Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8361212

Remove AffirmTrust root CAs

XMLWordPrintable

        The AffirmTrust CAs have been deactivated by Entrust and are not being transferred to Sectigo. See https://groups.google.com/u/1/a/ccadb.org/g/public/c/tk2CV6Mc-xo for more details, specifically this sentence:

        "The CAs not being transferred comprise of roots and CAs that were never used by subscribers, and also the roots and CAs for 'Affirmtrust'."

        Even though we are already distrusting the AffirmTrust roots by default, we should now take the next step and remove them from the JDK, as they are no longer active and revocation services and other important infrastructure won't be maintained.

        We include 4 AffirmTrust roots in the JDK.

          There are no Sub-Tasks for this issue.

              rhalade Rajan Halade
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: