FAQ

[android-security-discuss] TURKTRUST Root Certificate Inclusion

Mert Özarar (TÜRKTRUST)
Nov 30, 2011 at 8:42 am
Dear All,

I would like to request adding two root certificates on behalf of
TURKTRUST Inc. (www.turktrust.com.tr/en), which is the most popular CA
in Turkey .

We would like to start with root certificate:
http://www.turktrust.com.tr/sertifikalar/7_TURKTRUST_Elektronik_Sertifika_Hizmet_Saglayicisi.crt

This root certificate is already embedded within, but not limited to:
- Microsoft Root Store
- Mozilla NSS
- Apple Safari
- Opera

Please find below further information, which will be useful to verify
our request at URL:
https://bugzilla.mozilla.org/show_bug.cgi?id=380635

I'm not quiet sure what the procedure is to get our root included
within Android OS, so it would be much appreciated if you can give me
more info on this.

Thanks for your kind support,

Best regards,
Mert

--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To post to this group, send email to android-security-discuss@googlegroups.com.
To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
reply

Search Discussions

3 responses

  • Brian Carlstrom at Nov 30, 2011 at 5:53 pm
    The TURKTRUST CA certificate with SHA1 Fingerprint
    B4:35:D4:E1:11:9D:1C:66:90:A7:49:EB:B3:94:BD:63:7B:A7:82:B7 and Subject
    "CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet
    Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST
    Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi
    Hizmetleri A.\xC5\x9E. (c) Kas\xC4\xB1m 2005" has been included since
    Android 2.3 (Gingerbread)

    If it had not been included, the preferred way to request inclusion is via
    http://code.google.com/p/android/issues/list

    -bri
    On Wed, Nov 30, 2011 at 12:11 AM, Mert Özarar (TÜRKTRUST) wrote:

    Dear All,

    I would like to request adding two root certificates on behalf of
    TURKTRUST Inc. (www.turktrust.com.tr/en), which is the most popular CA
    in Turkey .

    We would like to start with root certificate:

    http://www.turktrust.com.tr/sertifikalar/7_TURKTRUST_Elektronik_Sertifika_Hizmet_Saglayicisi.crt

    This root certificate is already embedded within, but not limited to:
    - Microsoft Root Store
    - Mozilla NSS
    - Apple Safari
    - Opera

    Please find below further information, which will be useful to verify
    our request at URL:
    https://bugzilla.mozilla.org/show_bug.cgi?id=380635

    I'm not quiet sure what the procedure is to get our root included
    within Android OS, so it would be much appreciated if you can give me
    more info on this.

    Thanks for your kind support,

    Best regards,
    Mert

    --
    You received this message because you are subscribed to the Google Groups
    "Android Security Discussions" group.
    To post to this group, send email to
    android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to
    android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/android-security-discuss?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
    To post to this group, send email to android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
  • Captfrank at Dec 14, 2011 at 3:51 pm
    Question how would I take out all trusted CA's and only allow mine?
    i.e. I would want to only allow apps installed by users that we/I have
    signed or at least from our CA. Have to root it I trust?
    On Nov 30, 12:53 pm, Brian Carlstrom wrote:
    The TURKTRUST CA certificate with SHA1 Fingerprint
    B4:35:D4:E1:11:9D:1C:66:90:A7:49:EB:B3:94:BD:63:7B:A7:82:B7 and Subject
    "CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet
    Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST
    Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi
    Hizmetleri A.\xC5\x9E. (c) Kas\xC4\xB1m 2005" has been included since
    Android 2.3 (Gingerbread)

    If it had not been included, the preferred way to request inclusion is viahttp://code.google.com/p/android/issues/list

    -bri

    On Wed, Nov 30, 2011 at 12:11 AM, Mert Özarar (TÜRKTRUST) <

    mert.oza...@gmail.com> wrote:
    Dear All,
    I would like to request adding two root certificates on behalf of
    TURKTRUST Inc. (www.turktrust.com.tr/en), which is the most popular CA
    in Turkey .
    We would like to start with root certificate:
    http://www.turktrust.com.tr/sertifikalar/7_TURKTRUST_Elektronik_Serti...
    This root certificate is already embedded within, but not limited to:
    - Microsoft Root Store
    - Mozilla NSS
    - Apple Safari
    - Opera
    Please find below further information, which will be useful to verify
    our request at URL:
    https://bugzilla.mozilla.org/show_bug.cgi?id=380635
    I'm not quiet sure what the procedure is to get our root included
    within Android OS, so it would be much appreciated if you can give me
    more info on this.
    Thanks for your kind support,
    Best regards,
    Mert
    --
    You received this message because you are subscribed to the Google Groups
    "Android Security Discussions" group.
    To post to this group, send email to
    android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to
    android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/android-security-discuss?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
    To post to this group, send email to android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
  • Brian Carlstrom at Dec 14, 2011 at 6:02 pm
    Trusted CAs aren't used for checking apps signatures. Apps are self
    signed. Trusted CAs are used for verifying the identity of SSL servers
    including for https:// web browsing.

    -bri
    On Wed, Dec 14, 2011 at 7:51 AM, captfrank wrote:
    Question how would I take out all trusted CA's and only allow mine?
    i.e. I would want to only allow apps installed by users that we/I have
    signed or at least from our CA.  Have to root it I trust?
    On Nov 30, 12:53 pm, Brian Carlstrom wrote:
    The TURKTRUST CA certificate with SHA1 Fingerprint
    B4:35:D4:E1:11:9D:1C:66:90:A7:49:EB:B3:94:BD:63:7B:A7:82:B7 and Subject
    "CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet
    Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1, C=TR, L=Ankara, O=T\xC3\x9CRKTRUST
    Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi
    Hizmetleri A.\xC5\x9E. (c) Kas\xC4\xB1m 2005" has been included since
    Android 2.3 (Gingerbread)

    If it had not been included, the preferred way to request inclusion is viahttp://code.google.com/p/android/issues/list

    -bri

    On Wed, Nov 30, 2011 at 12:11 AM, Mert Özarar (TÜRKTRUST) <

    mert.oza...@gmail.com> wrote:
    Dear All,
    I would like to request adding two root certificates on behalf of
    TURKTRUST Inc. (www.turktrust.com.tr/en), which is the most popular CA
    in Turkey .
    We would like to start with root certificate:
    http://www.turktrust.com.tr/sertifikalar/7_TURKTRUST_Elektronik_Serti...
    This root certificate is already embedded within, but not limited to:
    - Microsoft Root Store
    - Mozilla NSS
    - Apple Safari
    - Opera
    Please find below further information, which will be useful to verify
    our request at URL:
    https://bugzilla.mozilla.org/show_bug.cgi?id=380635
    I'm not quiet sure what the procedure is to get our root included
    within Android OS, so it would be much appreciated if you can give me
    more info on this.
    Thanks for your kind support,
    Best regards,
    Mert
    --
    You received this message because you are subscribed to the Google Groups
    "Android Security Discussions" group.
    To post to this group, send email to
    android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to
    android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/android-security-discuss?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
    To post to this group, send email to android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
    To post to this group, send email to android-security-discuss@googlegroups.com.
    To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.

Related Discussions

Discussion Navigation
viewthread | post