Date: Tue, 18 Feb 2020 20:00:10 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:
Staat der Nederlanden EV Root CA
Staat der Nederlanden Root CA - G3

Staat der Nederlanden Root CA - G2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224596

Standard Audit Period End Date: 2018-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224597

BR Audit Period End Date: 2018-12-31

BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9119053

BR Audit Period End Date: 2018-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=224598
EV Audit Period End Date: 2018-12-31

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226440
Standard Audit Period End Date: 2018-12-18
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=226441
BR Audit Period End Date: 2018-12-18
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
Hongkong Post Root CA 3

Hongkong Post Root CA 1

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225877
Standard Audit Period End Date: 2018-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225878
BR Audit Period End Date: 2018-12-31
EV Audit:
https://www.ecert.gov.hk/ev/Webtrust%20EV%20SSL%20Report%2020181219_FINAL%20(with%20Management%20Assertion%20Letter).pdf
EV Audit Period End Date: 2018-11-30
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: QuoVadis
Root Certificates:
QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3

QuoVadis Root Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227627

Standard Audit Period End Date: 2018-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227628

BR Audit Period End Date: 2018-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227629
EV Audit Period End Date: 2018-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
TWCA Global Root CA

TWCA Root Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225350

Standard Audit Period End Date: 2018-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225502

BR Audit Period End Date: 2018-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225503
EV Audit Period End Date: 2018-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Trustis
Root Certificates:
Trustis Limited - Trustis FPS Root CA
Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
FNMT-RCM - SHA256

Standard Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798

Standard Audit Period End Date: 2019-01-12

BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9057798

BR Audit Period End Date: 2019-01-12
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Amazon Trust Services
Root Certificates:
Amazon Root CA 3
Amazon Root CA 2
Starfield Services Root Certificate Authority - G2
Amazon Root CA 1
Amazon Root CA 4
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227776
Standard Audit Period End Date: 2019-01-15
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227777
BR Audit Period End Date: 2019-01-15
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=227778
EV Audit Period End Date: 2019-01-15
CA Comments: null

____

Kathleen Wilson

unread,

Mar 17, 2020, 3:03:05 PM3/17/20

to mozilla-dev-s...@lists.mozilla.org

CA Owner: certSIGN
Root Certificates:
certSIGN ROOT CA

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553
Standard Audit Period End Date: 2019-02-08
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551
BR Audit Period End Date: 2019-02-08

TWCA Global Root CA**
TWCA Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225350
Standard Audit Period End Date: 2018-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225502
BR Audit Period End Date: 2018-12-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=225503
EV Audit Period End Date: 2018-12-31
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:

Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Kathleen Wilson

unread,

Apr 21, 2020, 5:41:13 PM4/21/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of April 2020 Audit Reminder Emails
Date: Tue, 21 Apr 2020 19:00:09 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly
Guang Dong Certificate Authority (GDCA))
Root Certificates:
GDCA TrustAUTH R5 ROOT
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229546
Standard Audit Period End Date: 2019-02-28
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229547
BR Audit Period End Date: 2019-02-28
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229548
EV Audit Period End Date: 2019-02-28

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SK ID Solutions AS
Root Certificates:
EE Certification Centre Root CA
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf
Standard Audit Period End Date: 2019-03-01
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf
BR Audit Period End Date: 2019-03-01

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: certSIGN
Root Certificates:
certSIGN ROOT CA
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553
Standard Audit Period End Date: 2019-02-08
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551
BR Audit Period End Date: 2019-02-08
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Cybertrust Japan / JCSI
Root Certificates:

SecureSign RootCA11**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229662
Standard Audit Period End Date: 2019-02-28
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229661
BR Audit Period End Date: 2019-02-28

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Entrust
Root Certificates:
Entrust Root Certification Authority - EC1

Entrust Root Certification Authority - G2
Entrust Root Certification Authority - G4

AffirmTrust Commercial
AffirmTrust Networking
AffirmTrust Premium

AffirmTrust Premium ECC

Entrust Root Certification Authority
Entrust.net Certification Authority (2048)
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230012
Standard Audit Period End Date: 2019-02-28
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230013
Standard Audit Period End Date: 2019-02-28
BR Audit:
https://www.entrustdatacard.com/-/media/documentation/licensingandagreements/ecs/2019-entrust-baseline-requirements-report.pdf
BR Audit Period End Date: 2019-02-28
BR Audit:
https://www.affirmtrust.com/wp-content/uploads/2019-AFT-Baseline-Requirements-report.pdf
BR Audit Period End Date: 2019-02-28
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230012
EV Audit Period End Date: 2019-02-28
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230013
EV Audit Period End Date: 2019-02-28
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Trustis
Root Certificates:
Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1623472

____

Mozilla: Audit Reminder

CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234363
Standard Audit Period End Date: 2019-03-04
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234364
BR Audit Period End Date: 2019-03-04
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234365
EV Audit Period End Date: 2019-03-04
CA Comments: null

____

Kathleen Wilson

unread,

May 19, 2020, 4:46:36 PM5/19/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of May 2020 Audit Reminder Emails
Date: Tue, 19 May 2020 19:00:17 +0000 (GMT)

Mozilla: Audit Reminder
CA Owner: Global Digital Cybersecurity Authority Co., Ltd. (Formerly
Guang Dong Certificate Authority (GDCA))
Root Certificates:
GDCA TrustAUTH R5 ROOT
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229546
Standard Audit Period End Date: 2019-02-28
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229547
BR Audit Period End Date: 2019-02-28
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229548
EV Audit Period End Date: 2019-02-28
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: LuxTrust
Root Certificates:
LuxTrust Global Root 2
Standard Audit:

https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf
Standard Audit Period End Date: 2019-03-29
BR Audit:
https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf
BR Audit Period End Date: 2019-03-29
EV Audit:
https://www.lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_11085-124_V10.pdf
EV Audit Period End Date: 2019-03-29

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: SK ID Solutions AS
Root Certificates:
EE Certification Centre Root CA
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf
Standard Audit Period End Date: 2019-03-01
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019051701_SK_EE_Certification_Centre_Root_CA_s.pdf
BR Audit Period End Date: 2019-03-01
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Autoridad de Certificacion Firmaprofesional
Root Certificates:
Autoridad de Certificacion Firmaprofesional CIF A62634068
Standard Audit:

https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf
Standard Audit Period End Date: 2019-03-27
BR Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf
BR Audit Period End Date: 2019-03-27
EV Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-FP_v4%20c.pdf
EV Audit Period End Date: 2019-03-27

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: AC Camerfirma, S.A.
Root Certificates:
Chambers of Commerce Root
Chambers of Commerce Root - 2008

Global Chambersign Root
Global Chambersign Root - 2008

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230425
Standard Audit Period End Date: 2019-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=8995930
BR Audit Period End Date: 2018-04-13
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9072794
BR Audit Period End Date: 2019-03-28
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236204
BR Audit Period End Date: 2019-04-13
EV Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9072794
EV Audit Period End Date: 2019-03-28

CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: certSIGN
Root Certificates:

certSIGN ROOT CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229553
Standard Audit Period End Date: 2019-02-08
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=229551
BR Audit Period End Date: 2019-02-08

CA Comments: Audit statements provided, waiting for Seals to be provided
by CPA Canada.

____

Mozilla: Audit Reminder

CA Owner: Sectigo
Root Certificates:
COMODO RSA Certification Authority
USERTrust ECC Certification Authority
AAA Certificate Services
AddTrust Class 1 CA Root
AddTrust External CA Root
COMODO Certification Authority
COMODO ECC Certification Authority

USERTrust RSA Certification Authority
Standard Audit:
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163
BR Audit Period End Date: 2019-03-31
BR Audit:

BR Audit Period End Date:

EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164
EV Audit Period End Date: 2019-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert)
Root Certificates:
EC-ACC

Standard Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-2%20PSC-CAOC_v4.pdf
Standard Audit Period End Date: 2019-03-28
BR Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2019%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-CAOC_v4.pdf
BR Audit Period End Date: 2019-03-28

Mozilla: Audit Reminder

CA Owner: GlobalSign
Root Certificates:
GlobalSign

GlobalSign
GlobalSign
GlobalSign Root CA
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231566
Standard Audit Period End Date: 2019-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9112465
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231568
EV Audit Period End Date: 2019-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Taiwan, Government Root Certification Authority
(GRCA)
Root Certificates:
Government Root Certification Authority - Taiwan

Standard Audit:
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_XCA_WTCA_Audit_Report_2019.pdf
Standard Audit Period End Date: 2019-03-31
BR Audit:
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_BR_Audit_Report_2019.pdf
BR Audit Period End Date: 2019-03-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: HARICA
Root Certificates:
Hellenic Academic and Research Institutions RootCA 2011
Hellenic Academic and Research Institutions ECC RootCA 2015
Hellenic Academic and Research Institutions RootCA 2015
Standard Audit:

https://repo.harica.gr/documents/HARICA-AUDIT_ATTESTATION_W_ANNEX_290617-7-R2-AA-text.pdf
Standard Audit Period End Date: 2019-03-29
BR Audit:
https://repo.harica.gr/documents/HARICA-AUDIT_ATTESTATION_W_ANNEX_290617-7-R2-AA-text.pdf
BR Audit Period End Date: 2019-03-29

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Telia Company (formerly TeliaSonera)
Root Certificates:
Sonera Class2 CA
TeliaSonera Root CA v1
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231161
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://support.trust.telia.com/download/CA/Telia-WebTrust-For-CA-SSL-Baseline-With-Network-Security-Report-2019.pdf
BR Audit Period End Date: 2019-03-31

CA Comments: null

____

Mozilla: Overdue Audit Statements
CA Owner: Trustis
Root Certificates:
Trustis Limited - Trustis FPS Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
Standard Audit Period End Date: 2019-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9047305
BR Audit Period End Date: 2019-01-15

CA Comments: Fixed audit statements provided. Waiting for auditor to
confirm authenticity of the document. The auditor is currently
"furloughed as part of managing the impact of COVID-19 on the business".

____

Mozilla: Audit Reminder
CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234363
Standard Audit Period End Date: 2019-03-04
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234364
BR Audit Period End Date: 2019-03-04
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234365
EV Audit Period End Date: 2019-03-04
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Web.com
Root Certificates:
Network Solutions Certificate Authority
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230861
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230862
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230863
EV Audit Period End Date: 2019-03-31
CA Comments: null

____

Kathleen Wilson

unread,

Jun 18, 2020, 6:37:12 PM6/18/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of June 2020 Audit Reminder Emails
Date: Tue, 16 Jun 2020 19:00:31 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Shanghai Electronic Certification Authority Co., Ltd. (SHECA)
Root Certificates:
UCA Extended Validation Root
UCA Global G2 Root
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230630
Standard Audit Period End Date: 2019-04-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230631
BR Audit Period End Date: 2019-04-30
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=230632
EV Audit Period End Date: 2019-04-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Atos
Root Certificates:
Atos TrustedRoot 2011**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-D4601883F55A11E9B50B005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=ebe97140cee29a7c498ca32f1d76cc2143a5a383&aoemydqs%5Baction%5D=downloadDocument&cHash=f86244b64421ebaad940
Standard Audit Period End Date: 2019-04-28
BR Audit:
https://www.mydqs.com/kunden/kundendatenbank.html?aoemydqs%5BrequestId%5D=europev2-DQS-D4601883F55A11E9B50B005056A04F41-_v2&aoemydqs%5BdownloadKey%5D=ebe97140cee29a7c498ca32f1d76cc2143a5a383&aoemydqs%5Baction%5D=downloadDocument&cHash=f86244b64421ebaad940
BR Audit Period End Date: 2019-04-28

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: GlobalSign
Root Certificates:
GlobalSign
GlobalSign
GlobalSign
GlobalSign Root CA
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231566
Standard Audit Period End Date: 2019-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9112465
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231568
EV Audit Period End Date: 2019-03-31
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat
Valenciana (ACCV)
Root Certificates:
ACCVRAIZ1
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232656
Standard Audit Period End Date: 2019-04-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232657
BR Audit Period End Date: 2019-04-30

Mozilla: Audit Reminder
CA Owner: T-Systems International GmbH (Deutsche Telekom)
Root Certificates:

T-TeleSec GlobalRoot Class 2
T-TeleSec GlobalRoot Class 3
Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019072602_T-TeleSec-GlobalRoot-Class-2_V1.0_s.pdf
Standard Audit Period End Date: 2019-05-09
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019072601_T-TeleSec-GlobalRoot-Class-3_V1.0_s.pdf
Standard Audit Period End Date: 2019-05-09
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019072602_T-TeleSec-GlobalRoot-Class-2_V1.0_s.pdf
BR Audit Period End Date: 2019-05-09
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019072601_T-TeleSec-GlobalRoot-Class-3_V1.0_s.pdf
BR Audit Period End Date: 2019-05-09
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019072601_T-TeleSec-GlobalRoot-Class-3_V1.0_s.pdf
EV Audit Period End Date: 2019-05-09

Kathleen Wilson

unread,

Jul 27, 2020, 2:27:56 PM7/27/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of July 2020 Audit Reminder Emails
Date: Tue, 21 Jul 2020 19:00:13 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: eMudhra Technologies Limited
Root Certificates:
emSign Root CA - C1
emSign ECC Root CA - C3
emSign ECC Root CA - G3
emSign Root CA - G1
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195
Standard Audit Period End Date: 2019-05-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196
BR Audit Period End Date: 2019-05-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204
EV Audit Period End Date: 2019-05-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Actalis
Root Certificates:
Actalis Authentication Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx
Standard Audit Period End Date: 2019-05-31
BR Audit:
https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx
BR Audit Period End Date: 2019-05-31
EV Audit:
https://www.actalis.it/documenti-en/actalisca_audit_statement_2019.aspx
EV Audit Period End Date: 2019-05-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Disig, a.s.
Root Certificates:
CA Disig Root R2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit: https://eidas.disig.sk/pdf/Audit2019_report.pdf
Standard Audit Period End Date: 2019-05-24
BR Audit: https://eidas.disig.sk/pdf/Audit2019_report.pdf
BR Audit Period End Date: 2019-05-24

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Chunghwa Telecom
Root Certificates:

Chunghwa Telecom Co., Ltd. - ePKI Root Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232565
Standard Audit Period End Date: 2019-05-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232566
BR Audit Period End Date: 2019-05-31
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Sectigo
Root Certificates:

COMODO RSA Certification Authority**
USERTrust ECC Certification Authority**
AAA Certificate Services**
COMODO Certification Authority**
COMODO ECC Certification Authority**
USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163
BR Audit Period End Date: 2019-03-31

EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164
EV Audit Period End Date: 2019-03-31
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: GlobalSign
Root Certificates:

GlobalSign**
GlobalSign**
GlobalSign**
GlobalSign Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231566
Standard Audit Period End Date: 2019-03-31
BR Audit: https://bugzilla.mozilla.org/attachment.cgi?id=9112465
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231568
EV Audit Period End Date: 2019-03-31
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Government of Spain, Autoritat de Certificació de la Comunitat
Valenciana (ACCV)
Root Certificates:
ACCVRAIZ1
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232656
Standard Audit Period End Date: 2019-04-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=232657
BR Audit Period End Date: 2019-04-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Government of Taiwan, Government Root Certification Authority
(GRCA)
Root Certificates:

Government Root Certification Authority - Taiwan**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

http://grca.nat.gov.tw/download/Audit/GRCA_GCA_XCA_WTCA_Audit_Report_2019.pdf
Standard Audit Period End Date: 2019-03-31
BR Audit:
http://grca.nat.gov.tw/download/Audit/GRCA_GCA_BR_Audit_Report_2019.pdf
BR Audit Period End Date: 2019-03-31
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Izenpe S.A.
Root Certificates:
Izenpe.com
Standard Audit:
http://lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_1652-127_V21_S_copie.pdf
Standard Audit Period End Date: 2019-05-24
BR Audit:
http://lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_1652-127_V21_S_copie.pdf
BR Audit Period End Date: 2019-05-24
EV Audit:
http://lsti-certification.fr/images/LSTI_Audit_Atttestation_Letter_1652-127_V21_S_copie.pdf
EV Audit Period End Date: 2019-05-24

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:

SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693
Standard Audit Period End Date: 2019-06-06
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694
BR Audit Period End Date: 2019-06-06
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695
EV Audit Period End Date: 2019-06-06
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Telia Company (formerly TeliaSonera)
Root Certificates:

Sonera Class2 CA**
TeliaSonera Root CA v1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231161
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://support.trust.telia.com/download/CA/Telia-WebTrust-For-CA-SSL-Baseline-With-Network-Security-Report-2019.pdf
BR Audit Period End Date: 2019-03-31
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Deutsche Telekom Security GmbH

Kathleen Wilson

unread,

Aug 18, 2020, 3:54:31 PM8/18/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of August 2020 Audit Reminder Emails
Date: Tue, 18 Aug 2020 19:00:34 +0000 (GMT)

Mozilla: Audit Reminder
CA Owner: eMudhra Technologies Limited
Root Certificates:
emSign Root CA - C1
emSign ECC Root CA - C3
emSign ECC Root CA - G3
emSign Root CA - G1
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195
Standard Audit Period End Date: 2019-05-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196
BR Audit Period End Date: 2019-05-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204
EV Audit Period End Date: 2019-05-31
CA Comments: null

____

Mozilla: Audit Reminder

Mozilla: Audit Reminder
CA Owner: GoDaddy
Root Certificates:
Go Daddy Class 2 CA
Go Daddy Root Certificate Authority - G2
Starfield Class 2 CA

Starfield Root Certificate Authority - G2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234200
Standard Audit Period End Date: 2019-06-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234201
BR Audit Period End Date: 2019-06-30
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234202
EV Audit Period End Date: 2019-06-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: IdenTrust Services, LLC
Root Certificates:
IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST Root CA X3
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236834
Standard Audit Period End Date: 2019-06-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236835
BR Audit Period End Date: 2019-06-30

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
SECOM Trust.net - Security Communication RootCA1
Security Communication RootCA2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693
Standard Audit Period End Date: 2019-06-06
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694
BR Audit Period End Date: 2019-06-06
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695
EV Audit Period End Date: 2019-06-06
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: SSL.com
Root Certificates:
SSL.com EV Root Certification Authority ECC

SSL.com Root Certification Authority ECC
SSL.com Root Certification Authority RSA

SSL.com EV Root Certification Authority RSA R2

Standard Audit:
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTCA-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf
Standard Audit Period End Date: 2019-06-30
BR Audit:
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTBR-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf
BR Audit Period End Date: 2019-06-30
EV Audit:
https://cdn.ssl.com/app/uploads/2020/02/SSLcom-2019-WTEV-SSL-Indp-Acct-Report-and-Mgmt-Assertion-June-2019-REVISED-FINAL.pdf
EV Audit Period End Date: 2019-06-30
CA Comments: null

____

Kathleen Wilson

unread,

Sep 15, 2020, 6:22:09 PM9/15/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of September 2020 Audit Reminder Emails
Date: Tue, 15 Sep 2020 19:00:12 +0000 (GMT)

Mozilla: Overdue Audit Statements

CA Owner: eMudhra Technologies Limited
Root Certificates:

emSign Root CA - C1**
emSign ECC Root CA - C3**
emSign ECC Root CA - G3**
emSign Root CA - G1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234195
Standard Audit Period End Date: 2019-05-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234196
BR Audit Period End Date: 2019-05-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234204
EV Audit Period End Date: 2019-05-31

CA Comments: Audit statements pass ALV. Waiting for test website updates.

____

Mozilla: Your root is in danger of being removed

CA Owner: Sectigo
Root Certificates:
COMODO RSA Certification Authority**
USERTrust ECC Certification Authority**
AAA Certificate Services**
COMODO Certification Authority**
COMODO ECC Certification Authority**
USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164
EV Audit Period End Date: 2019-03-31

CA Comments: Audit statements provided via Bugzilla. Waiting for
WebTrust Seals

____

Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
E-Tugra Certification Authority
Standard Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
Standard Audit Period End Date: 2019-07-26
BR Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
BR Audit Period End Date: 2019-07-26
EV Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
EV Audit Period End Date: 2019-07-26

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: GoDaddy
Root Certificates:

Go Daddy Class 2 CA**
Go Daddy Root Certificate Authority - G2**
Starfield Class 2 CA**
Starfield Root Certificate Authority - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234200
Standard Audit Period End Date: 2019-06-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234201
BR Audit Period End Date: 2019-06-30
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234202
EV Audit Period End Date: 2019-06-30
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: IdenTrust Services, LLC
Root Certificates:
IdenTrust Commercial Root CA 1
IdenTrust Public Sector Root CA 1
DST Root CA X3
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236834
Standard Audit Period End Date: 2019-06-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236835
BR Audit Period End Date: 2019-06-30
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:

SECOM Trust.net - Security Communication RootCA1**
Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693
Standard Audit Period End Date: 2019-06-06
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694
BR Audit Period End Date: 2019-06-06
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695
EV Audit Period End Date: 2019-06-06
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: China Financial Certification Authority (CFCA)
Root Certificates:

CFCA EV ROOT
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236836
Standard Audit Period End Date: 2019-07-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236837
BR Audit Period End Date: 2019-07-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236838
EV Audit Period End Date: 2019-07-31

Kathleen Wilson

unread,

Sep 18, 2020, 7:05:11 PM9/18/20

to mozilla-dev-s...@lists.mozilla.org

On 9/15/20 3:21 PM, Kathleen Wilson wrote:
> -------- Forwarded Message --------
> Subject: Summary of September 2020 Audit Reminder Emails
<snip>
> ____
>
> Mozilla: Audit Reminder
> CA Owner: E-Tugra
> Root Certificates:
> E-Tugra Certification Authority
> Standard Audit:
> https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
> Standard Audit Period End Date: 2019-07-26
> BR Audit:
> https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
> BR Audit Period End Date: 2019-07-26
> EV Audit:
> https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
> EV Audit Period End Date: 2019-07-26
> CA Comments: null
>

E-Tugra's representative has reminded me that they filed
https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 to inform us of
audit delay due to Covid19.

Thanks,
Kathleen

Kathleen Wilson

unread,

Oct 20, 2020, 3:42:11 PM10/20/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of October 2020 Audit Reminder Emails
Date: Tue, 20 Oct 2020 19:00:26 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Internet Security Research Group (ISRG)
Root Certificates:

ISRG Root X1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238186
Standard Audit Period End Date: 2019-08-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238187
BR Audit Period End Date: 2019-08-31
CA Comments: null

____

Mozilla: Your root is in danger of being removed
CA Owner: Sectigo
Root Certificates:
COMODO RSA Certification Authority**
USERTrust ECC Certification Authority**
AAA Certificate Services**
COMODO Certification Authority**
COMODO ECC Certification Authority**
USERTrust RSA Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://bug1472993.bmoattachments.org/attachment.cgi?id=9078178
Standard Audit Period End Date: 2019-03-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231163
BR Audit Period End Date: 2019-03-31
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=231164

EV Audit Period End Date: 2019-03-31

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1648593

Audit statements provided via Bugzilla. Waiting for WebTrust Seals

____

Mozilla: Audit Reminder
CA Owner: E-Tugra
Root Certificates:
E-Tugra Certification Authority
Standard Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
Standard Audit Period End Date: 2019-07-26
BR Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
BR Audit Period End Date: 2019-07-26
EV Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
EV Audit Period End Date: 2019-07-26

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 --

audit delay due to Covid19.

____

Mozilla: Audit Reminder

CA Owner: Microsec Ltd.
Root Certificates:
Microsec e-Szigno Root CA 2009

e-Szigno Root CA 2017
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121301_Microsec-eSzignoRoot-CA-2009_V1.2_s.pdf
Standard Audit Period End Date: 2019-09-14
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121302_e-Szigno-Root-CA-2017_V1.1_s.pdf
Standard Audit Period End Date: 2019-09-14
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121301_Microsec-eSzignoRoot-CA-2009_V1.2_s.pdf
BR Audit Period End Date: 2019-09-14
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/en/AA2019121302_e-Szigno-Root-CA-2017_V1.1_s.pdf
BR Audit Period End Date: 2019-09-14
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: NetLock Ltd.
Root Certificates:
NetLock Arany (Class Gold) Főtanúsítvány
Standard Audit:

http://eng.matrix-tanusito.hu/wp-content/uploads/2019/11/I-NL19T2_TAN.EN_TAN.ME-01_signed.pdf
Standard Audit Period End Date: 2019-09-03
BR Audit:
http://eng.matrix-tanusito.hu/wp-content/uploads/2019/11/I-NL19T2_TAN.EN_TAN.ME-01_signed.pdf
BR Audit Period End Date: 2019-09-03

CA Comments: null

____

Mozilla: Overdue Audit Statements
CA Owner: SECOM Trust Systems CO., LTD.
Root Certificates:
SECOM Trust.net - Security Communication RootCA1**
Security Communication RootCA2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234693
Standard Audit Period End Date: 2019-06-06
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234694
BR Audit Period End Date: 2019-06-06
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=234695

EV Audit Period End Date: 2019-06-06

CA Comments: CA is updating the test websites

____

Mozilla: Audit Reminder

Kathleen Wilson

unread,

Nov 18, 2020, 4:26:50 PM11/18/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of November 2020 Audit Reminder Emails
Date: Tue, 17 Nov 2020 20:01:50 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Google Trust Services LLC (GTS)
Root Certificates:
GTS Root R2
GTS Root R3
GTS Root R4
GTS Root R1
GlobalSign
GlobalSign
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236832
Standard Audit Period End Date: 2019-09-30
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=236833
BR Audit Period End Date: 2019-09-30

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: D-TRUST
Root Certificates:
D-TRUST Root CA 3 2013
D-TRUST Root Class 3 CA 2 2009
D-TRUST Root Class 3 CA 2 EV 2009
Standard Audit:

https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120301_D-TRUST_Root_CA3_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
BR Audit:

BR Audit Period End Date:

BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf
BR Audit Period End Date: 2019-10-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
BR Audit Period End Date: 2019-10-07
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
EV Audit Period End Date: 2019-10-07

CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: E-Tugra
Root Certificates:
E-Tugra Certification Authority
Standard Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
Standard Audit Period End Date: 2019-07-26
BR Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
BR Audit Period End Date: 2019-07-26
EV Audit:
https://lsti-certification.fr/images/LSTI_1646_135_AL-V10_E-Tugra.pdf
EV Audit Period End Date: 2019-07-26

CA Comments: https://bugzilla.mozilla.org/show_bug.cgi?id=1659426 --
audit delay due to Covid19.

____

Mozilla: Audit Reminder

CA Owner: SwissSign AG
Root Certificates:

SwissSign Gold CA - G2
SwissSign Platinum CA - G2

SwissSign Silver CA - G2
Standard Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
Standard Audit Period End Date: 2019-10-02
Standard Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121901_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf
Standard Audit Period End Date: 2019-09-27
Standard Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
Standard Audit Period End Date: 2019-09-27
BR Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
BR Audit Period End Date: 2019-10-02
BR Audit:

BR Audit Period End Date:

BR Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
BR Audit Period End Date: 2019-09-27
EV Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
EV Audit Period End Date: 2019-10-02

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: SecureTrust
Root Certificates:
Secure Global CA
SecureTrust CA

Trustwave Global ECC P256 Certification Authority
Trustwave Global Certification Authority
Trustwave Global ECC P384 Certification Authority
XRamp Global Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=237400
Standard Audit Period End Date: 2019-09-30
BR Audit:
https://certs.securetrust.com/CA/2%20-%20SecureTrust%202019%20SSL%20BL%20Report.pdf
BR Audit Period End Date: 2019-09-30
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=237401
EV Audit Period End Date: 2019-09-30

Kathleen Wilson

unread,

Dec 15, 2020, 7:23:31 PM12/15/20

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of December 2020 Audit Reminder Emails
Date: Tue, 15 Dec 2020 20:00:28 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: DigiCert
Root Certificates:

Symantec Class 2 Public Primary Certification Authority - G6

Symantec Class 1 Public Primary Certification Authority - G6
VeriSign Universal Root Certification Authority

Baltimore CyberTrust Root
Cybertrust Global Root
DigiCert Assured ID Root CA

DigiCert Assured ID Root G2
GeoTrust Primary Certification Authority - G2
DigiCert Trusted Root G4
DigiCert Assured ID Root G3

VeriSign Class 1 Public Primary Certification Authority - G3
VeriSign Class 2 Public Primary Certification Authority - G3

Standard Audit:
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123453
Standard Audit Period End Date: 2019-10-31
Standard Audit:
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123443
Standard Audit Period End Date: 2019-10-31
Standard Audit:
https://bug1458024.bmoattachments.org/attachment.cgi?id=9123448
Standard Audit Period End Date: 2019-10-31

BR Audit:
BR Audit Period End Date:

BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123452
BR Audit Period End Date: 2019-10-31
BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123442
BR Audit Period End Date: 2019-10-31
BR Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123447
BR Audit Period End Date: 2019-10-31
EV Audit:

EV Audit Period End Date:

EV Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123454
EV Audit Period End Date: 2019-10-31
EV Audit: https://bug1458024.bmoattachments.org/attachment.cgi?id=9123445
EV Audit Period End Date: 2019-10-31

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: D-TRUST
Root Certificates:

D-TRUST Root CA 3 2013**
D-TRUST Root Class 3 CA 2 2009**
D-TRUST Root Class 3 CA 2 EV 2009**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120301_D-TRUST_Root_CA3_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
Standard Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
Standard Audit Period End Date: 2019-10-07
BR Audit:
BR Audit Period End Date:
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120302_D-TRUST_Root_Class_3_CA_2_2009_V1.0_s.pdf
BR Audit Period End Date: 2019-10-07
BR Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
BR Audit Period End Date: 2019-10-07
EV Audit:
https://www.tuvit.de/fileadmin/Content/TUV_IT/zertifikate/de/AA2019120303_D-TRUST_Root_Class3_CA2_EV_V1.0_s.pdf
EV Audit Period End Date: 2019-10-07
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: SwissSign AG
Root Certificates:

SwissSign Gold CA - G2**

SwissSign Platinum CA - G2**
SwissSign Silver CA - G2**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
Standard Audit Period End Date: 2019-10-02
Standard Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121901_Audit_Attestation_TA_CERT__SwissSign_Platinum_G2.pdf
Standard Audit Period End Date: 2019-09-27
Standard Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
Standard Audit Period End Date: 2019-09-27
BR Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
BR Audit Period End Date: 2019-10-02
BR Audit:
BR Audit Period End Date:
BR Audit:
https://it-tuv.com/wp-content/uploads/2020/01/AA2019121903_Audit_Attestation_TA_CERT__SwissSign_Silver_G2.pdf
BR Audit Period End Date: 2019-09-27
EV Audit:
https://it-tuv.com/wp-content/uploads/2019/12/AA2019121902_Audit_Attestation_TA_CERT__SwissSign_Gold_G2.pdf
EV Audit Period End Date: 2019-10-02
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Buypass
Root Certificates:
Buypass Class 2 Root CA

Buypass Class 3 Root CA
Standard Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
Standard Audit Period End Date: 2019-10-31
BR Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
BR Audit Period End Date: 2019-10-31
EV Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
EV Audit Period End Date: 2019-10-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Dhimyotis / Certigna
Root Certificates:

Certigna Root CA
Certigna
Standard Audit:
https://lsti-certification.fr/images/23_1377_AT_V10__LSTI_-_Attestation_letter_2020.pdf
Standard Audit Period End Date: 2019-10-18
BR Audit:
https://lsti-certification.fr/images/23_1377_AT_V10__LSTI_-_Attestation_letter_2020.pdf
BR Audit Period End Date: 2019-10-18
CA Comments: null

____

Kathleen Wilson

unread,

Jan 19, 2021, 5:35:21 PM1/19/21

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of January 2021 Audit Reminder Emails
Date: Tue, 19 Jan 2021 20:00:30 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854
Standard Audit Period End Date: 2019-12-18
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855
BR Audit Period End Date: 2019-12-18

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
Hongkong Post Root CA 3

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238797
Standard Audit Period End Date: 2019-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238798
BR Audit Period End Date: 2019-12-31
EV Audit: https://www.ecert.gov.hk/ev/Webtrust_EVSSL_2019.pdf
EV Audit Period End Date: 2019-11-30

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Buypass
Root Certificates:

Buypass Class 2 Root CA**
Buypass Class 3 Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
Standard Audit Period End Date: 2019-10-31
BR Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
BR Audit Period End Date: 2019-10-31
EV Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
EV Audit Period End Date: 2019-10-31
CA Comments: null

____

Mozilla: Overdue Audit Statements

CA Owner: Dhimyotis / Certigna
Root Certificates:

Certigna Root CA**
Certigna**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

Kathleen Wilson

unread,

Feb 16, 2021, 4:54:50 PM2/16/21

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of February 2021 Audit Reminder Emails
Date: Tue, 16 Feb 2021 20:01:02 +0000 (GMT)

Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854
Standard Audit Period End Date: 2019-12-18
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855
BR Audit Period End Date: 2019-12-18
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:
Hongkong Post Root CA 3

Hongkong Post Root CA 1

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238797
Standard Audit Period End Date: 2019-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238798
BR Audit Period End Date: 2019-12-31
EV Audit: https://www.ecert.gov.hk/ev/Webtrust_EVSSL_2019.pdf
EV Audit Period End Date: 2019-11-30
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: QuoVadis
Root Certificates:
QuoVadis Root CA 1 G3
QuoVadis Root CA 2
QuoVadis Root CA 2 G3
QuoVadis Root CA 3
QuoVadis Root CA 3 G3

QuoVadis Root Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239021

Standard Audit Period End Date: 2019-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239022

BR Audit Period End Date: 2019-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239023
EV Audit Period End Date: 2019-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
Root Certificates:
FNMT-RCM - SHA256
Standard Audit:

https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf
Standard Audit Period End Date: 2020-01-12
BR Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf
BR Audit Period End Date: 2020-01-12

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:
TWCA Global Root CA

TWCA Root Certification Authority
Standard Audit:
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238799

Standard Audit Period End Date: 2019-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238800

BR Audit Period End Date: 2019-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238801
EV Audit Period End Date: 2019-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Trustis
Root Certificates:

Trustis Limited - Trustis FPS Root CA
Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
Standard Audit Period End Date: 2020-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
BR Audit Period End Date: 2020-01-15

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Government of The Netherlands, PKIoverheid (Logius)
Root Certificates:

Staat der Nederlanden Root CA - G3

Staat der Nederlanden EV Root CA
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238851

Standard Audit Period End Date: 2019-12-31
BR Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238852

BR Audit Period End Date: 2019-12-31
EV Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238853
EV Audit Period End Date: 2019-12-31

CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Amazon Trust Services
Root Certificates:
Amazon Root CA 3
Amazon Root CA 2

Amazon Root CA 1
Amazon Root CA 4

Starfield Services Root Certificate Authority - G2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239088
Standard Audit Period End Date: 2020-01-15
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239089
BR Audit Period End Date: 2020-01-15
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239090
EV Audit Period End Date: 2020-01-15

CA Comments: null

____

Mozilla: Overdue Audit Statements
CA Owner: Buypass
Root Certificates:
Buypass Class 2 Root CA**
Buypass Class 3 Root CA**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
Standard Audit Period End Date: 2019-10-31
BR Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
BR Audit Period End Date: 2019-10-31
EV Audit:
https://www.buypass.com/the-company/certification/_/attachment/download/413dca90-da68-483e-80e4-3978e33a8e98:76247c1b8cacd26f80531a2929c2a739db2b5159/ETS%20018.pdf
EV Audit Period End Date: 2019-10-31

CA Comments: Waiting for the audit statements to be posted on the
auditor's website. Currently they are provided via the CA's website.

____

Kathleen Wilson

unread,

Mar 16, 2021, 8:26:17 PM3/16/21

to mozilla-dev-s...@lists.mozilla.org

-------- Forwarded Message --------
Subject: Summary of March 2021 Audit Reminder Emails
Date: Tue, 16 Mar 2021 19:02:12 +0000 (GMT)

Mozilla: Audit Reminder

CA Owner: certSIGN
Root Certificates:
certSIGN ROOT CA

Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239757
Standard Audit Period End Date: 2020-02-07
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239758
BR Audit Period End Date: 2020-02-07

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Krajowa Izba Rozliczeniowa S.A. (KIR)
Root Certificates:
SZAFIR ROOT CA2
Standard Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238854
Standard Audit Period End Date: 2019-12-18
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=238855
BR Audit Period End Date: 2019-12-18
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Government of Hong Kong (SAR), Hongkong Post, Certizen
Root Certificates:

Hongkong Post Root CA 3**
Hongkong Post Root CA 1**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

AC RAIZ FNMT-RCM SERVIDORES SEGUROS

FNMT-RCM - SHA256
Standard Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf
Standard Audit Period End Date: 2020-01-12
BR Audit:

https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%201%20ETSI%20319%20411-2%20PSC-2019-003%20-%20FNMT-v2.pdf

BR Audit Period End Date: 2020-01-12
BR Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%202%20ETSI%20319%20411-1%20PSC-2019-003%20-%20FNMT-v2.pdf
BR Audit Period End Date: 2020-01-12

EV Audit:
https://www.aenor.com/Certificacion_Documentos/eiDas/2020%20AENOR%20Anexo%201%20ETSI%20319%20411-2%20PSC-2019-003%20-%20FNMT-v2.pdf
EV Audit Period End Date: 2020-01-12

CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Taiwan-CA Inc. (TWCA)
Root Certificates:

TWCA Global Root CA**
TWCA Root Certification Authority**

** Audit Case in the Common CA Database is under review for this root
certificate.

Standard Audit:

https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238799
Standard Audit Period End Date: 2019-12-31
BR Audit:
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238800
BR Audit Period End Date: 2019-12-31
EV Audit:
https://www.cpacanada.ca/generichandlers/cpachandler.ashx?AttachmentID=238801
EV Audit Period End Date: 2019-12-31
CA Comments: null

____

Mozilla: Audit Reminder
CA Owner: Trustis
Root Certificates:
Trustis Limited - Trustis FPS Root CA
Standard Audit:
https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
Standard Audit Period End Date: 2020-01-15
BR Audit: https://bug1360184.bmoattachments.org/attachment.cgi?id=9146189
BR Audit Period End Date: 2020-01-15
CA Comments: null

____

Mozilla: Audit Reminder

CA Owner: Asseco Data Systems S.A. (previously Unizeto Certum)
Root Certificates:
Certum Trusted Network CA 2
Certum CA
Certum Trusted Network CA
Standard Audit:

https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239794
Standard Audit Period End Date: 2020-02-10
BR Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239795
BR Audit Period End Date: 2020-02-10
EV Audit:
https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=239796
EV Audit Period End Date: 2020-02-10