mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-17 20:34:34 +00:00
47263aefb3
(adapted from bug 1349762 comment 0) Google Trust Services (GTS) recently purchased two roots from GlobalSign that are both enabled for EV treatment: "GlobalSign Root CA - R2" and "GlobalSign ECC Root CA - R4". However, GTS does not have an EV audit, so we are going to turn off EV treatment for both of those root certificates. But "GlobalSign Root CA - R2" has intermediate cert "GlobalSign Extended Validation CA - SHA256 - G2" that continues to be controlled by GlobalSign, to be used to migrate their customers off dependence on that root. This patch removes EV treatment for "GlobalSign ECC Root CA - R4". It also removes EV treatment for all chains rooted in "GlobalSign Root CA - R2" unless the "GlobalSign Extended Validation CA - SHA256 - G2" intermediate is in the chain. MozReview-Commit-ID: Ej9L9zTwoPN --HG-- extra : rebase_source : 575f1a48646cf728d879d0cf53c888654e4a32ad |
||
---|---|---|
.. | ||
addons-public.crt | ||
addons-stage.crt | ||
AppSignatureVerification.cpp | ||
AppTrustDomain.cpp | ||
AppTrustDomain.h | ||
gen_cert_header.py | ||
moz.build | ||
privileged-package-root.der |