Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Inquiry Regarding Removal of Certificates with Specific SHA1 Fingerprints

thugsofmpl
thugsofmpl
more options

Dear Mozilla Firefox Team,

I hope this message finds you well.

I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints:

SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security.

Thank you in advance for your attention to this matter. I look forward to your response.

Best regards, Vamsi [edited email from public]

Dear Mozilla Firefox Team, I hope this message finds you well. I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints: SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security. Thank you in advance for your attention to this matter. I look forward to your response. Best regards, Vamsi [edited email from public]

Modifié le par James

Toutes les réponses (2)

markwarner22
markwarner22
more options

Who validates SSL/TLS certificates?

A certificate authority (CA) is an organization that sells SSL/TLS certificates to web owners, web hosting companies, or businesses. The CA validates the domain and owner details before issuing the SSL/TLS certificate. To be a CA, an organization must meet specific requirements set by the operating system, browsers, or mobile devices company and apply to be listed as a root certificate authority. This is important to establish trust amongst internet users. For example, Amazon Trust Services is a certificate authority and can issue SSL/TLS certificates to websites.

You should check with the CA about your issues.

Cela vous a-t-il été utile ?

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 25 Contributor
more options

Hi Vamsi, your question is beyond the scope for this support forum, but here are some resources to pursue an answer to your question:

(1) Root Certificate policy

https://www.mozilla.org/about/governance/policies/security-group/certs/policy/

(2) Mailing list

https://groups.google.com/a/mozilla.org/g/dev-security-policy

Cela vous a-t-il été utile ?

Poser une question

Vous devez vous identifier avec votre compte pour répondre aux messages. Veuillez poser une nouvelle question, si vous n’avez pas encore de compte.