Kyle Hamilton wrote:
What is the effect of this problem on the request to enable the UTN-UserFirst-Hardware root for EV, https://bugzilla.mozilla.org/show_bug.cgi?id=401587 ?
I think (but don't have time to confirm right at the moment) that that request is moot. As far as I know, Comodo EV certificates are working fine right now even in the absence of the UTN-UserFirst-Hardware root being enabled for EV. This is due to EV-enabling of the new Comodo EV root and also IIRC due to code that was added to PSM (?) to specially handle cases like this where the EV root was cross-signed by a non-EV legacy root.
(AFAIK this scenario was/is not unique to Comodo. I believe all the VeriSign EV CAs work this way as well: a newly added and EV-enabled EV root cross-signed by a non-EV legacy root.)
Frank -- Frank Hecker hec...@mozillafoundation.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
