CA/Incident Dashboard

From MozillaWiki
< CA
Jump to: navigation, search

Open CA Bugs in Bugzilla

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern.

Anyone may create a CA Compliance bug as follows:

Full Query
ID Summary Status Assigned to Whiteboard Last change time
1390990 D-TRUST: Non-BR-Compliant Certificate Issuance NEW Arno Fiedler [ca-compliance] 2019-02-01T14:25:05Z
1448986 Entrust - IP Address in dNSName form ASSIGNED Bruce Morton [ca-compliance] - Next Update - 01-April 2019 2019-01-17T14:59:02Z
1455137 T-Systems: Undisclosed Intermediate certificate NEW Bernd [ca-compliance] 2019-02-06T16:09:50Z
1456655 DigiCert / ABB: Issues with DN, country code and keyUsage ASSIGNED Brenda Bernal [ca-compliance] 2019-02-04T20:45:29Z
1462423 NetLock: CN not in SAN UNCONFIRMED Varga Viktor [ca-compliance] 2019-01-24T21:45:14Z
1462797 E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString NEW Davut Tokgöz [ca-compliance] 2019-02-04T15:47:48Z
1463975 GRCA: Misissued certificates: Invalid commonName, commonName not in SAN ASSIGNED National Development Council [ca-compliance] 2019-01-31T15:03:59Z
1466252 Cybertrust Japan: three test websites not provided ASSIGNED masahiro.shikutani [ca-compliance] - Next update 19-Oct-2018 2019-02-05T12:42:04Z
1468477 QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage ASSIGNED Stephen Davidson [ca-compliance] Next Update - 01-January 2020 2019-01-16T21:46:15Z
1481862 Camerfirma: MULTICERT organizationName Too Long REOPENED Juan Angel Martin [ca-compliance] Next Update - 14-February 2019 2019-02-14T19:24:46Z
1492006 Comodo: Failure to revoke within 24 hours ASSIGNED Robin Alden [ca-compliance] Next Update - 24-January 2019 2019-01-17T15:00:19Z
1495497 KIR S.A.: Certificates issued with multiple BR violations ASSIGNED Piotr Grabowski [ca-compliance] 2019-01-21T18:06:56Z
1495518 Assecco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) ASSIGNED Wojciech Trapczyński [ca-compliance] - Next Update - 01-July 2019 2019-01-17T15:00:50Z
1495524 Certinomis: Unqualified Domain Name in SAN ASSIGNED Marc MAITRE [ca-compliance] - Next Update - 01-January 2019 2019-01-17T14:55:03Z
1496088 Certinomis: certificate for test.com, O=Entreprise TEST ASSIGNED Marc MAITRE [ca-compliance] 2019-02-04T15:46:09Z
1496616 Consorci: Qualified audit statements ASSIGNED Francesc Ferrer [ca-compliance] Next Update - 01-January 2020 2019-01-09T18:53:55Z
1502957 Camerfirma: MULTICERT Misissuance and missing audits ASSIGNED Juan Angel Martin [ca-compliance] - Next Update - 07-March 2019 2019-01-17T14:54:44Z
1503128 Certinomis: email address in DNS SAN ASSIGNED Marc MAITRE [ca-compliance] 2019-02-04T15:46:20Z
1506607 SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier ASSIGNED Mike Guenther [ca-compliance] - Next Update - 01-February 2019 2019-01-17T15:01:08Z
1509002 Camerfirma: MULTICERT certificates with a validity period greater than 825 days ASSIGNED Eusebio Herrera [ca-compliance] - Next Update - 01-April 2019 2019-02-14T16:06:21Z
1509512 D-TRUST: syntax error in one tls certificate ASSIGNED Enrico Entschew [ca-compliance] 2019-01-31T15:04:44Z
1512018 Entrust: Certificate issued with '-' in ST field ASSIGNED Bruce Morton [ca-compliance] 2019-02-04T15:45:42Z
1516545 DigiCert: Underscores - Verizon ASSIGNED Brenda Bernal [ca-compliance] 2019-02-15T19:25:59Z
1516561 DigiCert: Underscores - Canadian Imperial Bank of Commerce ASSIGNED Brenda Bernal [ca-compliance] 2019-01-18T06:06:26Z
1516599 DigiCert: Underscores - Ericsson ASSIGNED Brenda Bernal [ca-compliance] 2019-02-15T19:26:14Z
1517617 DigiCert: Underscores - Citi ASSIGNED Brenda Bernal [ca-compliance] 2019-01-31T14:58:06Z
1518553 Sectigo: Use of forbidden subjectPublicKeyInfo algorithm ASSIGNED Robin Alden [ca-compliance] Next Update - 17-January 2019 2019-01-22T19:03:29Z
1518560 Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm ASSIGNED Wojciech Trapczyński [ca-compliance] - Next Update - 05-February 2019 2019-02-04T08:47:32Z
1519260 QuoVadis: Multiple unreported misissuances in 2018 ASSIGNED Stephen Davidson [ca-compliance] - Next Update - 01-July 2019 2019-01-17T14:58:04Z
1519265 QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs ASSIGNED Wayne Thayer [:wayne] [ca-compliance] 2019-02-04T15:46:56Z
1519572 DigiCert: Underscores - Intuit ASSIGNED Brenda Bernal [ca-compliance] Next Update - 30-April 2019 2019-02-04T15:45:30Z
1520299 Hongkong Post / Certizen: Failure to report misissuance ASSIGNED Man Ho [ca-compliance] 2019-02-01T04:40:39Z
1520876 Entrust: Late mis-issue certificate revocation ASSIGNED Bruce Morton [ca-compliance] 2019-01-22T19:21:39Z
1521950 QuoVadis: BR Error - san dns name starts with period ASSIGNED Stephen Davidson [ca-compliance] 2019-01-30T19:11:41Z
1522975 Google: Improper OCSP response for intermediate certificate ASSIGNED kluge [ca-compliance] 2019-02-04T17:31:58Z
1523186 KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days ASSIGNED Piotr Grabowski [ca-compliance] - Next Update - 03-March 2019 2019-02-04T19:19:46Z
1523221 GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions ASSIGNED National Development Council [ca-compliance] 2019-02-05T09:58:22Z
1523676 DigiCert: Good OCSP Responses for Revoked Intermediates ASSIGNED Ben Wilson [ca-compliance] 2019-02-15T19:31:14Z
1523680 Actalis: Non BR Compliant OCSP Responder ASSIGNED ADRIANO SANTONI [ca-compliance] 2019-02-01T16:41:43Z
1524050 Telia: Misissued certificate - invalid dnsName ASSIGNED pekka.lahtiharju [ca-compliance] - Next Update - 01-March 2019 2019-02-15T15:27:02Z
1524094 Certinomis: invalid DNS names in SAN ASSIGNED Marc MAITRE [ca-compliance] 2019-02-02T01:10:04Z
1524103 Certinomis: invalid state and locality fields in subject ASSIGNED Marc MAITRE [ca-compliance] 2019-02-02T03:55:16Z
1524112 Certinomis: O=POUR TEST in subject ASSIGNED Marc MAITRE [ca-compliance] 2019-02-05T19:30:24Z
1524143 CFCA: Internal iPAddress in certificate UNCONFIRMED Wayne Thayer [:wayne] [ca-compliance] 2019-01-31T14:52:14Z
1524195 Asseco DS / Certum: Invalid dnsNames ASSIGNED Wojciech Trapczyński [ca-compliance] 2019-02-15T17:29:44Z
1524448 Certinomis: misissued "test" certificates ASSIGNED Marc MAITRE [ca-compliance] 2019-02-02T00:27:56Z
1524449 Certinomis: validity period >825 days ASSIGNED Marc MAITRE [ca-compliance] 2019-02-02T00:33:27Z
1524451 Certinomis: invalid CDP extension ASSIGNED Marc MAITRE [ca-compliance] 2019-02-08T23:22:02Z
1524452 SECOM: certificate for .test TLD ASSIGNED Hisashi Kamo [ca-compliance] 2019-02-15T17:06:58Z
1524567 Telia: invalid IP value in SAN DNS field ASSIGNED pekka.lahtiharju [ca-compliance] 2019-02-15T15:36:21Z
1524730 Sectigo: invalid dnsName ASSIGNED Robin Alden [ca-compliance] 2019-02-02T14:56:06Z
1524733 CFCA: invalid dnsNames UNCONFIRMED Wayne Thayer [:wayne] [ca-compliance] 2019-02-02T15:01:19Z
1524815 GoDaddy: failure to revoke underscores ASSIGNED Daymion Reynolds [ca-compliance] 2019-02-14T03:13:13Z
1524816 SECOM: failure to revoke underscores ASSIGNED Hisashi Kamo [ca-compliance] 2019-02-15T17:04:22Z
1524871 Camerfirma: failure to revoke underscores ASSIGNED Eusebio Herrera [ca-compliance] 2019-02-15T20:37:38Z
1524875 DigiCert: IP in dnsName ASSIGNED Brenda Bernal [ca-compliance] 2019-02-15T19:56:05Z
1524876 Entrust: IP in dnsName ASSIGNED Bruce Morton [ca-compliance] Next Update - 23-February 2019 2019-02-11T15:50:51Z
1524877 GlobalSign: IP in dnsName ASSIGNED douglas.beattie [ca-compliance] 2019-02-13T16:14:25Z
1524879 QuoVadis: IP in dnsName ASSIGNED Stephen Davidson [ca-compliance] 2019-02-04T21:53:11Z
1525710 Amazon: Test revoked certificates with invalid validity period ASSIGNED Trev [ca-compliance] 2019-02-15T18:58:44Z
1526099 Identrust: Discrepancy in values of address fields within CN of SSL Certificates ASSIGNED roots [ca-compliance] 2019-02-13T16:43:14Z
1526154 DigiCert: Missed Underscore Certificate Revocations ASSIGNED Brenda Bernal [ca-compliance] 2019-02-15T19:28:34Z
1527423 DigiCert: P-384,ecdsa-with-SHA512 Certificates ASSIGNED Brenda Bernal [ca-compliance] 2019-02-15T19:37:22Z
1528259 Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field ASSIGNED pekka.lahtiharju [ca-compliance] 2019-02-15T18:57:27Z
1528261 Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) ASSIGNED pekka.lahtiharju [ca-compliance] 2019-02-15T18:59:19Z
1528263 Telia: Misissued certificate - Invalid wildcard format ASSIGNED pekka.lahtiharju [ca-compliance] Next Update - 19-February 2019 2019-02-15T20:15:23Z
1528264 Telia: Misissued certificate - Invalid OU value "-" ASSIGNED pekka.lahtiharju [ca-compliance] 2019-02-15T20:27:24Z
1528290 Izenpe: OU > 64 characters ASSIGNED o-garcia [ca-compliance] 2019-02-15T16:24:29Z

68 Total; 68 Open (100%); 0 Resolved (0%); 0 Verified (0%);


Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here: