Version: (using KDE Devel) Installed from: Compiled sources OS: I Don't Know Please add our new root certificates: CA Details ---------- CA Name: Website: One Paragraph Summary of CA, including the following: - General nature (e.g., commercial, government, academic/research, nonprofit) - Primary geographical area(s) served - Number and type of subordinate Cas TC TrustCenter is a commercial CA and has several accreditations, incl. German Signature Act, SISAC, ETSI. We are based in Germany and have customers in all major regions of the world. TC TrustCenter offer a variety of products and services including SSL Server certificates and Email certificates. Audit Type (WebTrust, ETSI etc.): ETSI Auditor: TÃœV-IT Germany Auditor Website: http://www.tuevit.de/ Audit Document URL(s): http://www.tuvit.de/XS/c.020400&zerttyp=18/r.020400/sprache.EN/SX/ URL of certificate hierarchy diagram: http://www.trustcenter.de/en/infocenter/root_certificates.htm Certificate Details ------------------- (To be completed once for each certificate; note that we only include root certificates in the store, not intermediates.) 1. Certificate Name: TC TrustCenter Class 1 CA Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Verification that the email address is accessible by the applicant. Details are described in http://www.trustcenter.de/cpd. This Root is only being used to issue certificate for Email Security and SSL-Client-Authentication Version: v3 SHA1 Fingerprint: 72:0f:c1:5d:dc:27:d4:56:d0:98:fa:bf:3c:dd:78:d3:1e:f5:a8:da Modulus Length (a.k.a. "key length"): RSA 1024 Bit Valid From (YYYY-MM-DD): 09.03.1998 11:59:59 GMT Valid To (YYYY-MM-DD): 01.01.2011 11:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tcclass1.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcclass1.trustcenter.de/ Class (domain-validated, identity/organisationally-validated or EV): domain-validated Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): email URL of website using certificate chained to this root (if applying for SSL): - 2. Certificate Name: TC TrustCenter Class 2 II Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: ae:50:83:ed:7c:f4:5c:bc:8f:61:c6:21:fe:68:5d:79:42:21:15:6e Modulus Length (a.k.a. "key length"): RSA 2048 bit Valid From (YYYY-MM-DD): 12.01.2006 14:38:43 GMT Valid To (YYYY-MM-DD): 31.12.2025 22:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tc_class_2_ca_II.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcclass2-ii.trustcenter.de Class (domain-validated, identity/organisationally-validated or EV): identity/organisationally-validated Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): Email and SSL and CodeSigning URL of website using certificate chained to this root (if applying for SSL): https://testserver.class2-ii.trustcenter.de/ 3. Certificate Name: TC TrustCenter Class 3 II Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: 80:25:ef:f4:6e:70:c8:d4:72:24:65:84:fe:40:3b:8a:8d:6a:db:f5 Modulus Length (a.k.a. "key length"): RSA 2048 bit Valid From (YYYY-MM-DD): 12.01.2006 14:41:57 GMT Valid To (YYYY-MM-DD): 31.12.2025 22:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tc_class_3_ca_II.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcclass3-ii.trustcenter.de Class (domain-validated, identity/organisationally-validated or EV): identity/organisationally-validated Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): Email and SSL and CodeSigning URL of website using certificate chained to this root (if applying for SSL): https://testserver.class3-ii.trustcenter.de/ 4. Certificate Name: TC TrustCenter Class 4 II Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: a6:9a:91:fd:05:7f:13:6a:42:63:0b:b1:76:0d:2d:51:12:0c:16:50 Modulus Length (a.k.a. "key length"): RSA 2048 bit Valid From (YYYY-MM-DD): 23.03.2006 14:10:23 GMT Valid To (YYYY-MM-DD): 31.12.2025 22:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tc_class_4_ca_II.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcclass4-ii.trustcenter.de Class (domain-validated, identity/organisationally-validated or EV): EV Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): Email and SSL and CodeSigning URL of website using certificate chained to this root (if applying for SSL): https://testserver.class4-ii.trustcenter.de/ 5. Certificate Name: TC TrustCenter Universal I Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: 6b:2f:34:ad:89:58:be:62:fd:b0:6b:5c:ce:bb:9d:d9:4f:4e:39:f3 Modulus Length (a.k.a. "key length"): RSA 2048 bit Valid From (YYYY-MM-DD): 22.03.2006 15:54:28 GMT Valid To (YYYY-MM-DD): 31.12.2025 22:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tc_universal_root_I.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcuniversal-i.trustcenter.de Class (domain-validated, identity/organisationally-validated or EV): at least domain validated Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): Email and SSL and CodeSigning URL of website using certificate chained to this root (if applying for SSL): https://testserver.universal-i.trustcenter.de/ 6. Certificate Name: TC TrustCenter Universal II Summary Paragraph, including the following: - End entity certificate issuance policy, i.e. what you plan to do with the root Certificate HTTP URL (on CA website): Version: SHA1 Fingerprint: 8c:c4:30:7b:c6:07:55:e7:b2:2d:d9:f7:fe:a2:45:93:6c:7c:f2:88 Modulus Length (a.k.a. "key length"): RSA 4096 bit Valid From (YYYY-MM-DD): 22.03.2006 15:58:34 GMT Valid To (YYYY-MM-DD): 31.12.2030 22:59:59 GMT CRL HTTP URL: http://www.trustcenter.de/crl/v2/tc_universal_root_II.crl CRL issuing frequency for end-entity certificates: one week OCSP URL: http://ocsp.tcuniversal-ii.trustcenter.de Class (domain-validated, identity/organisationally-validated or EV): at least domain validated Certificate Policy URL: http://www.trustcenter.de/cpd CPS URL: http://www.trustcenter.de/cps Requested Trust Indicators (email and/or SSL and/or code): Email and SSL and CodeSigning URL of website using certificate chained to this root (if applying for SSL): https://testserver.universal-ii.trustcenter.de/
Created attachment 21589 [details] TC TrustCenter Class 1 CA
Created attachment 21590 [details] TC TrustCenter Class 2 II
Created attachment 21591 [details] TC TrustCenter Class 3 II
Created attachment 21592 [details] TC TrustCenter Class 4 II
Created attachment 21593 [details] TC TrustCenter Universal I
Created attachment 21594 [details] TC TrustCenter Universal II
We filed this request to include our Generation II roots a while ago but to my knowledge our generation II roots never made it into KDE 4. Our generation I roots are about to expire by end of 2010. So it's time to switch over to the generation II roots. As the inclusion of our generation II roots in Mozilla has been approved recently (see https://bugzilla.mozilla.org/show_bug.cgi?id=486759), I want to take the opportunity to ask again for inclusion. What can we do to get our generation II roots included in KDE?
Created attachment 34454 [details] TC TrustCenter Class 1 CA (PEM Format)
Created attachment 34455 [details] TC TrustCenter Class 2 II (PEM Format)
Created attachment 34456 [details] TC TrustCenter Class 3 II (PEM Format)
Created attachment 34457 [details] TC TrustCenter Class 4 II (PEM Format)
Created attachment 34458 [details] TC TrustCenter Universal I (PEM Format)
Created attachment 34459 [details] TC TrustCenter Universal II (PEM Format)
Rolf, The mozilla bug report you've referenced in comment #7 appears only to relate to TC TrustCenter Class 2 CA II TC TrustCenter Class 3 CA II TC TrustCenter Universal CA I In addition, the "discovery" mozilla bug (https://bugzilla.mozilla.org/show_bug.cgi?id=392024) identifies some issues with the others. Why are you requesting those be included in KDE?
We herewith change our request to: Please include the following root certificates: TC TrustCenter Class 2 CA II TC TrustCenter Class 3 CA II TC TrustCenter Universal CA I TC TrustCenter Universal CA III We recently passed the EV audit for the TC TrustCenter Universal CA III root and it is on the list to get included in Mozilla.
Created attachment 41442 [details] TC TrustCenter Universal CA III
Is this still relevant or applicable with KDE Frameworks 5.45?
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days, the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please set the bug status as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone!