CA/Incident Dashboard

From MozillaWiki
< CA
Jump to: navigation, search

Open CA Bugs in Bugzilla

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern.

Anyone may create a CA Compliance bug as follows:

Full Query
ID Summary Status Assigned to Whiteboard Last change time
1390990 D-TRUST: Non-BR-Compliant Certificate Issuance NEW Arno Fiedler [ca-compliance] [remediation-accepted] Next Action: 2018-06-16 2018-07-18T17:56:32Z
1391068 Taiwan-CA: Non-BR-Compliant Certificate Issuance NEW Robin Lin [ca-compliance] - Next Update - 15-May 2018 2018-06-07T00:56:36Z
1391074 T-Systems: Non-BR-Compliant Certificate Issuance NEW Lothar Eickholt [ca-compliance] 2018-10-12T04:08:26Z
1397957 DigiCert / CTJ: Metadata in OU fields, Reserved IP Address NEW Jeremy Rowley [ca-compliance] - Next Update - 01-January 2019 2018-06-20T16:22:14Z
1398247 DocuSign/Keynectis: Non-BR-Compliant OCSP Responders NEW Erwann Abalea [ca-compliance] 2018-10-09T22:36:33Z
1409766 Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record UNCONFIRMED Wojciech Trapczyński [ca-compliance] 2018-10-25T06:05:35Z
1425805 Consorci AOC: Insufficient Audit Statements UNCONFIRMED Francesc Ferrer [ca-compliance] - Next update 30-Sept-2018 2018-10-01T12:33:49Z
1428877 SwissSign: Invalid DNSName in SAN NEW Mike Guenther [ca-compliance] 2018-11-02T15:58:32Z
1444455 DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates NEW Erwann Abalea [ca-compliance] 2018-07-10T07:52:23Z
1448986 Entrust - IP Address in dNSName form UNCONFIRMED Bruce Morton [ca-compliance] - Next Update - 01-February 2019 2018-08-03T16:52:18Z
1452671 SECOM: TSA Certs Issued from Root NEW Hisashi Kamo [ca-compliance] 2018-11-15T08:30:02Z
1455119 Firmaprofesional: Undisclosed Intermediate certificate NEW chemalogo [ca-compliance] 2018-05-31T19:02:35Z
1455128 Certicamara: Undisclosed Intermediate certificates NEW Leonardo Maldonado [ca-compliance] 2018-10-23T21:23:54Z
1455137 T-Systems: Undisclosed Intermediate certificate NEW Bernd [ca-compliance] 2018-06-29T18:25:26Z
1456655 ABB issues with DN, country code and keyUsage UNCONFIRMED Brenda Bernal [ca-compliance] - Next Update - 01-October 2018 2018-10-12T13:30:52Z
1458038 DocuSign/Keynectis: Missing BR Self Assessment NEW Erwann Abalea [ca-compliance] 2018-07-17T22:07:46Z
1461391 Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation ASSIGNED Robin Alden [ca-compliance] 2018-10-23T20:36:43Z
1462423 NetLock: CN not in SAN UNCONFIRMED Varga Viktor [ca-compliance] 2018-05-17T23:18:19Z
1462797 E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString NEW Davut Tokgöz [ca-compliance] 2018-06-13T20:42:19Z
1462844 GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString NEW Daymion Reynolds [ca-compliance] 2018-09-10T17:52:05Z
1463975 [GRCA] Misissued certificates: Invalid commonName, commonName not in SAN NEW National Development Council [ca-compliance] 2018-05-25T00:00:35Z
1466252 Cybertrust Japan: three test websites not provided NEW Wayne Thayer [:wayne] [ca-compliance] - Next update 19-Oct-2018 2018-10-23T00:38:55Z
1468477 QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage NEW Stephen Davidson [ca-compliance] - Next Update - 01-July 2018 2018-09-24T18:07:07Z
1472052 Quovadis: Certificate containing Debian weak key NEW Stephen Davidson [ca-compliance] 2018-09-24T18:07:06Z
1475115 Telia: Qualified Audit Statements NEW pekka.lahtiharju [ca-compliance] 2018-09-06T21:41:03Z
1478933 Camerfirma, Qualified Audit Statements UNCONFIRMED Juan Angel Martin [ca-compliance] - Next Update - 01-February 2019 2018-10-31T22:34:50Z
1481862 Camerfirma: organizationName Too Long REOPENED Juan Angel Martin [ca-compliance] 2018-09-26T22:25:24Z
1484766 GoDaddy: Random Value Vulnerability in Domain Validation NEW Daymion Reynolds [ca-compliance] 2018-10-25T13:09:47Z
1485413 Certigna: Issuance without respecting CAA records NEW Josselin Allemandou [ca-compliance] 2018-09-16T22:04:44Z
1492006 Comodo: Failure to revoke within 24 hours NEW Robin Alden [ca-compliance] 2018-10-23T20:37:16Z
1495497 KIR S.A.: Certificates issued with multiple BR violations NEW Piotr Grabowski [ca-compliance] 2018-10-11T22:30:42Z
1495507 Government of Spain FNMT: OU exceeds 64 characters NEW Rafa Medina [ca-compliance] 2018-11-05T18:00:32Z
1495518 Assecco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) NEW Wojciech Trapczyński [ca-compliance] - Next Update - 01-July 2019 2018-10-25T06:08:58Z
1495524 Certinomis: Unqualified Domain Name in SAN NEW Franck Leroy [ca-compliance] - Next Update - 01-January 2019 2018-10-30T05:10:00Z
1496088 Certinomis: certificate for, O=Entreprise TEST UNCONFIRMED Franck Leroy [ca-compliance] 2018-11-13T10:42:56Z
1496616 Consorci: Qualified audit statements NEW Francesc Ferrer [ca-compliance] 2018-10-15T10:18:32Z
1497700 DocuSign/Keynectis: Undisclosed Intermediate certificate NEW Erwann Abalea [ca-compliance] 2018-10-09T22:28:55Z
1498409 Certicamara: Failure to respond to September 2018 CA Survey NEW Leonardo Maldonado [ca-compliance] 2018-10-23T21:23:54Z
1498463 T-Systems: Improperly encoded QCStatements extension NEW Bernd [ca-compliance] 2018-11-12T16:27:32Z
1500593 Identrust: Internal names / failure to report NEW roots [ca-compliance] 2018-10-19T20:46:40Z
1502957 Camerfirma: MULTICERT Misissuance and missing audits NEW Juan Angel Martin [ca-compliance] 2018-11-15T22:42:06Z
1503128 Certinomis: email address in DNS SAN UNCONFIRMED Franck Leroy [ca-compliance] 2018-11-13T11:36:52Z
1506607 SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier UNCONFIRMED Mike Guenther [ca-compliance] Next Update - 2018-11-16 2018-11-16T15:19:01Z
1507376 TÜViT: Issues with T-Systems Audits NEW Matthias Wiedenhorst [auditor-compliance] 2018-11-19T10:41:24Z
1507862 Government of Spain (ACCV): Late Audit Statement NEW Jose Amador [ca-compliance] 2018-11-16T18:01:38Z

45 Total; 45 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here: