Kathleen Wilson
2015-01-20 20:25:54 UTC
China Financial Certification Authority (CFCA) has applied to include
the “CFCA EV ROOT” root certificate, turn on the websites trust bit, and
enable EV treatment.
The first discussion resulted in CA action items, which have been
completed.
https://groups.google.com/d/msg/mozilla.dev.security.policy/2G6KuAT9Ekk/GyakphSLS5EJ
https://bugzilla.mozilla.org/show_bug.cgi?id=926029#c26
For your convenience, and because the request has been changed to be
just for the EV root, I will re-summarize the request below.
CFCA is a national authority of security authentication approved by the
People’s Bank of China and state information security administration.
CFCA is a critical national infrastructure of financial information
security and one of the first certification service suppliers granted a
certification service license after the release of the Electronic
Signature Law of the People’s Republic of China. There are more than 200
Chinese banks that are using CFCA’s certificates to ensure the security
of online banking trade.
https://bugzilla.mozilla.org/show_bug.cgi?id=926029
http://www.mozilla.org/en-US/about/governance/policies/security-group/certs/pending/
https://bugzilla.mozilla.org/attachment.cgi?id=8545426
* The primary documents are the CPS and CP, which are provided in
Chinese, and the CPS has been translated into English.
Document repository: http://www.cfca.com.cn/us/us-12.htm
CPS (Chinese) http://www.cfca.com.cn/file/qqfwq-cps.zip
CP (Chinese): http://www.cfca.com.cn/file/qqfwq-cp.zip
CPS (English): http://www.cfca.com.cn/file/CFCA-1403-CPS-en.rar
* CA Hierarchy: The “CFCA EV ROOT” root has one internally-operated
subordinate CA, “CFCA EV OCA”, which issues EV SSL certificates.
* This request is to turn on the websites trust bit for the “CFCA EV
ROOT” root certificate, and enable EV treatment.
All,the “CFCA EV ROOT” root certificate, turn on the websites trust bit, and
enable EV treatment.
The first discussion resulted in CA action items, which have been
completed.
https://groups.google.com/d/msg/mozilla.dev.security.policy/2G6KuAT9Ekk/GyakphSLS5EJ
https://bugzilla.mozilla.org/show_bug.cgi?id=926029#c26
For your convenience, and because the request has been changed to be
just for the EV root, I will re-summarize the request below.
CFCA is a national authority of security authentication approved by the
People’s Bank of China and state information security administration.
CFCA is a critical national infrastructure of financial information
security and one of the first certification service suppliers granted a
certification service license after the release of the Electronic
Signature Law of the People’s Republic of China. There are more than 200
Chinese banks that are using CFCA’s certificates to ensure the security
of online banking trade.
https://bugzilla.mozilla.org/show_bug.cgi?id=926029
http://www.mozilla.org/en-US/about/governance/policies/security-group/certs/pending/
https://bugzilla.mozilla.org/attachment.cgi?id=8545426
* The primary documents are the CPS and CP, which are provided in
Chinese, and the CPS has been translated into English.
Document repository: http://www.cfca.com.cn/us/us-12.htm
CPS (Chinese) http://www.cfca.com.cn/file/qqfwq-cps.zip
CP (Chinese): http://www.cfca.com.cn/file/qqfwq-cp.zip
CPS (English): http://www.cfca.com.cn/file/CFCA-1403-CPS-en.rar
* CA Hierarchy: The “CFCA EV ROOT” root has one internally-operated
subordinate CA, “CFCA EV OCA”, which issues EV SSL certificates.
* This request is to turn on the websites trust bit for the “CFCA EV
ROOT” root certificate, and enable EV treatment.
Does anyone have questions or comments about CFCA's request for root
inclusion and EV treatment?
Thanks,
Kathleen