зеркало из https://github.com/mozilla/gecko-dev.git
47263aefb3
(adapted from bug 1349762 comment 0) Google Trust Services (GTS) recently purchased two roots from GlobalSign that are both enabled for EV treatment: "GlobalSign Root CA - R2" and "GlobalSign ECC Root CA - R4". However, GTS does not have an EV audit, so we are going to turn off EV treatment for both of those root certificates. But "GlobalSign Root CA - R2" has intermediate cert "GlobalSign Extended Validation CA - SHA256 - G2" that continues to be controlled by GlobalSign, to be used to migrate their customers off dependence on that root. This patch removes EV treatment for "GlobalSign ECC Root CA - R4". It also removes EV treatment for all chains rooted in "GlobalSign Root CA - R2" unless the "GlobalSign Extended Validation CA - SHA256 - G2" intermediate is in the chain. MozReview-Commit-ID: Ej9L9zTwoPN --HG-- extra : rebase_source : 575f1a48646cf728d879d0cf53c888654e4a32ad |
||
|---|---|---|
| .. | ||
| Input.h | ||
| Result.h | ||
| Time.h | ||
| pkix.h | ||
| pkixnss.h | ||
| pkixtypes.h | ||