CA/Incident Dashboard

From MozillaWiki
< CA
Jump to: navigation, search

Open CA Bugs in Bugzilla

Open Incident Related Bugs

Investigation or Discussion

Concern has been raised about certificates that a CA has issued. Investigation and/or discussion in progress.

No results.

0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);

Resulting CA Action Items

The concern about a CA's certificates has been confirmed, and the CA has follow-up action items.

No results.

0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern.

Anyone may create a CA Compliance bug as follows:

Full Query
ID Summary Status Assigned to Whiteboard Last change time
1390990 D-TRUST: Non-BR-Compliant Certificate Issuance NEW Arno Fiedler [ca-compliance] [remediation-accepted] Next Action: 2018-06-16 2018-07-18T17:56:32Z
1391063 QuoVadis: Non-BR-Compliant Certificate Issuance NEW Stephen Davidson [ca-compliance] [remediation-accepted] Next Update - 2018-06-30 2018-03-02T17:15:13Z
1391068 Taiwan-CA: Non-BR-Compliant Certificate Issuance NEW Robin Lin [ca-compliance] - Next Update - 15-May 2018 2018-06-07T00:56:36Z
1391074 T-Systems: Non-BR-Compliant Certificate Issuance NEW Lothar Eickholt [ca-compliance] 2018-06-28T11:01:10Z
1391087 Visa: Non-BR-Compliant Certificate Issuance NEW Marcelo B. Silva [ca-compliance] 2018-02-23T15:31:44Z
1397957 DigiCert / CTJ: Metadata in OU fields, Reserved IP Address NEW Jeremy Rowley [ca-compliance] - Next Update - 01-January 2019 2018-06-20T16:22:14Z
1398246 Consorci AOC: Non-BR-Compliant OCSP Responders REOPENED Francesc Ferrer [ca-compliance] 2018-06-06T12:24:46Z
1398247 DocuSign/Keynectis: Non-BR-Compliant OCSP Responders NEW Erwann Abalea [ca-compliance] 2018-07-16T17:47:22Z
1409766 Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record UNCONFIRMED Wojciech Trapczyński [ca-compliance] 2018-09-18T08:51:15Z
1425805 Consorci AOC: Insufficient Audit Statements UNCONFIRMED Francesc Ferrer [ca-compliance] - Next update 30-June-2018 2018-09-17T20:40:38Z
1428877 SwissSign: Invalid DNSName in SAN NEW Reinhard Dietrich [ca-compliance] 2018-05-31T08:53:03Z
1443731 SwissSign: Cert issued with a to long validity period UNCONFIRMED Reinhard Dietrich [ca-compliance] - Next Update - 01-August 2018 2018-08-31T06:18:51Z
1444455 DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates NEW Erwann Abalea [ca-compliance] 2018-07-10T07:52:23Z
1448986 Entrust - IP Address in dNSName form UNCONFIRMED Bruce Morton [ca-compliance] - Next Update - 01-February 2019 2018-08-03T16:52:18Z
1451950 DigiCert: Intermediate Cert(s) not disclosed in CCADB NEW Ben Wilson [ca-compliance] 2018-08-22T22:25:41Z
1452671 SECOM: TSA Certs Issued from Root NEW Hisashi Kamo [ca-compliance] - Next Update - 01-October 2018 2018-05-01T17:21:50Z
1455119 Firmaprofesional: Undisclosed Intermediate certificate NEW chemalogo [ca-compliance] 2018-05-31T19:02:35Z
1455128 Certicamara: Undisclosed Intermediate certificates NEW Leonardo Maldonado [ca-compliance] 2018-05-25T00:14:34Z
1455132 SwissSign: Undisclosed Intermediate Certificates NEW Reinhard Dietrich [ca-compliance] 2018-07-16T17:27:01Z
1455137 T-Systems: Undisclosed Intermediate certificate NEW Bernd [ca-compliance] 2018-06-29T18:25:26Z
1456655 ABB issues with DN, country code and keyUsage UNCONFIRMED Brenda Bernal [ca-compliance] - Next Update - 01-October 2018 2018-06-27T18:09:45Z
1458038 DocuSign/Keynectis: Missing BR Self Assessment NEW Erwann Abalea [ca-compliance] 2018-07-17T22:07:46Z
1459557 SwissSign: Certificate issue with Signature UNCONFIRMED Reinhard Dietrich [ca-compliance] - Next Update - 01-August 2018 2018-05-25T08:20:50Z
1461391 Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation ASSIGNED Rob Stradling [ca-compliance] 2018-05-24T19:47:37Z
1462423 NetLock: CN not in SAN UNCONFIRMED Varga Viktor [ca-compliance] 2018-05-17T23:18:19Z
1462797 E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString NEW Davut Tokgöz [ca-compliance] 2018-06-13T20:42:19Z
1462844 GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString NEW Daymion Reynolds [ca-compliance] 2018-09-10T17:52:05Z
1463975 [GRCA] Misissued certificates: Invalid commonName, commonName not in SAN NEW National Development Council [ca-compliance] 2018-05-25T00:00:35Z
1464359 Incident Report: Firmaprofesional: Undisclosed Intermediate certificate SDS UNCONFIRMED Wayne Thayer [:wayne] [ca-compliance] 2018-05-31T19:02:35Z
1466252 Cybertrust Japan: three test websites not provided NEW Wayne Thayer [:wayne] [ca-compliance] 2018-07-06T10:11:13Z
1467110 OCSP responding good for non-issued certs by Consorci AOC root already solved UNCONFIRMED Wayne Thayer [:wayne] [ca-compliance] 2018-06-13T21:51:16Z
1468477 QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage NEW Stephen Davidson [ca-compliance] - Next Update - 01-July 2018 2018-06-29T16:17:53Z
1472052 Quovadis: Certificate containing Debian weak key NEW Stephen Davidson [ca-compliance] 2018-07-05T23:40:00Z
1475115 Telia: Qualified Audit Statements NEW pekka.lahtiharju [ca-compliance] 2018-09-06T21:41:03Z
1481862 Camerfirma: organizationName Too Long NEW Juan Angel Martin [ca-compliance] 2018-08-27T08:18:11Z
1483639 DigiCert: ADACOM published outdated CRLs NEW Ben Wilson [ca=compliance] 2018-08-31T20:51:40Z
1483715 DigiCert: improper domain validation UNCONFIRMED Jeremy Rowley [ca-compliance] 2018-09-21T00:12:31Z
1484766 GoDaddy: Random Value Vulnerability in Domain Validation NEW Daymion Reynolds [ca-compliance] 2018-09-05T20:16:47Z
1485413 Certigna: Issuance without respecting CAA records NEW Josselin Allemandou [ca-compliance] 2018-09-16T22:04:44Z
1485851 Visa: Qualified Audit Statements NEW PKI Policy [ca-compliance] 2018-09-23T23:32:36Z
1486650 Let's Encrypt: OCSP "unauthorized" responses NEW Josh Aas [ca-compliance] 2018-09-23T00:28:10Z
1492006 Comodo: Failure to revoke within 24 hours NEW Rob Stradling [ca-compliance] 2018-09-18T12:51:02Z

42 Total; 42 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here: