Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 29 Aug 2020 02:46:25 +0000 (UTC)
From:      Kyle Evans <kevans@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r364943 - head/secure/caroot/trusted
Message-ID:  <202008290246.07T2kPiH044660@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: kevans
Date: Sat Aug 29 02:46:25 2020
New Revision: 364943
URL: https://svnweb.freebsd.org/changeset/base/364943

Log:
  carrot: update bundle
  
  Stats:
  - Seven (7) removed
  - Four (4) added
  
  MFC after:	3 days

Added:
  head/secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem   (contents, props changed)
  head/secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem   (contents, props changed)
  head/secure/caroot/trusted/certSIGN_Root_CA_G2.pem   (contents, props changed)
  head/secure/caroot/trusted/e-Szigno_Root_CA_2017.pem   (contents, props changed)
Deleted:
  head/secure/caroot/trusted/AddTrust_External_Root.pem
  head/secure/caroot/trusted/AddTrust_Low-Value_Services_Root.pem
  head/secure/caroot/trusted/LuxTrust_Global_Root_2.pem
  head/secure/caroot/trusted/Staat_der_Nederlanden_Root_CA_-_G2.pem
  head/secure/caroot/trusted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G4.pem
  head/secure/caroot/trusted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G4.pem
  head/secure/caroot/trusted/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem

Added: head/secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem	Sat Aug 29 02:46:25 2020	(r364943)
@@ -0,0 +1,68 @@
+##
+##  Microsoft ECC Root Certificate Authority 2017
+##
+##  This is a single X.509 certificate for a public Certificate
+##  Authority (CA). It was automatically extracted from Mozilla's
+##  root CA list (the file `certdata.txt' in security/nss).
+##
+##  Extracted from nss
+##  with $FreeBSD: head/secure/caroot/MAca-bundle.pl 352951 2019-10-02 01:27:50Z kevans $
+##
+##  @generated
+##
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            66:f2:3d:af:87:de:8b:b1:4a:ea:0c:57:31:01:c2:ec
+        Signature Algorithm: ecdsa-with-SHA384
+        Issuer: C = US, O = Microsoft Corporation, CN = Microsoft ECC Root Certificate Authority 2017
+        Validity
+            Not Before: Dec 18 23:06:45 2019 GMT
+            Not After : Jul 18 23:16:04 2042 GMT
+        Subject: C = US, O = Microsoft Corporation, CN = Microsoft ECC Root Certificate Authority 2017
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (384 bit)
+                pub:
+                    04:d4:bc:3d:02:42:75:41:13:23:cd:80:04:86:02:
+                    51:2f:6a:a8:81:62:0b:65:cc:f6:ca:9d:1e:6f:4a:
+                    66:51:a2:03:d9:9d:91:fa:b6:16:b1:8c:6e:de:7c:
+                    cd:db:79:a6:2f:ce:bb:ce:71:2f:e5:a5:ab:28:ec:
+                    63:04:66:99:f8:fa:f2:93:10:05:e1:81:28:42:e3:
+                    c6:68:f4:e6:1b:84:60:4a:89:af:ed:79:0f:3b:ce:
+                    f1:f6:44:f5:01:78:c0
+                ASN1 OID: secp384r1
+                NIST CURVE: P-384
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                C8:CB:99:72:70:52:0C:F8:E6:BE:B2:04:57:29:2A:CF:42:10:ED:35
+            1.3.6.1.4.1.311.21.1: 
+                ...
+    Signature Algorithm: ecdsa-with-SHA384
+         30:65:02:30:58:f2:4d:ea:0c:f9:5f:5e:ee:60:29:cb:3a:f2:
+         db:d6:32:84:19:3f:7c:d5:2f:c2:b1:cc:93:ae:50:bb:09:32:
+         c6:c6:ed:7e:c9:36:94:12:e4:68:85:06:a2:1b:d0:2f:02:31:
+         00:99:e9:16:b4:0e:fa:56:48:d4:a4:30:16:91:78:db:54:8c:
+         65:01:8a:e7:50:66:c2:31:b7:39:ba:b8:1a:22:07:4e:fc:6b:
+         54:16:20:ff:2b:b5:e7:4c:0c:4d:a6:4f:73
+SHA1 Fingerprint=99:9A:64:C3:7F:F4:7D:9F:AB:95:F1:47:69:89:14:60:EE:C4:C3:C5
+-----BEGIN CERTIFICATE-----
+MIICWTCCAd+gAwIBAgIQZvI9r4fei7FK6gxXMQHC7DAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYD
+VQQDEy1NaWNyb3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw
+MTcwHhcNMTkxMjE4MjMwNjQ1WhcNNDIwNzE4MjMxNjA0WjBlMQswCQYDVQQGEwJV
+UzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1NaWNy
+b3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAATUvD0CQnVBEyPNgASGAlEvaqiBYgtlzPbKnR5vSmZR
+ogPZnZH6thaxjG7efM3beaYvzrvOcS/lpaso7GMEZpn4+vKTEAXhgShC48Zo9OYb
+hGBKia/teQ87zvH2RPUBeMCjVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBTIy5lycFIM+Oa+sgRXKSrPQhDtNTAQBgkrBgEEAYI3
+FQEEAwIBADAKBggqhkjOPQQDAwNoADBlAjBY8k3qDPlfXu5gKcs68tvWMoQZP3zV
+L8KxzJOuULsJMsbG7X7JNpQS5GiFBqIb0C8CMQCZ6Ra0DvpWSNSkMBaReNtUjGUB
+iudQZsIxtzm6uBoiB078a1QWIP8rtedMDE2mT3M=
+-----END CERTIFICATE-----

Added: head/secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem	Sat Aug 29 02:46:25 2020	(r364943)
@@ -0,0 +1,136 @@
+##
+##  Microsoft RSA Root Certificate Authority 2017
+##
+##  This is a single X.509 certificate for a public Certificate
+##  Authority (CA). It was automatically extracted from Mozilla's
+##  root CA list (the file `certdata.txt' in security/nss).
+##
+##  Extracted from nss
+##  with $FreeBSD: head/secure/caroot/MAca-bundle.pl 352951 2019-10-02 01:27:50Z kevans $
+##
+##  @generated
+##
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            1e:d3:97:09:5f:d8:b4:b3:47:70:1e:aa:be:7f:45:b3
+        Signature Algorithm: sha384WithRSAEncryption
+        Issuer: C = US, O = Microsoft Corporation, CN = Microsoft RSA Root Certificate Authority 2017
+        Validity
+            Not Before: Dec 18 22:51:22 2019 GMT
+            Not After : Jul 18 23:00:23 2042 GMT
+        Subject: C = US, O = Microsoft Corporation, CN = Microsoft RSA Root Certificate Authority 2017
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                RSA Public-Key: (4096 bit)
+                Modulus:
+                    00:ca:5b:be:94:33:8c:29:95:91:16:0a:95:bd:47:
+                    62:c1:89:f3:99:36:df:46:90:c9:a5:ed:78:6a:6f:
+                    47:91:68:f8:27:67:50:33:1d:a1:a6:fb:e0:e5:43:
+                    a3:84:02:57:01:5d:9c:48:40:82:53:10:bc:bf:c7:
+                    3b:68:90:b6:82:2d:e5:f4:65:d0:cc:6d:19:cc:95:
+                    f9:7b:ac:4a:94:ad:0e:de:4b:43:1d:87:07:92:13:
+                    90:80:83:64:35:39:04:fc:e5:e9:6c:b3:b6:1f:50:
+                    94:38:65:50:5c:17:46:b9:b6:85:b5:1c:b5:17:e8:
+                    d6:45:9d:d8:b2:26:b0:ca:c4:70:4a:ae:60:a4:dd:
+                    b3:d9:ec:fc:3b:d5:57:72:bc:3f:c8:c9:b2:de:4b:
+                    6b:f8:23:6c:03:c0:05:bd:95:c7:cd:73:3b:66:80:
+                    64:e3:1a:ac:2e:f9:47:05:f2:06:b6:9b:73:f5:78:
+                    33:5b:c7:a1:fb:27:2a:a1:b4:9a:91:8c:91:d3:3a:
+                    82:3e:76:40:b4:cd:52:61:51:70:28:3f:c5:c5:5a:
+                    f2:c9:8c:49:bb:14:5b:4d:c8:ff:67:4d:4c:12:96:
+                    ad:f5:fe:78:a8:97:87:d7:fd:5e:20:80:dc:a1:4b:
+                    22:fb:d4:89:ad:ba:ce:47:97:47:55:7b:8f:45:c8:
+                    67:28:84:95:1c:68:30:ef:ef:49:e0:35:7b:64:e7:
+                    98:b0:94:da:4d:85:3b:3e:55:c4:28:af:57:f3:9e:
+                    13:db:46:27:9f:1e:a2:5e:44:83:a4:a5:ca:d5:13:
+                    b3:4b:3f:c4:e3:c2:e6:86:61:a4:52:30:b9:7a:20:
+                    4f:6f:0f:38:53:cb:33:0c:13:2b:8f:d6:9a:bd:2a:
+                    c8:2d:b1:1c:7d:4b:51:ca:47:d1:48:27:72:5d:87:
+                    eb:d5:45:e6:48:65:9d:af:52:90:ba:5b:a2:18:65:
+                    57:12:9f:68:b9:d4:15:6b:94:c4:69:22:98:f4:33:
+                    e0:ed:f9:51:8e:41:50:c9:34:4f:76:90:ac:fc:38:
+                    c1:d8:e1:7b:b9:e3:e3:94:e1:46:69:cb:0e:0a:50:
+                    6b:13:ba:ac:0f:37:5a:b7:12:b5:90:81:1e:56:ae:
+                    57:22:86:d9:c9:d2:d1:d7:51:e3:ab:3b:c6:55:fd:
+                    1e:0e:d3:74:0a:d1:da:aa:ea:69:b8:97:28:8f:48:
+                    c4:07:f8:52:43:3a:f4:ca:55:35:2c:b0:a6:6a:c0:
+                    9c:f9:f2:81:e1:12:6a:c0:45:d9:67:b3:ce:ff:23:
+                    a2:89:0a:54:d4:14:b9:2a:a8:d7:ec:f9:ab:cd:25:
+                    58:32:79:8f:90:5b:98:39:c4:08:06:c1:ac:7f:0e:
+                    3d:00:a5
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                09:CB:59:7F:86:B2:70:8F:1A:C3:39:E3:C0:D9:E9:BF:BB:4D:B2:23
+            1.3.6.1.4.1.311.21.1: 
+                ...
+    Signature Algorithm: sha384WithRSAEncryption
+         ac:af:3e:5d:c2:11:96:89:8e:a3:e7:92:d6:97:15:b8:13:a2:
+         a6:42:2e:02:cd:16:05:59:27:ca:20:e8:ba:b8:e8:1a:ec:4d:
+         a8:97:56:ae:65:43:b1:8f:00:9b:52:cd:55:cd:53:39:6d:62:
+         4c:8b:0d:5b:7c:2e:44:bf:83:10:8f:f3:53:82:80:c3:4f:3a:
+         c7:6e:11:3f:e6:e3:16:91:84:fb:6d:84:7f:34:74:ad:89:a7:
+         ce:b9:d7:d7:9f:84:64:92:be:95:a1:ad:09:53:33:dd:ee:0a:
+         ea:4a:51:8e:6f:55:ab:ba:b5:94:46:ae:8c:7f:d8:a2:50:25:
+         65:60:80:46:db:33:04:ae:6c:b5:98:74:54:25:dc:93:e4:f8:
+         e3:55:15:3d:b8:6d:c3:0a:a4:12:c1:69:85:6e:df:64:f1:53:
+         99:e1:4a:75:20:9d:95:0f:e4:d6:dc:03:f1:59:18:e8:47:89:
+         b2:57:5a:94:b6:a9:d8:17:2b:17:49:e5:76:cb:c1:56:99:3a:
+         37:b1:ff:69:2c:91:91:93:e1:df:4c:a3:37:76:4d:a1:9f:f8:
+         6d:1e:1d:d3:fa:ec:fb:f4:45:1d:13:6d:cf:f7:59:e5:22:27:
+         72:2b:86:f3:57:bb:30:ed:24:4d:dc:7d:56:bb:a3:b3:f8:34:
+         79:89:c1:e0:f2:02:61:f7:a6:fc:0f:bb:1c:17:0b:ae:41:d9:
+         7c:bd:27:a3:fd:2e:3a:d1:93:94:b1:73:1d:24:8b:af:5b:20:
+         89:ad:b7:67:66:79:f5:3a:c6:a6:96:33:fe:53:92:c8:46:b1:
+         11:91:c6:99:7f:8f:c9:d6:66:31:20:41:10:87:2d:0c:d6:c1:
+         af:34:98:ca:64:83:fb:13:57:d1:c1:f0:3c:7a:8c:a5:c1:fd:
+         95:21:a0:71:c1:93:67:71:12:ea:8f:88:0a:69:19:64:99:23:
+         56:fb:ac:2a:2e:70:be:66:c4:0c:84:ef:e5:8b:f3:93:01:f8:
+         6a:90:93:67:4b:b2:68:a3:b5:62:8f:e9:3f:8c:7a:3b:5e:0f:
+         e7:8c:b8:c6:7c:ef:37:fd:74:e2:c8:4f:33:72:e1:94:39:6d:
+         bd:12:af:be:0c:4e:70:7c:1b:6f:8d:b3:32:93:73:44:16:6d:
+         e8:f4:f7:e0:95:80:8f:96:5d:38:a4:f4:ab:de:0a:30:87:93:
+         d8:4d:00:71:62:45:27:4b:3a:42:84:5b:7f:65:b7:67:34:52:
+         2d:9c:16:6b:aa:a8:d8:7b:a3:42:4c:71:c7:0c:ca:3e:83:e4:
+         a6:ef:b7:01:30:5e:51:a3:79:f5:70:69:a6:41:44:0f:86:b0:
+         2c:91:c6:3d:ea:ae:0f:84
+SHA1 Fingerprint=73:A5:E6:4A:3B:FF:83:16:FF:0E:DC:CC:61:8A:90:6E:4E:AE:4D:74
+-----BEGIN CERTIFICATE-----
+MIIFqDCCA5CgAwIBAgIQHtOXCV/YtLNHcB6qvn9FszANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYw
+NAYDVQQDEy1NaWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
+IDIwMTcwHhcNMTkxMjE4MjI1MTIyWhcNNDIwNzE4MjMwMDIzWjBlMQswCQYDVQQG
+EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1N
+aWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKW76UM4wplZEWCpW9R2LBifOZ
+Nt9GkMml7Xhqb0eRaPgnZ1AzHaGm++DlQ6OEAlcBXZxIQIJTELy/xztokLaCLeX0
+ZdDMbRnMlfl7rEqUrQ7eS0MdhweSE5CAg2Q1OQT85elss7YfUJQ4ZVBcF0a5toW1
+HLUX6NZFndiyJrDKxHBKrmCk3bPZ7Pw71VdyvD/IybLeS2v4I2wDwAW9lcfNcztm
+gGTjGqwu+UcF8ga2m3P1eDNbx6H7JyqhtJqRjJHTOoI+dkC0zVJhUXAoP8XFWvLJ
+jEm7FFtNyP9nTUwSlq31/niol4fX/V4ggNyhSyL71Imtus5Hl0dVe49FyGcohJUc
+aDDv70ngNXtk55iwlNpNhTs+VcQor1fznhPbRiefHqJeRIOkpcrVE7NLP8TjwuaG
+YaRSMLl6IE9vDzhTyzMMEyuP1pq9KsgtsRx9S1HKR9FIJ3Jdh+vVReZIZZ2vUpC6
+W6IYZVcSn2i51BVrlMRpIpj0M+Dt+VGOQVDJNE92kKz8OMHY4Xu54+OU4UZpyw4K
+UGsTuqwPN1q3ErWQgR5WrlcihtnJ0tHXUeOrO8ZV/R4O03QK0dqq6mm4lyiPSMQH
++FJDOvTKVTUssKZqwJz58oHhEmrARdlns87/I6KJClTUFLkqqNfs+avNJVgyeY+Q
+W5g5xAgGwax/Dj0ApQIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/
+BAUwAwEB/zAdBgNVHQ4EFgQUCctZf4aycI8awznjwNnpv7tNsiMwEAYJKwYBBAGC
+NxUBBAMCAQAwDQYJKoZIhvcNAQEMBQADggIBAKyvPl3CEZaJjqPnktaXFbgToqZC
+LgLNFgVZJ8og6Lq46BrsTaiXVq5lQ7GPAJtSzVXNUzltYkyLDVt8LkS/gxCP81OC
+gMNPOsduET/m4xaRhPtthH80dK2Jp86519efhGSSvpWhrQlTM93uCupKUY5vVau6
+tZRGrox/2KJQJWVggEbbMwSubLWYdFQl3JPk+ONVFT24bcMKpBLBaYVu32TxU5nh
+SnUgnZUP5NbcA/FZGOhHibJXWpS2qdgXKxdJ5XbLwVaZOjex/2kskZGT4d9Mozd2
+TaGf+G0eHdP67Pv0RR0Tbc/3WeUiJ3IrhvNXuzDtJE3cfVa7o7P4NHmJweDyAmH3
+pvwPuxwXC65B2Xy9J6P9LjrRk5Sxcx0ki69bIImtt2dmefU6xqaWM/5TkshGsRGR
+xpl/j8nWZjEgQRCHLQzWwa80mMpkg/sTV9HB8Dx6jKXB/ZUhoHHBk2dxEuqPiApp
+GWSZI1b7rCoucL5mxAyE7+WL85MB+GqQk2dLsmijtWKP6T+MejteD+eMuMZ87zf9
+dOLITzNy4ZQ5bb0Sr74MTnB8G2+NszKTc0QWbej09+CVgI+WXTik9KveCjCHk9hN
+AHFiRSdLOkKEW39lt2c0Ui2cFmuqqNh7o0JMcccMyj6D5KbvtwEwXlGjefVwaaZB
+RA+GsCyRxj3qrg+E
+-----END CERTIFICATE-----

Added: head/secure/caroot/trusted/certSIGN_Root_CA_G2.pem
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/secure/caroot/trusted/certSIGN_Root_CA_G2.pem	Sat Aug 29 02:46:25 2020	(r364943)
@@ -0,0 +1,132 @@
+##
+##  certSIGN Root CA G2
+##
+##  This is a single X.509 certificate for a public Certificate
+##  Authority (CA). It was automatically extracted from Mozilla's
+##  root CA list (the file `certdata.txt' in security/nss).
+##
+##  Extracted from nss
+##  with $FreeBSD: head/secure/caroot/MAca-bundle.pl 352951 2019-10-02 01:27:50Z kevans $
+##
+##  @generated
+##
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            11:00:34:b6:4e:c6:36:2d:36
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C = RO, O = CERTSIGN SA, OU = certSIGN ROOT CA G2
+        Validity
+            Not Before: Feb  6 09:27:35 2017 GMT
+            Not After : Feb  6 09:27:35 2042 GMT
+        Subject: C = RO, O = CERTSIGN SA, OU = certSIGN ROOT CA G2
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                RSA Public-Key: (4096 bit)
+                Modulus:
+                    00:c0:c5:75:19:91:7d:44:74:74:87:fe:0e:3b:96:
+                    dc:d8:01:16:cc:ee:63:91:e7:0b:6f:ce:3b:0a:69:
+                    1a:7c:c2:e3:af:82:8e:86:d7:5e:8f:57:eb:d3:21:
+                    59:fd:39:37:42:30:be:50:ea:b6:0f:a9:88:d8:2e:
+                    2d:69:21:e7:d1:37:18:4e:7d:91:d5:16:5f:6b:5b:
+                    00:c2:39:43:0d:36:85:52:b9:53:65:0f:1d:42:e5:
+                    8f:cf:05:d3:ee:dc:0c:1a:d9:b8:8b:78:22:67:e4:
+                    69:b0:68:c5:3c:e4:6c:5a:46:e7:cd:c7:fa:ef:c4:
+                    ec:4b:bd:6a:a4:ac:fd:cc:28:51:ef:92:b4:29:ab:
+                    ab:35:9a:4c:e4:c4:08:c6:26:cc:f8:69:9f:e4:9c:
+                    f0:29:d3:5c:f9:c6:16:25:9e:23:c3:20:c1:3d:0f:
+                    3f:38:40:b0:fe:82:44:38:aa:5a:1a:8a:6b:63:58:
+                    38:b4:15:d3:b6:11:69:7b:1e:54:ee:8c:1a:22:ac:
+                    72:97:3f:23:59:9b:c9:22:84:c1:07:4f:cc:7f:e2:
+                    57:ca:12:70:bb:a6:65:f3:69:75:63:bd:95:fb:1b:
+                    97:cd:e4:a8:af:f6:d1:4e:a8:d9:8a:71:24:cd:36:
+                    3d:bc:96:c4:f1:6c:a9:ae:e5:cf:0d:6e:28:0d:b0:
+                    0e:b5:ca:51:7b:78:14:c3:20:2f:7f:fb:14:55:e1:
+                    11:99:fd:d5:0a:a1:9e:02:e3:62:5f:eb:35:4b:2c:
+                    b8:72:e8:3e:3d:4f:ac:2c:bb:2e:86:e2:a3:76:8f:
+                    e5:93:2a:cf:a5:ab:c8:5c:8d:4b:06:ff:12:46:ac:
+                    78:cb:14:07:35:e0:a9:df:8b:e9:af:15:4f:16:89:
+                    5b:bd:f6:8d:c6:59:ae:88:85:0e:c1:89:eb:1f:67:
+                    c5:45:8e:ff:6d:37:36:2b:78:66:83:91:51:2b:3d:
+                    ff:51:77:76:62:a1:ec:67:3e:3e:81:83:e0:56:a9:
+                    50:1f:1f:7a:99:ab:63:bf:84:17:77:f1:0d:3b:df:
+                    f7:9c:61:b3:35:98:8a:3a:b2:ec:3c:1a:37:3f:7e:
+                    8f:92:cf:d9:12:14:64:da:10:02:15:41:ff:4f:c4:
+                    eb:1c:a3:c9:fa:99:f7:46:e9:e1:18:d9:b1:b8:32:
+                    2d:cb:14:0c:50:d8:83:65:83:ee:b9:5c:cf:cb:05:
+                    5a:4c:fa:19:97:6b:d6:5d:13:d3:c2:5c:54:bc:32:
+                    73:a0:78:f5:f1:6d:1e:cb:9f:a5:a6:9f:22:dc:d1:
+                    51:9e:82:79:64:60:29:13:3e:a3:fd:4f:72:6a:ab:
+                    e2:d4:e5:b8:24:55:2c:44:4b:8a:88:44:9c:ca:84:
+                    d3:2a:3b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                82:21:2D:66:C6:D7:A0:E0:15:EB:CE:4C:09:77:C4:60:9E:54:6E:03
+    Signature Algorithm: sha256WithRSAEncryption
+         60:de:1a:b8:e7:f2:60:82:d5:03:33:81:cb:06:8a:f1:22:49:
+         e9:e8:ea:91:7f:c6:33:5e:68:19:03:86:3b:43:01:cf:07:70:
+         e4:08:1e:65:85:91:e6:11:22:b7:f5:02:23:8e:ae:b9:1e:7d:
+         1f:7e:6c:e6:bd:25:d5:95:1a:f2:05:a6:af:85:02:6f:ae:f8:
+         d6:31:ff:25:c9:4a:c8:c7:8a:a9:d9:9f:4b:49:9b:11:57:99:
+         92:43:11:de:b6:33:a4:cc:d7:8d:64:7d:d4:cd:3c:28:2c:b4:
+         9a:96:ea:4d:f5:c4:44:c4:25:aa:20:80:d8:29:55:f7:e0:41:
+         fc:06:26:ff:b9:36:f5:43:14:03:66:78:e1:11:b1:da:20:5f:
+         46:00:78:00:21:a5:1e:00:28:61:78:6f:a8:01:01:8f:9d:34:
+         9a:ff:f4:38:90:fb:b8:d1:b3:72:06:c9:71:e6:81:c5:79:ed:
+         0b:a6:79:f2:13:0b:9c:f7:5d:0e:7b:24:93:b4:48:db:86:5f:
+         de:50:86:78:e7:40:e6:31:a8:90:76:70:61:af:9c:37:2c:11:
+         b5:82:b7:aa:ae:24:34:5b:72:0c:69:0d:cd:59:9f:f6:71:af:
+         9c:0b:d1:0a:38:f9:06:22:83:53:25:0c:fc:51:c4:e6:be:e2:
+         39:95:0b:24:ad:af:d1:95:e4:96:d7:74:64:6b:71:4e:02:3c:
+         aa:85:f3:20:a3:43:39:76:5b:6c:50:fe:9a:9c:14:1e:65:14:
+         8a:15:bd:a3:82:45:5a:49:56:6a:d2:9c:b1:63:32:e5:61:e0:
+         53:22:0e:a7:0a:49:ea:cb:7e:1f:a8:e2:62:80:f6:10:45:52:
+         98:06:18:de:a5:cd:2f:7f:aa:d4:e9:3e:08:72:ec:23:03:02:
+         3c:a6:aa:d8:bc:67:74:3d:14:17:fb:54:4b:17:e3:d3:79:3d:
+         6d:6b:49:c9:28:0e:2e:74:50:bf:0c:d9:46:3a:10:86:c9:a7:
+         3f:e9:a0:ec:7f:eb:a5:77:58:69:71:e6:83:0a:37:f2:86:49:
+         6a:be:79:08:90:f6:02:16:64:3e:e5:da:4c:7e:0c:34:c9:f9:
+         5f:b6:b3:28:51:a7:a7:2b:aa:49:fa:8d:65:29:4e:e3:6b:13:
+         a7:94:a3:2d:51:6d:78:0c:44:cb:df:de:08:6f:ce:a3:64:ab:
+         d3:95:84:d4:b9:52:54:72:7b:96:25:cc:bc:69:e3:48:6e:0d:
+         d0:c7:9d:27:9a:aa:f8:13:92:dd:1e:df:63:9f:35:a9:16:36:
+         ec:8c:b8:83:f4:3d:89:8f:cd:b4:17:5e:d7:b3:17:41:10:5d:
+         27:73:60:85:57:49:22:07
+SHA1 Fingerprint=26:F9:93:B4:ED:3D:28:27:B0:B9:4B:A7:E9:15:1D:A3:8D:92:E5:32
+-----BEGIN CERTIFICATE-----
+MIIFRzCCAy+gAwIBAgIJEQA0tk7GNi02MA0GCSqGSIb3DQEBCwUAMEExCzAJBgNV
+BAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJR04g
+Uk9PVCBDQSBHMjAeFw0xNzAyMDYwOTI3MzVaFw00MjAyMDYwOTI3MzVaMEExCzAJ
+BgNVBAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJ
+R04gUk9PVCBDQSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDF
+dRmRfUR0dIf+DjuW3NgBFszuY5HnC2/OOwppGnzC46+CjobXXo9X69MhWf05N0Iw
+vlDqtg+piNguLWkh59E3GE59kdUWX2tbAMI5Qw02hVK5U2UPHULlj88F0+7cDBrZ
+uIt4ImfkabBoxTzkbFpG583H+u/E7Eu9aqSs/cwoUe+StCmrqzWaTOTECMYmzPhp
+n+Sc8CnTXPnGFiWeI8MgwT0PPzhAsP6CRDiqWhqKa2NYOLQV07YRaXseVO6MGiKs
+cpc/I1mbySKEwQdPzH/iV8oScLumZfNpdWO9lfsbl83kqK/20U6o2YpxJM02PbyW
+xPFsqa7lzw1uKA2wDrXKUXt4FMMgL3/7FFXhEZn91QqhngLjYl/rNUssuHLoPj1P
+rCy7Lobio3aP5ZMqz6WryFyNSwb/EkaseMsUBzXgqd+L6a8VTxaJW732jcZZroiF
+DsGJ6x9nxUWO/203Nit4ZoORUSs9/1F3dmKh7Gc+PoGD4FapUB8fepmrY7+EF3fx
+DTvf95xhszWYijqy7DwaNz9+j5LP2RIUZNoQAhVB/0/E6xyjyfqZ90bp4RjZsbgy
+LcsUDFDYg2WD7rlcz8sFWkz6GZdr1l0T08JcVLwyc6B49fFtHsufpaafItzRUZ6C
+eWRgKRM+o/1Pcmqr4tTluCRVLERLiohEnMqE0yo7AgMBAAGjQjBAMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSCIS1mxteg4BXrzkwJ
+d8RgnlRuAzANBgkqhkiG9w0BAQsFAAOCAgEAYN4auOfyYILVAzOBywaK8SJJ6ejq
+kX/GM15oGQOGO0MBzwdw5AgeZYWR5hEit/UCI46uuR59H35s5r0l1ZUa8gWmr4UC
+b6741jH/JclKyMeKqdmfS0mbEVeZkkMR3rYzpMzXjWR91M08KCy0mpbqTfXERMQl
+qiCA2ClV9+BB/AYm/7k29UMUA2Z44RGx2iBfRgB4ACGlHgAoYXhvqAEBj500mv/0
+OJD7uNGzcgbJceaBxXntC6Z58hMLnPddDnskk7RI24Zf3lCGeOdA5jGokHZwYa+c
+NywRtYK3qq4kNFtyDGkNzVmf9nGvnAvRCjj5BiKDUyUM/FHE5r7iOZULJK2v0ZXk
+ltd0ZGtxTgI8qoXzIKNDOXZbbFD+mpwUHmUUihW9o4JFWklWatKcsWMy5WHgUyIO
+pwpJ6st+H6jiYoD2EEVSmAYY3qXNL3+q1Ok+CHLsIwMCPKaq2LxndD0UF/tUSxfj
+03k9bWtJySgOLnRQvwzZRjoQhsmnP+mg7H/rpXdYaXHmgwo38oZJar55CJD2AhZk
+PuXaTH4MNMn5X7azKFGnpyuqSfqNZSlO42sTp5SjLVFteAxEy9/eCG/Oo2Sr05WE
+1LlSVHJ7liXMvGnjSG4N0MedJ5qq+BOS3R7fY581qRY27Iy4g/Q9iY/NtBde17MX
+QRBdJ3NghVdJIgc=
+-----END CERTIFICATE-----

Added: head/secure/caroot/trusted/e-Szigno_Root_CA_2017.pem
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/secure/caroot/trusted/e-Szigno_Root_CA_2017.pem	Sat Aug 29 02:46:25 2020	(r364943)
@@ -0,0 +1,65 @@
+##
+##  e-Szigno Root CA 2017
+##
+##  This is a single X.509 certificate for a public Certificate
+##  Authority (CA). It was automatically extracted from Mozilla's
+##  root CA list (the file `certdata.txt' in security/nss).
+##
+##  Extracted from nss
+##  with $FreeBSD: head/secure/caroot/MAca-bundle.pl 352951 2019-10-02 01:27:50Z kevans $
+##
+##  @generated
+##
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            01:54:48:ef:21:fd:97:59:0d:f5:04:0a
+        Signature Algorithm: ecdsa-with-SHA256
+        Issuer: C = HU, L = Budapest, O = Microsec Ltd., organizationIdentifier = VATHU-23584497, CN = e-Szigno Root CA 2017
+        Validity
+            Not Before: Aug 22 12:07:06 2017 GMT
+            Not After : Aug 22 12:07:06 2042 GMT
+        Subject: C = HU, L = Budapest, O = Microsec Ltd., organizationIdentifier = VATHU-23584497, CN = e-Szigno Root CA 2017
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:96:dc:3d:8a:d8:b0:7b:6f:c6:27:be:44:90:b1:
+                    b3:56:15:7b:8e:43:24:7d:1a:84:59:ee:63:68:b2:
+                    c6:5e:87:d0:15:48:1e:a8:90:ad:bd:53:a2:da:de:
+                    3a:90:a6:60:5f:68:32:b5:86:41:df:87:5b:2c:7b:
+                    c5:fe:7c:7a:da
+                ASN1 OID: prime256v1
+                NIST CURVE: P-256
+        X509v3 extensions:
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Certificate Sign, CRL Sign
+            X509v3 Subject Key Identifier: 
+                87:11:15:08:D1:AA:C1:78:0C:B1:AF:CE:C6:C9:90:EF:BF:30:04:C0
+            X509v3 Authority Key Identifier: 
+                keyid:87:11:15:08:D1:AA:C1:78:0C:B1:AF:CE:C6:C9:90:EF:BF:30:04:C0
+
+    Signature Algorithm: ecdsa-with-SHA256
+         30:46:02:21:00:b5:57:dd:d7:8a:55:0b:36:e1:86:44:fa:d4:
+         d9:68:8d:b8:dc:23:8a:8a:0d:d4:2f:7d:ea:73:ec:bf:4d:6c:
+         a8:02:21:00:cb:a5:b4:12:fa:e7:b5:e8:cf:7e:93:fc:f3:35:
+         8f:6f:4e:5a:7c:b4:bc:4e:b2:fc:72:aa:5b:59:f9:e7:dc:31
+SHA1 Fingerprint=89:D4:83:03:4F:9E:9A:48:80:5F:72:37:D4:A9:A6:EF:CB:7C:1F:D1
+-----BEGIN CERTIFICATE-----
+MIICQDCCAeWgAwIBAgIMAVRI7yH9l1kN9QQKMAoGCCqGSM49BAMCMHExCzAJBgNV
+BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRk
+LjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25vIFJv
+b3QgQ0EgMjAxNzAeFw0xNzA4MjIxMjA3MDZaFw00MjA4MjIxMjA3MDZaMHExCzAJ
+BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMg
+THRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25v
+IFJvb3QgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJbcPYrYsHtv
+xie+RJCxs1YVe45DJH0ahFnuY2iyxl6H0BVIHqiQrb1TotreOpCmYF9oMrWGQd+H
+Wyx7xf58etqjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdDgQWBBSHERUI0arBeAyxr87GyZDvvzAEwDAfBgNVHSMEGDAWgBSHERUI0arB
+eAyxr87GyZDvvzAEwDAKBggqhkjOPQQDAgNJADBGAiEAtVfd14pVCzbhhkT61Nlo
+jbjcI4qKDdQvfepz7L9NbKgCIQDLpbQS+ue16M9+k/zzNY9vTlp8tLxOsvxyqltZ
++efcMQ==
+-----END CERTIFICATE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202008290246.07T2kPiH044660>