Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Inquiry Regarding Removal of Certificates with Specific SHA1 Fingerprints

thugsofmpl
thugsofmpl
more options

Dear Mozilla Firefox Team,

I hope this message finds you well.

I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints:

SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security.

Thank you in advance for your attention to this matter. I look forward to your response.

Best regards, Vamsi [edited email from public]

Dear Mozilla Firefox Team, I hope this message finds you well. I am writing to inquire about the removal of the following SSL/TLS certificates from Firefox's trusted certificate store. These certificates are identified by the following SHA1 fingerprints: SHA1 Fingerprint: ff:bd:cd:e7:82:c8:43:5e:3c:6f:26:86:5c:ca:a8:3a:45:5b:c3:0a SHA1 Fingerprint: b8:be:6d:cb:56:f1:55:b9:63:d4:12:ca:4e:06:34:c7:94:b2:1c SHA1 Fingerprint: 58:d1:df:95:95:67:6b:63:c0:f0:5b:1c:17:4d:8b:84:0b:c8:78 SHA1 Fingerprint: e9:a8:5d:22:14:52:1c:5b:aa:0a:b4:be:24:6a:23:8a:c9:ba:e2 SHA1 Fingerprint: 8a:2f:af:57:53:b1:b0:e6:a1:04:ec:5b:6a:69:71:6d:f6:1c:e2:84 SHA1 Fingerprint: ae:c5:fb:3f:c8:e1:bf:c4:e5:4f:03:07:5a:9a:e8:00:b7:f7:b6 Could you kindly provide clarification as to why these specific certificates were removed? Understanding the rationale behind this decision will help us assess any potential impact on our systems and ensure that we are adhering to the best practices for security. Thank you in advance for your attention to this matter. I look forward to your response. Best regards, Vamsi [edited email from public]

由James于修改

所有回复 (2)

markwarner22
markwarner22
more options

Who validates SSL/TLS certificates?

A certificate authority (CA) is an organization that sells SSL/TLS certificates to web owners, web hosting companies, or businesses. The CA validates the domain and owner details before issuing the SSL/TLS certificate. To be a CA, an organization must meet specific requirements set by the operating system, browsers, or mobile devices company and apply to be listed as a root certificate authority. This is important to establish trust amongst internet users. For example, Amazon Trust Services is a certificate authority and can issue SSL/TLS certificates to websites.

You should check with the CA about your issues.

有帮助吗?

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hi Vamsi, your question is beyond the scope for this support forum, but here are some resources to pursue an answer to your question:

(1) Root Certificate policy

https://www.mozilla.org/about/governance/policies/security-group/certs/policy/

(2) Mailing list

https://groups.google.com/a/mozilla.org/g/dev-security-policy

有帮助吗?

我要提问

您需要登录才能回复。如果您还没账号,可以提出新问题