Per my comments in bug 260529, please add the Security Communication Root CA1 certificate to NSS. As noted in <http://www.hecker.org/mozilla/ca-certificate-list>, SECOM Trust.net actually has two root CA certs; however one of them, SECOM Trust.net Root1 CA (or SECOM Trust.net Root CA1) is actually a Valicert root cert that is already in NSS/Mozilla. The new cert we want to add is the Security Communication Root1CA certificate, at https://repository.secomtrust.net/SC-Root1/SCRoot1ca.cer It should be marked as trusted for all purposes. (Marking this bug as blocking bug 260529.)

My apologies; the references to bug 260529 should actually have been to bug 260259; I've changed the "blocks" field accordingly.

Mass reassign to myself of enhancement requests for new root certs. Targetting them all for NSS 3.10

The patches that add these requested ROOT CA certs to the NSS 3.9 branch and to the NSS trunk have been attached to bug 271585. Please see bug 271585 for those attachments. When those attachments have been reviewed and checked in, this bug will be marked resolved/fixed.

The root CA cert(s) indicated above have been added to the trunk and the NSS 3.9 branch. See bug 271585 for more details and the patches. For testing purposes, for a short time (weeks), a copy of a debug build of nssckbi.dll with these certs added, built from the NSS 3.9 branch, may be obtained for testing at http://nelson.bolyard.com/mozilla/nssckbi.dll I invite the representatives of the various CAs to download it and test it. Please add any comments (reflecting success or failure) to this bug. It passes my tests.

Verified with Firefox 1.0.2 that SECOM Trust.net Secure Communication RootCA1 is in the "Builtin Object Token" with the following trust settings: This certificate can identify web sites. This certificate can identify mail users. This certificate can identify software makers.