Microsoft says: "The Microsoft Trusted Root Certificate Program releases changes to our Root Store on a monthly cadence, except for December." However, that's written on an aka.ms page (ie it should be linking to current material) with a list of updates and yet it was issued once in February and has never been updated since. So it may be reasonable to take with a grain of salt the "commitment" from Microsoft to obey this policy.
I find that MS continues to be extremely lazy and won't show the ISRG Root X2 cert in the trusted store until it has been accessed (at least in my case, directly).
I simply opened the cert and it then immediately showed in the trusted store (without any install).
Is there any beta test for ISRG Root X2
What do you mean "beta test"?
It is in full production already.
My cert is from X3 > R3 > Domain ? I requested ECDSA cert and thats what I got.
For now you have to request be allow-listed for ECDSA, see:
OK, I think I understand you now.
I think that any new certs must now be avoiding the soon to be expiring DST Root CA X3.
But your browser may still show it (while it is still valid).
Mozilla has started the public discussion phase regarding the inclusion of ISRG Root X2:
This is an important step in Mozillas inclusion process.
The public discussion at Mozilla is over, the current status is "Intent to Approve":
The ISRG Root X2 certificate has been formally accepted by Mozilla, and should appear in the next NSS release.
NSS inclusion request: 1738805 - Add ISRG Root X2 root certificate to NSS
Hopefully beginning of 2022 we can start using X2
Is there any public status available for the Apple, Google, and Oracle root programs?
I haven't seen any kind of "publicy visible inclusion process" for most root programs (well, except Mozilla). If there is I would like to know as well.
The current status as I can verify it is:
I know you're busy and not everyone is available at all times, but you're aware that Mozilla is currently blocked waiting for your input?
We are aware of this, thank you.
Root X2 seems to have been included in the Microsoft and Google root programs at some point recently. Can't say exactly when for lack of transparency in their processes.
while I don't know about MS root, ISRG root X2 didn't land on android 12, as they only do CA store update on android release I think it'd be like android 13 or somthing until it will land on android.
there is no ISRG update there and if you look up newest commit you will find no ISRG root x2 in there too.
Microsoft including ISRG Root X2 has been reported already:
That's a bit complicated, because there is no uniform "Google Root Program". There are various trust stores used on their products, for example the trust store used on Android. Censys lists "Google CT" under trust, which are the certificates accepted by their CT log backends. The latter seems to include ISRG Root X2 now, yes. I imagine that these trust stores are run independently by independent departments.
There's a root program run by Google, the Chrome Root Program. But that is still in development and little is known about it.
ISRG Root X2 certificate was just committed in NSS, so should be included in Firefox soon.
Wonderful news! Correct me if I'm wrong, it looks like it'll arrive in the next branch release of NSS on 1/6/2022 in v3.74, meaning it'll land in Nightly immediately after and Firefox 97 stable on February 8.