CA/Closed Incidents

From MozillaWiki
< CA
Jump to: navigation, search

Closed CA Compliance Bugs

A historical view of past overdue audit statements may be found here.
Below is a historical view of past CA compliance bugs. These bugs may have been valid and remedied by the CA, or may have been deemed invalid and closed as unnecessary.

All Other Issues

Full Query
Summary ID Status Resolution Assigned to Whiteboard Last change time
[meta] Bug for Tracking BR Compliance Issues 1029147 RESOLVED WORKSFORME Kathleen Wilson [ca-compliance] -- tracking bug for BR Compliance issues 2022-11-14T22:22:57Z
ACCV: Insufficient serial number entropy 1536213 RESOLVED FIXED Jose Amador [ca-compliance] 2022-11-14T22:22:57Z
Actalis: Certs issued with same issuer and serial number 1405817 RESOLVED FIXED Adriano Santoni [ca-compliance] 2022-11-14T22:22:57Z
Actalis: inaccurate value in stateOrProvinceName 1648997 RESOLVED FIXED Adriano Santoni [ca-compliance] - Next Update - 1-October 2020 2022-11-14T22:22:57Z
Actalis: Incorrect OCSP Delegated Responder Certificate 1649961 RESOLVED FIXED Adriano Santoni [ca-compliance] 2022-11-14T22:22:57Z
Actalis: Insufficient serial number entropy 1534295 RESOLVED FIXED Adriano Santoni [ca-compliance] 2022-11-14T22:22:57Z
Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586787 RESOLVED FIXED Giorgio Girelli [ca-compliance] 2022-11-14T22:22:57Z
Actalis: Issuance of intermediates after 2020-08-20 that do not comply with Mozilla Policy and the Baseline Requirements 1717357 RESOLVED FIXED Adriano Santoni [ca-compliance] Next update 2021-09-22 2022-11-14T22:22:57Z
Actalis: Non BR Compliant OCSP Responder 1523680 RESOLVED FIXED Adriano Santoni [ca-compliance] 2022-11-14T22:22:57Z
Actalis: Non-BR-Compliant Certificate Issuance 1390974 RESOLVED FIXED Adriano Santoni [ca-compliance] 2022-11-14T22:22:57Z
AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420766 RESOLVED INVALID Linus Hallberg [ca-compliance] 2022-11-14T22:22:57Z
Amazon Trust Services: ALV Errors 1713668 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] Next update 2021-07-01 2022-11-14T22:22:57Z
Amazon Trust Services: CP/CPS does not specify key compromise methods 1713976 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6 1713978 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] Next update 2021-08-01 2022-11-14T22:22:57Z
Amazon Trust Services: Misissuance of Subordinate Per CPS 1743935 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Amazon Trust Services: Missing CAA Check For Test Website Certificates 1746945 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Amazon Trust Services: Overdue audit statements for intermediate certificates 1757615 RESOLVED FIXED Ben Wilson [ca-compliance] [audit-delay] 2022-11-14T22:22:57Z
Amazon: CAA Misissuances 1398428 RESOLVED FIXED Peter Bowen [ca-compliance] 2022-11-14T22:22:57Z
Amazon: Failure to comply with RFC 5280 1521623 RESOLVED INVALID Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Amazon: No Space In Private Organization 1569266 RESOLVED FIXED Dave Blunt [ca-compliance] 2022-11-14T22:22:57Z
Amazon: Revoked Sample Certs - No SANs 1574594 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Amazon: Test revoked certificates with invalid validity period 1525710 RESOLVED FIXED Trevoli (Amazon Trust Services) [ca-compliance] 2022-11-14T22:22:57Z
Apple: CAs omitted from audit statement 1724528 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: CRL issuance frequency deviates from CPS in some cases 1772644 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: Empty SingleExtension in OCSP responses 1669618 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: EV Certificate Approver Authorization 1659316 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: EV TLS pre-certificates issued without EKU extension 1777757 RESOLVED FIXED certification_authority [ca-compliance] Next update 2022-11-18 2022-11-26T18:18:29Z
Apple: OCSP availability 2020-11-12 1677234 RESOLVED FIXED certification_authority [ca-compliance] Next Update 2021-01-31 2022-11-14T22:22:57Z
Apple: OCSP responders return ‘unknown’ for valid S/MIME and TLS certificates 1771398 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: OCSP responders return responses with incorrect issuer 1588001 RESOLVED FIXED certification_authority [ca-compliance] - Next Update - 30-June 2020 2022-11-14T22:22:57Z
Apple: Patch Management 1598829 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Apple: Test web page certificates expired 1730291 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: CA certificates not listed in audit report 1598277 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record 1409766 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: CAA mis-issuance on critical flag and unknown CAA tag 1409764 RESOLVED FIXED Arkadiusz Ławniczak [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420860 RESOLVED FIXED Arkadiusz Ławniczak [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: commonName not from subjectAltName entries 1550575 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Corrupted certificates 1511459 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: CPS does not refer to BR domain validation methods 1717034 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: EV certificate mis-issue 1451228 RESOLVED FIXED Arkadiusz Ławniczak [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: EV Certificates issued with wrong Business Category 1600301 RESOLVED FIXED Aleksandra Kapinos [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Failure to provide a preliminary report within 24 hours. 1667684 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Forward dating certificates (notBefore in the future) 1718680 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: inconsistent disclosure of externally-operated intermediate 1567062 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Incorrect localityName 1710206 RESOLVED INVALID Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Incorrect localityName 1711208 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Incorrect OCSP response encoding 1639502 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Invalid dnsNames 1524195 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Invalid stateOrProvinceName field 1667986 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Invalid stateOrProvinceName field (recurrent incident) 1709392 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Invalid value in SAN dNSName 1611458 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: IP in dnsName 1524878 RESOLVED DUPLICATE Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: non-audited intermediate certificate 1579299 RESOLVED INVALID Aleksandra Kapinos [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys 1435770 RESOLVED FIXED Arkadiusz Ławniczak [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Overdue Audit Statements 2019 1566586 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] Overdue Audits for root certs 2022-11-14T22:22:57Z
Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) 1495518 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm 1518560 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] 2022-11-14T22:22:57Z
ATOS: Incorrect OCSP Delegated Responder Certificate 1649963 RESOLVED FIXED u636358 [ca-compliance] 2022-11-14T22:22:57Z
Atos: Insufficient Serial Number Entropy 1540961 RESOLVED FIXED u636358 [ca-compliance] 2022-11-14T22:22:57Z
Atos: Tracking bug for possible audit delays 1626355 RESOLVED FIXED u636358 [ca-compliance][audit-delay][covid-19] Next Update 1-Oct-2020 2022-11-14T22:22:57Z
Buypass: Illegal Business Category in a PSD2 QWAC 1632632 RESOLVED FIXED Mads Henriksveen [ca-compliance] 2022-11-14T22:22:57Z
Buypass: Insufficient Serial Number Entropy 1539307 RESOLVED FIXED Mads Henriksveen [ca-compliance] 2022-11-14T22:22:57Z
Buypass: Intermediate certificates not listed in audit reports 1595113 RESOLVED FIXED Mads Henriksveen [ca-compliance] 2022-11-14T22:22:57Z
Buypass: Missing NCA identifier in cabfOrganizationIdentifier in PSD2 QWACs 1626078 RESOLVED FIXED Mads Henriksveen [ca-compliance] 2022-11-14T22:22:57Z
Buypass: PSD2 QWAC with RSA modulus not divisible by 8 1654216 RESOLVED FIXED Mads Henriksveen [ca-compliance] Next Update 30-Sept-2020 2022-11-14T22:22:57Z
Camerfirma: audit gap 1583470 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: certificate for unregistered domain cuatis.net 1672423 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Certificate issued with 3-year lifespan, unknown policy 1686524 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: certificate with an incorrect OrganizationName 1680083 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Certificates without CABForum OV Reserved Policy Identifier 1685557 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Certs issued with same issuer and serial number 1405815 RESOLVED FIXED Ramiro Muñoz Muñoz [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName 1357067 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant 1688215 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: EV Certificates issued with wrong Business Category 1600114 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA 1672029 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: failure to revoke underscores 1524871 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Govern d'Andorra Audit Delay 1704140 RESOLVED FIXED Ana Lopes [ca-compliance] [audit-delay] 2022-11-14T22:22:57Z
Camerfirma: Incorrect disclosure of Intesa Sanpaolo sub-CA 1672562 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Incorrect OCSP Delegated Responder Certificate 1649944 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Infocert misissued certificates 1556806 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Intesa Sanpaolo misissued certificates 1557085 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Invalid authorityKeyIdentifier - recurrent incident 1623384 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Invalid stateOrProvinceName field 1667430 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Missing audit for Intermediate certificate 1455147 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: MULTICERT certificates with a validity period greater than 825 days 1509002 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: MULTICERT Misissuance and missing audits 1502957 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: MULTICERT organizationName Too Long 1481862 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy 1534429 RESOLVED FIXED ca.forum [ca-compliance] 2022-11-14T22:22:57Z
CamerFirma: No disclosure of verification sources 1688382 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Non-BR-Compliant Certificate Issuance 1390977 RESOLVED FIXED Ramiro Muñoz Muñoz [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Non-BR-Compliant Issuance - DNSName is empty 1443857 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field 1431164 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Non-BR-Compliant OCSP Responders 1426233 RESOLVED FIXED Ramiro Muñoz Muñoz [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Old CAs with an RSA modulus size of 2047 bits 1692533 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Outdated audit statements for intermediate certs 1549861 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Potential Mis-Issuance based on CAA records 1420871 RESOLVED FIXED Ramiro Muñoz Muñoz [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Qualified Audit Statements 1478933 RESOLVED FIXED Juan Angel Martin [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: suspicious certificate for com.com 1672409 RESOLVED FIXED Ana Lopes [ca-compliance] 2022-11-14T22:22:57Z
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate 1532333 RESOLVED FIXED Eusebio Herrera [ca-compliance] 2022-11-14T22:22:57Z
Certainly: Root CRL validity period exceeds maximum by one second 1732745 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
Certainly: Serving Expired OCSP Responses 1771238 RESOLVED FIXED Wayne Thayer [ca-compliance] Next update 2022-07-31 2022-11-14T22:22:57Z
Certainly: TLS Using ALPN TLS Version and OID 1752452 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
Certicamara: Failure to respond to September 2018 CA Survey 1498409 RESOLVED FIXED Leonardo Maldonado [ca-compliance] 2022-11-14T22:22:57Z
Certicamara: Undisclosed Intermediate certificates 1455128 RESOLVED FIXED Leonardo Maldonado [ca-compliance] 2022-11-14T22:22:57Z
Certigna : certificates issued with 2 SCT 1709896 RESOLVED INVALID Josselin Allemandou [ca-compliance] 2022-11-14T22:22:57Z
Certigna: Issuance without respecting CAA records 1485413 RESOLVED FIXED Josselin Allemandou [ca-compliance] 2022-11-14T22:22:57Z
Certigna: Precertificate with a validity period greater than 398-days 1774171 RESOLVED DUPLICATE Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: 174 certificates with unknown OCSP status 1551390 RESOLVED FIXED François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: certificate for test.com, O=Entreprise TEST 1496088 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: certificates for an unregistered domain, with unknown OCSP status 1544933 RESOLVED FIXED François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: certificates with invalid DNS SAN 1551357 RESOLVED FIXED François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: certificates with space in dNSName SAN 1539531 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB 1386891 RESOLVED FIXED Franck Leroy [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: email address in DNS SAN 1503128 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: invalid CDP extension 1524451 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: invalid DNS names in SAN 1524094 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Invalid SAN in a certificate 1542793 RESOLVED FIXED François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: invalid state and locality fields in subject 1524103 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Invalid TLD in SAN 1542328 RESOLVED FIXED François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: misissued "test" certificates 1524448 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Non-BR-Compliant Certificate Issuance 1390978 RESOLVED FIXED Franck Leroy [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: O=POUR TEST in subject 1524112 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Unqualified Domain Name in SAN 1495524 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: Use of Domain Validation Method 3.2.2.4.5 after August 1, 2018 1547072 RESOLVED INVALID François CHASSERY [ca-compliance] 2022-11-14T22:22:57Z
Certinomis: validity period >825 days 1524449 RESOLVED FIXED Marc MAITRE [ca-compliance] 2022-11-14T22:22:57Z
Certinomis/Docapost: Failure to respond to January 2018 survey 1439126 RESOLVED FIXED Franck Leroy [ca-compliance] 2022-11-14T22:22:57Z
Certinomis/Docapost: Non-BR-Compliant OCSP Responders 1425998 RESOLVED FIXED Franck Leroy [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: "Some-State" in stateOrProvinceName 1551375 RESOLVED FIXED Cristian Garabet [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: CPS specifies md5 and sha1WithRSAEncryption as useable signature types 1718675 RESOLVED FIXED Gabriel PETCU [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: Incorrect data in stateOrProvinceName 1763173 RESOLVED FIXED Gabriel PETCU [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: misissued an OV SSL certificate with no organizationName and localityName, instead of a DV SSL as requested by client 1674886 RESOLVED FIXED Gabriel PETCU [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: Non-BR-Compliant Certificate Issuance 1390979 RESOLVED FIXED Cristian Garabet [ca-compliance] [remediation-accepted] Next Update: 2017-10-01 2022-11-14T22:22:57Z
certSIGN: Non-BR-Compliant OCSP Responders 1398243 RESOLVED FIXED Cristian Garabet [ca-compliance] 2022-11-14T22:22:57Z
certSIGN: Subscriber precertificate without Certificate Policies 1762707 RESOLVED FIXED Valentin Necoara [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Internal iPAddress in certificate 1524143 RESOLVED FIXED Jonathan Sun [ca-compliance] 2022-11-14T22:22:57Z
CFCA: invalid dnsNames 1524733 RESOLVED FIXED Jonathan Sun [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Invalid TLD in SAN 1532429 RESOLVED FIXED Jonathan Sun [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Missed CPS update publication on website in 2018 1565494 RESOLVED FIXED Oliver Bi [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Precertificate with postalCode and streetAddress swapped 1771482 RESOLVED FIXED bixinlong [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Repeated unexplained delays in providing timely status updates 1613409 RESOLVED FIXED Oliver Bi [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Wrong OrganizationName 1608333 RESOLVED FIXED Oliver Bi [ca-compliance] 2022-11-14T22:22:57Z
CFCA: Wrong SerialNumber encoding 1532559 RESOLVED FIXED Jonathan Sun [ca-compliance] 2022-11-14T22:22:57Z
Chunghwa Telecom: Audit Letter Validation failures on intermediate certificates 1614444 RESOLVED FIXED Li-Chun CHEN [ca-compliance] 2022-11-14T22:22:57Z
Chunghwa Telecom: Test certificate with unregistered domain name 1532436 RESOLVED FIXED Li-Chun CHEN [ca-compliance] 2022-11-14T22:22:57Z
Comodo CA issuing EV Certs without Higher Authority checks 1501374 RESOLVED INVALID Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Comodo: CAA Mis-Issuance on basic test case 1410834 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420858 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Comodo: CAA Misissuance 1398545 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Comodo: CAA misissuances due to race condition 1423624 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation 1461391 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Comodo: Non-BR-Compliant Certificate Issuance 1390981 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Comodo: Possible CAA Misissuance due against critical record 1532313 RESOLVED INVALID Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) 1420873 RESOLVED INVALID Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC : Misissued certificates: commonName:organizationIdentifier attribute inclusion not conforming CABForum guidelines 1.6.9 1590723 RESOLVED FIXED Francesc Ferrer [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy 1538673 RESOLVED FIXED Francesc Ferrer [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC: Insufficient Audit Statements 1425805 RESOLVED FIXED Francesc Ferrer [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC: Non-BR-Compliant Certificate Issuance 1390988 RESOLVED FIXED Francesc Ferrer [ca-compliance] - Next Update - 01-July 2018 2022-11-14T22:22:57Z
Consorci AOC: Non-BR-Compliant OCSP Responders 1398246 RESOLVED FIXED Francesc Ferrer [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert 1428832 RESOLVED FIXED Francesc Ferrer [ca-compliance] 2022-11-14T22:22:57Z
Consorci AOC: Qualified audit statements 1496616 RESOLVED FIXED Francesc Ferrer [ca-compliance] CKA_NSS_SERVER_DISTRUST_AFTER 2022-11-14T22:22:57Z
Cybertrust Japan: Root CRLs exceed maximum validity period by one second 1737242 RESOLVED FIXED Masaru Sakamoto [ca-compliance] 2022-11-14T22:22:57Z
Cybertrust Japan: three test websites not provided 1466252 RESOLVED FIXED masahiro.shikutani [ca-compliance] - Next update 19-Oct-2018 2022-11-14T22:22:57Z
D-TRUST: Certificate with RSA key where modulus is not divisible by 8 1691117 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: CRL not DER-encoded 1793440 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: EV certificates with incorrectly used businessCategory entry 1599561 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: incorrectly formatted businessCategory entry 1567588 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: Issuance of non-conformant SSL certificate 1610303 RESOLVED FIXED Enrico Entschew [ca-compliance] - Next Update - 2-Oct-2020 2022-11-14T22:22:57Z
D-TRUST: Non-BR-Compliant Certificate Issuance 1390990 RESOLVED FIXED Arno Fiedler [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: Precertificate OU > 64 Characters 1563772 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: Private Key Disclosed by Customer as Part of CSR 1682270 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-TRUST: syntax error in one tls certificate 1509512 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
D-Trust: Wrong key usage (Key Agreement) 1756122 RESOLVED FIXED Enrico Entschew [ca-compliance] Next update 2022-06-15 2022-11-14T22:22:57Z
D-TRUST: Wrong key usage (Key Encipherment) 1647468 RESOLVED FIXED Enrico Entschew [ca-compliance] 2022-11-14T22:22:57Z
DFN-PKI: Finding in 2020 ETSI audit 1672208 RESOLVED FIXED Jürgen Brauckmann [ca-compliance] 2022-11-14T22:22:57Z
DFN-PKI: OCSP/CRL inconsistencies 1786313 RESOLVED FIXED Jürgen Brauckmann [ca-compliance] 2022-11-14T22:22:57Z
Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days 1667744 RESOLVED FIXED Josselin Allemandou [ca-compliance] 2022-11-14T22:22:57Z
Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB 1451949 RESOLVED FIXED Josselin Allemandou [ca-compliance] 2022-11-14T22:22:57Z
Dhimyotis/Certigna: Unconstrained CAs missing audits 1614821 RESOLVED FIXED Josselin Allemandou [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / ABB: Issues with DN, country code and keyUsage 1456655 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / CTJ: Metadata in OU fields, Reserved IP Address 1397957 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / InfoCert: Insufficient Serial Number Entropy 1397951 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Inteso San Paulo: Double dot characters 1397969 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Justica: Invalid DNS names 1397961 RESOLVED FIXED Jeremy Rowley [ca-compliance] - Need updated audit statements for the subCA 2022-11-14T22:22:57Z
DigiCert / Microsoft: inconsistent disclosure of externally-operated intermediate 1647084 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Siemens: Insufficient Serial Number Entropy 1397954 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Swiss Government: CommonName not in SANs 1397965 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Telecom Italia: Several Problems 1397960 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Terena: Metadata in OU fields 1397958 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Verizon: Reserved/Intranet domain name 1397968 RESOLVED DUPLICATE Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert / Wells Fargo: Invalid DNS names 1397963 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert OCSP services returns 1 byte 1577014 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert Onion Certs 1447192 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert Validation Scope Incident 1556948 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: "Internet Widgits Pty Ltd" in organizationalUnitName 1639032 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: "Some-State" in stateOrProvinceName 1551363 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: & character in a printableString in ICA 1593814 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: ABB greater than 825 day cert issuance 1451446 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Apple: Non-compliant Common Name Length 1556906 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Apple: Non-compliant Serial Numbers 1533655 RESOLVED FIXED certification_authority [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Apple: Precertificates without corresponding certificates return OCSP value of "unknown" 1582519 RESOLVED INVALID certification_authority [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Apple: Unconstrained CAs not included in WTBR report 1575125 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
Digicert: CAA Checking Issue 1550645 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Certificate Issues Identified on the Mailing List 1389172 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
Digicert: delayed publication of revocation information 1640805 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: DigiCert issued cert with CN too long 1353827 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Domain validation skipped 1595921 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: ECCE 001 issuing certificates without subject alternative name extension 1262610 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Entity not verified in organizationalUnitName 1676003 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days 1563573 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Failure to find and revoke key-compromised certificates within 24 hours 1693343 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Failure to properly encode Subject name 1618256 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Failure to provide a preliminary report within 24 hours. 1649277 RESOLVED FIXED Brenda Bernal [ca-compliance] Next Update 1-October-2020 2022-11-14T22:22:57Z
DigiCert: Failure to revoke invalid serialNumber EV certificates within 5 days 1646866 RESOLVED INVALID Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
Digicert: Failure to revoke key-compromised certificate 1639802 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
Digicert: Failure to revoke key-compromised certificates within 24 hours 1639801 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Failure to supervise ABB Subordinate CA 1566162 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Good OCSP Responses for Revoked Intermediates 1523676 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: improper domain validation 1483715 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: in-addr.arpa Misissuance 1531817 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Inconsistent EV audits 1650910 RESOLVED FIXED Brenda Bernal [ca-compliance] - Next Update - 21-Sept-2020 2022-11-14T22:22:57Z
DigiCert: Incorrect OCSP Delegated Responder Certificate 1649951 RESOLVED FIXED Martin Sullivan [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Incorrect RegNumber-Org Type combination 1714439 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Insufficient entropy in serial numbers 1417777 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Intermediate Cert(s) not disclosed in CCADB 1451950 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
Digicert: Internal Domain Name cert mis-issuance 1500621 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Invalid Country Code Issuance 1465600 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Invalid localityName 1710856 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Invalid stateOrProvinceName 1710444 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: IP in dnsName 1524875 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Issuance of Cert with Compromised Key 1624527 RESOLVED FIXED Jeremy Rowley [ca-compliance] Next Update - 1-June 2020 2022-11-14T22:22:57Z
DigiCert: Issuance of certs with weak keys (ROCA) 1744795 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: JOI Issue 1576013 RESOLVED FIXED Jeremy Rowley [ca-compliance] Next Update - 1-Oct-2020 2022-11-14T22:22:57Z
Digicert: Key Size Not Divisible By 8 1653475 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
Digicert: KPN Outdated Audit 1539296 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Malformed ICA 1654967 RESOLVED FIXED Martin Sullivan [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Mis-issuance of certificate with https in CN/SAN 1445857 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Missed Underscore Certificate Revocations 1526154 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Missing audits for Intermediate certificates 1455150 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: no subject alternative name in Siemens certs 1017157 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Non-audited, non-technically-constrained intermediate certs 1368176 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID 1339339 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Non-BR-Compliant OCSP Responders 1398269 RESOLVED FIXED Jeremy Rowley [ca-compliance] - Next Update - 30-April 2018 2022-11-14T22:22:57Z
DigiCert: OCSP NextUpdate 1627152 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: OCSP responder returning invalid responses 1662346 RESOLVED FIXED Martin Sullivan [ca-compliance] Next Update - 15-Oct 2020 2022-11-14T22:22:57Z
DigiCert: Org information issue in new validation workflow 1794050 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: P-384,ecdsa-with-SHA512 Certificates 1527423 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Private Keys Disclosed by Customers as Part of CSR 1675684 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Revoked intermediate certificates not in CRL 1548719 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance 1436173 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: SHA-1 intermediate issued after 2016-01-01 1684442 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: SHA-256 hash algorithm used with ECC P-384 key 1664325 RESOLVED DUPLICATE Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Symantec non-constrained/non-disclosed intermediates 1417771 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: TERENA: No localityName in EV precert 1586604 RESOLVED INVALID Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension 1304895 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Truncation of Registration Number 1727963 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscore character certificates 1515564 RESOLVED DUPLICATE Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - Canadian Imperial Bank of Commerce 1516561 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - Citi 1517617 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - CVS Pharmacy 1515788 RESOLVED FIXED Brenda Bernal [ca-compliance] Next Update - 8-February 2019 2022-11-14T22:22:57Z
DigiCert: Underscores - Discover 1516453 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - Ericsson 1516599 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - Intuit 1519572 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Underscores - Verizon 1516545 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
Digicert: Undisclosed CAs -Federated Trust CA-1 1499585 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Unrevocation of BT Class 2 CA - G2 CA Certificate 1442091 RESOLVED FIXED Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Use of forbidden subjectPublicKeyInfo algorithm 1518555 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Verizon CPS lacks problem reporting instructions 1596931 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Verizon mis-issued test certificates 1335132 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: Verizon: "Default City" in Subject:localityName 1548716 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigiCert: WTCA / WTBR Audit 2019 - Matters to be resolved 1613505 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
Digicert/Symantec: EV JOI Issue 1413761 RESOLVED FIXED Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
DigiCert/Verizon: Qualified 2019 Audit Statements 1573937 RESOLVED FIXED Brenda Bernal [ca-compliance] 2022-11-14T22:22:57Z
DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420861 RESOLVED INVALID Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
Disig: CPS does not refer to BR domain validation methods 1717001 RESOLVED INVALID Peter Miskovic [ca-compliance] 2022-11-14T22:22:57Z
Disig: Failure to provide a preliminary report within 24 hours. 1670458 RESOLVED FIXED Peter Miskovic [ca-compliance] 2022-11-14T22:22:57Z
Disig: Non-BR-Compliant Certificate Issuance 1390991 RESOLVED FIXED Peter Miskovic [ca-compliance] [remediation-accepted] Next Update - 2017-10 2022-11-14T22:22:57Z
Disig: Non-BR-Compliant OCSP Responders 1398242 RESOLVED FIXED Peter Miskovic [ca-compliance] 2022-11-14T22:22:57Z
Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea 1451578 RESOLVED FIXED Wayne Thayer [ca-compliance] - Government of Korea GPKI 2022-11-14T22:22:57Z
DocuSign/Keynectis: Missing BR Self Assessment 1458038 RESOLVED WONTFIX Erwann Abalea [ca-compliance] 2022-11-14T22:22:57Z
DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance 1390994 RESOLVED FIXED Erwann Abalea [ca-compliance] 2022-11-14T22:22:57Z
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders 1398247 RESOLVED FIXED Erwann Abalea [ca-compliance] 2022-11-14T22:22:57Z
DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates 1444455 RESOLVED FIXED Erwann Abalea [ca-compliance] 2022-11-14T22:22:57Z
DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA 1447497 RESOLVED WORKSFORME Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
DocuSign/Keynectis: Undisclosed Intermediate certificate 1497700 RESOLVED WONTFIX Erwann Abalea [ca-compliance] 2022-11-14T22:22:57Z
DSV-Gruppe: Failure to respond to January 2018 survey 1439129 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: audit delay because of an environmental disaster/pandemic 1659426 RESOLVED FIXED Davut Tokgöz [ca-compliance][audit-delay][covid-19] 2022-11-14T22:22:57Z
E-Tugra: CA Certificate Missing from Audit Reports 1716843 RESOLVED FIXED Davut Tokgöz [ca-compliance] Next update 2022-02-16 2022-11-14T22:22:57Z
E-Tugra: commonName not in SAN 1687139 RESOLVED FIXED Davut Tokgöz [ca-compliance] Next Update 2021-03-05 2022-11-14T22:22:57Z
E-Tugra: Delayed Response of Revocation Request 1687513 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Failure to respond to January 2018 survey 1439128 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tuğra: Failure to Respond to May 2022 Survey 1772414 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Forbidden Domain Validation Method 3.2.2.4.6 1716902 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString 1462797 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Insufficient serial number entropy 1542302 RESOLVED FIXED Davut Tokgöz [ca-compliance] - Next Update 2022-11-14T22:22:57Z
E-Tugra: Intermittent OCSP response with status 'Unknown' 1687330 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit 1582601 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
E-Tugra: Validity period > 825 days 1449371 RESOLVED FIXED Davut Tokgöz [ca-compliance] 2022-11-14T22:22:57Z
EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate 1397830 RESOLVED FIXED Raúl Santisteban [ca-compliance] 2022-11-14T22:22:57Z
emSign: Audit Delay 1728790 RESOLVED FIXED Vijay Kumar [ca-compliance][audit-delay][covid-19] 2022-11-14T22:22:57Z
eMudhra emSign CA: Invalid AIA Extension Value 1763700 RESOLVED FIXED Vijay Kumar [ca-compliance] 2022-11-14T22:22:57Z
eMudhra emSign CA: Invalid OrganizationalUnitName 1745015 RESOLVED FIXED Vijay Kumar [ca-compliance] 2022-11-14T22:22:57Z
eMudhra: emSign CA ECC Test Certificate Misissuance 1665688 RESOLVED FIXED Vijay Kumar [ca-compliance] 2022-11-14T22:22:57Z
eMudhra: Failure to Respond to May 2022 Survey 1772413 RESOLVED FIXED Vijay Kumar [ca-compliance] 2022-11-14T22:22:57Z
Entrust: AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue 1536287 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Certificate issued with '-' in ST field 1512018 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Certificate Issued with Incorrect Country Code 1559376 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Certificate issued with validity greater than 825-days 1561013 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: CRLs and OCSP responses not issued as specified in the CPS 1737057 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: EV Certificates Issued with Business Category "Non-Commercial" when it should have been set to "Private Organization" 1599484 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Failure to provide a preliminary report within 24 hours. 1667690 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Incorrect Business Category Value Discovered in an EV SSL Certificate 1685370 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Incorrect Jurisdiction Country Value in an EV Certificate 1696227 RESOLVED FIXED Dathan Demone [ca-compliance] Next update 2021-06-01 2022-11-14T22:22:57Z
Entrust: Incorrect keyUsage for ECC certificate 1667448 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Incorrect value in Business Category field for Government Entities 1728796 RESOLVED FIXED Paul van Brouwershaven [ca-compliance] Next update 2021-12-15 2022-11-14T22:22:57Z
Entrust: Invalid data in commonName fields 1675295 RESOLVED INVALID Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Invalid data in State/Province Field 1658792 RESOLVED FIXED Dathan Demone [ca-compliance] Next Update 2021-04-01 2022-11-14T22:22:57Z
Entrust: Invalid localityName 1712106 RESOLVED FIXED Dathan Demone [ca-compliance] Next update 2021-12-15 2022-11-14T22:22:57Z
Entrust: IP Address in dNSName form 1448986 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: IP in dnsName 1524876 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Issued Certificates to incorrect Organization 1535735 RESOLVED FIXED Dathan Demone [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Late mis-issue certificate revocation 1520876 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Late revocation of underscore certificate 1521520 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Non-BR-Compliant Certificate Issuance 1390996 RESOLVED FIXED Kirk Hall [ca-compliance] [remediation-accepted] Next Update - 2017-11 2022-11-14T22:22:57Z
Entrust: Non-BR-Compliant OCSP Responder 1428891 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Outdated audit statement for intermediate cert 1549862 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Printable String Constraint Failure 1635096 RESOLVED FIXED Bruce Morton [ca-compliance] Next Update 21-Sept-2020 2022-11-14T22:22:57Z
Entrust: Question marks in certificate O and L fields 1552562 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: S/MIME Certificate Issued with Incorrect Policy OID 1627346 RESOLVED FIXED Bruce Morton [ca-compliance] - Next Update - 1-June 2020 2022-11-14T22:22:57Z
Entrust: SHA-1 Issuance and other misissuance while testing 1567659 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: SSL Certificates issued with Un-verified IP Addresses 1744827 RESOLVED FIXED Bruce Morton [ca-compliance] Next update 2022-01-17 2022-11-14T22:22:57Z
Entrust: Subscriber provides private key with CSR 1673119 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: Test Website Certificates Expired 1731887 RESOLVED FIXED Bruce Morton [ca-compliance] 2022-11-14T22:22:57Z
Entrust: TLS Certificate issued with a key that is impacted by the Close Primes vulnerability 1766525 RESOLVED FIXED Bruce Morton [ca-compliance] Next update 2022-10-01 2022-11-14T22:22:57Z
Firmaprofesional / SIGNE: No BR Audit for subCA technically capable of issuing TLS certs 1586115 RESOLVED FIXED chemalogo [ca-compliance] - Missing BR Audit 2022-11-14T22:22:57Z
Firmaprofesional: 2019 audit Finding #1 - 6.2 Identification and Authorization 1610448 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2019 audit Finding #2 - 6.4 Facility, management, and operational controls 1612929 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2019 Audit Report Findings 1606380 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2020 Audit Report Finding 1 out of 4 1649502 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2020 Audit Report Finding 2 out of 4 1649679 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2020 Audit Report Finding 3 out of 4 1649724 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2020 Audit Report Finding 4 out of 4 1649726 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2021 Audit Report Finding 1 out of 3 1717790 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2021 Audit Report Finding 2 out of 3 1717791 RESOLVED FIXED Maria Jose Prieto [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
Firmaprofesional: 2021 Audit Report Finding 3 out of 3 1717795 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2022 - CPS without correct explanation about difference between OCSP and CRL 1771724 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2022 - Define Device Obsolescence Process 1771727 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2022 - SSL certificates issued with wrong Organization ID number 1769240 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2022 - StateorProvince field 1771715 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: 2022 - Title field 1771722 RESOLVED FIXED Maria Jose Prieto [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy 1538638 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Incorrect OCSP Delegated Responder Certificate 1649943 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: incorrect reserved CA/B Forum OIDs in certificates 1700145 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Insufficient Audit Statements 1412950 RESOLVED FIXED Oscar Conesa [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Missing BR Self Assessment 1458064 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Non-audited, non-technically-constrained intermediate certs 1368171 RESOLVED FIXED Oscar Conesa [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Non-BR-Compliant OCSP Responders 1398240 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Undisclosed Intermediate certificate 1455119 RESOLVED FIXED chemalogo [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Undisclosed Intermediate certificate SDS 1464359 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
Firmaprofesional: Undisclosed Intermediate certificate SIGNE 1464335 RESOLVED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
FNMT: Invalid localityName 1744722 RESOLVED FIXED alain [ca-compliance] Next update 2022-02-28 2022-11-14T22:22:57Z
FNMT: Issuance of QCP-n certificates without verifying identity 1693304 RESOLVED FIXED alain [ca-compliance] 2022-11-14T22:22:57Z
FNMT: Minor non-conformities in 2020 audit statement 1626805 RESOLVED FIXED alain [ca-compliance] 2022-11-14T22:22:57Z
FNMT: Minor non-conformities in 2021 audit statement 1704199 RESOLVED FIXED Brox [ca-compliance] 2022-11-14T22:22:57Z
FNMT: Missisuance of web site certificates without CA/Browser Forum’s reserved policy OID 1696872 RESOLVED FIXED alain [ca-compliance] 2022-11-14T22:22:57Z
GDCA: Authentication of Organization Identity Failure for an OV Certificate 1546253 RESOLVED FIXED capoc [ca-compliance] 2022-11-14T22:22:57Z
GDCA: CRL validity period exceeds allowed value by one second 1738191 RESOLVED FIXED capoc [ca-compliance] 2022-11-14T22:22:57Z
GDCA: Insufficient Serial Number Entropy 1536831 RESOLVED FIXED capoc [ca-compliance] 2022-11-14T22:22:57Z
GDCA: Misissuance of certificates with IP address 1475563 RESOLVED INVALID Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
GDCA: Misissuance of certificates with small RSA keys 1467414 RESOLVED FIXED capoc [ca-compliance] - Next Update - 20-June 2018 2022-11-14T22:22:57Z
GDCA:Incorrect Value in organizationName Field 1662382 RESOLVED FIXED capoc [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign - Wrong business category (Non Commercial Entity when should have been Private Organization) 1599775 RESOLVED FIXED Eva Van Steenberge [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: 4 Misissued certificates with invalid CN 1552586 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: AT&T Insufficient Serial Number Entropy 1535873 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: AT&T SSL certificates without the AIA extension 1547691 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Certificate issued to FQDN with malformed CAA 1759854 RESOLVED FIXED Christophe Bonjean [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Certificate issued with RSASSA-PSS public key 1630870 RESOLVED FIXED Paul Brown [ca-compliance] Next update - 30-June, 2020 2022-11-14T22:22:57Z
GlobalSign: Certificates with RSA keys where modulus is not divisible by 8 1654896 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: CRL contains invalid signature algorithm 1793441 RESOLVED FIXED Christophe Bonjean [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs 1650018 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Empty SingleExtension in OCSP responses 1667944 RESOLVED FIXED Paul Brown [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: EV certificate with wildcard domain in common name and SAN 1782391 RESOLVED FIXED Christophe Bonjean [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: EV certificates with serialNumber Government Entity and businessCategory Private Organization 1744518 RESOLVED FIXED Paul Brown [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Failure to provide a preliminary report within 24 hours 1668005 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
Globalsign: Failure to revoke key-compromised certificate within 24 hours 1639799 RESOLVED FIXED Arvid Vermote [ca-compliance] Next Update - 12-June 2020 2022-11-14T22:22:57Z
GlobalSign: Incorrect Jurisdiction of Incorporation information for Japan 1658932 RESOLVED FIXED Eva Van Steenberge [ca-compliance] Next Update - 1-Oct-2020 2022-11-14T22:22:57Z
GlobalSign: Incorrect OCSP Delegated Responder Certificate 1649937 RESOLVED FIXED douglas.beattie [ca-compliance] Next Update 2022-01-31 2022-11-14T22:22:57Z
GlobalSign: Incorrect RegNumber-Org Type combination 1714968 RESOLVED FIXED Eva Van Steenberge [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Invalid countryName 1707073 RESOLVED FIXED Eva Van Steenberge [ca-compliance] Next update 2021-08-12 2022-11-14T22:22:57Z
GlobalSign: Invalid stateOrProvinceName and locality pair 1708834 RESOLVED FIXED Arvid Vermote [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
GlobalSign: Invalid stateOrProvinceName value 1668007 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: IP in dnsName 1524877 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Misissuance of QWAC Certificates 1623356 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields 1390997 RESOLVED FIXED Linus Hallberg [ca-compliance] [remediation-accepted] 2022-11-14T22:22:57Z
GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName 1393555 RESOLVED FIXED Linus Hallberg [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits 1393557 RESOLVED FIXED Linus Hallberg [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: OCSP responder certificates with more than 64 characters in CN 1760311 RESOLVED FIXED Christophe Bonjean [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: OCSP Responder Returns invalid values for Some Precertificates 1579413 RESOLVED INVALID douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request 1605372 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: OCSP Status HTTP 530 1622505 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: RSA-1024 leaf certificate issued after 2013-12-31 1690807 RESOLVED FIXED Eva Van Steenberge [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: SHA-256 hash algorithm used with ECC P-384 key 1664328 RESOLVED FIXED Arvid Vermote [ca-compliance] Next Update 2021-03-05 2022-11-14T22:22:57Z
GlobalSign: SPKI lacks explicit NULL parameter, 1554259 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: SSL Certificates with US country code and invalid State/Prov 1575880 RESOLVED FIXED douglas.beattie [ca-compliance] - Next Update 2021-01-15 2022-11-14T22:22:57Z
GlobalSign: Use of Domain Validation Random Value for more than 30 days 1654544 RESOLVED FIXED Arvid Vermote [ca-compliance] 2022-11-14T22:22:57Z
GlobalSign: Virginia Tech Insufficient Serial Number Entropy 1536760 RESOLVED FIXED douglas.beattie [ca-compliance] 2022-11-14T22:22:57Z
GLOBALTRUST: CN domain not in SAN 1716123 RESOLVED FIXED Daniel Zens [ca-compliance] Next update 2021-09-20 2022-11-14T22:22:57Z
GLOBALTRUST: Revoked test website not using revoked certificate 1716163 RESOLVED FIXED Daniel Zens [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Document Reuse Issue 1646226 RESOLVED FIXED Daniela Hood [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Agreed-Upon Website Domain Validation Issue 1647030 RESOLVED FIXED Daniela Hood [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Certificate Problem Report responses greater than 24 hours 1734953 RESOLVED FIXED Brittany Randall [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Certificates issued with validity periods greater than 398-days 1662807 RESOLVED FIXED Joanna [ca-compliance] Next Update 2021-01-11 2022-11-14T22:22:57Z
GoDaddy: cross certificate disclosure to CCADB 1572234 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Domain Validation Reuse Issue 1605804 RESOLVED FIXED Joanna [ca-compliance] - Next Update - 1-June 2020 2022-11-14T22:22:57Z
GoDaddy: DV certificates with organizationalUnit field in subject 1662810 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Expired CRLs 1645832 RESOLVED FIXED Daniela Hood [ca-compliance] Next Update - 2021-01-01 2022-11-14T22:22:57Z
GoDaddy: Failure to respond to January 2018 survey 1439123 RESOLVED FIXED Daymion Reynolds [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Failure to revoke certificate with compromised key within 24 hours 1640310 RESOLVED FIXED Daniela Hood [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Failure to revoke key-compromised certificates within 24 hours 1639798 RESOLVED DUPLICATE Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: failure to revoke underscores 1524815 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString 1462844 RESOLVED FIXED Daymion Reynolds [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority 988633 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: inconsistent disclosure of externally-operated intermediate 1567061 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Insufficient serial number entropy 1533774 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Issued EV Wildcard Certificate 1731939 RESOLVED FIXED Brittany Randall [ca-compliance] Next update 2021-11-01 2022-11-14T22:22:57Z
GoDaddy: Issues with State and Country fields 1577913 RESOLVED FIXED Joanna [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Misissuance of Cross Signed Certs 1777128 RESOLVED FIXED Brittany Randall [ca-compliance] Next update 2022-08-26 2022-11-14T22:22:57Z
GoDaddy: Non-BR-Compliant Certificate Issuance 1391429 RESOLVED FIXED Daymion Reynolds [ca-compliance] [remediation-accepted] Next Update - 2017-11-30 2022-11-14T22:22:57Z
GoDaddy: OV Documentation Reuse 1759959 RESOLVED FIXED Brittany Randall [ca-compliance] Next update 2022-06-30 2022-11-14T22:22:57Z
GoDaddy: Random Value Vulnerability in Domain Validation 1484766 RESOLVED FIXED Daymion Reynolds [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Reported TLS Certificate Private Key Exposure 1742602 RESOLVED DUPLICATE Brittany Randall [ca-compliance] 2022-11-14T22:22:57Z
GoDaddy: Root CRLs exceed maximum validity period by 1 second 1734265 RESOLVED FIXED Brittany Randall [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: 63 bit serial numbers in some certificates 1532842 RESOLVED FIXED ryan_hurst [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Certificates not disclosed in CCADB 1667844 RESOLVED FIXED Ryan Hurst [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: CRL handling of expired certificates not fully compliant with RFC 5280 Section 3.3 1581183 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: CRL validity period set to expected value plus one second 1731164 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Delayed publication of CPS removing DNS Operator Exception 1729097 RESOLVED FIXED Brett L [ca-compliance] Next update 2021-09-24 2022-11-14T22:22:57Z
Google Trust Services: digitalSignature KeyUsage not set 1652581 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Failure to provide preliminary report within 24h 1770510 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Failure to provide regular and timely incident updates 1708516 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Failure to send preliminary report to subscriber within 24h 1783272 RESOLVED FIXED kyleomalley [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Forbidden Domain Validation Method 3.2.2.4.10 1706967 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Improper OCSP response for intermediate certificate 1522975 RESOLVED FIXED kluge [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Incorrect OCSP response for issued certificate 1758372 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Incorrect OCSP responses for certain certificates 1773556 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Incorrect revocation data temporarily served for GTS Y3 & Y4 1634795 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Invalid ASN.1 encoding of singleExtensions in OCSP responses 1678183 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: invalid CRL reason code 1793467 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
google Trust Services: invalid curve-hash combination 1612389 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Invalid OCSP responses 1630079 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: OCSP responses not published in a timely manner 1771552 RESOLVED FIXED Cade Cairns [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: OCSP serving issue 2020-04-09 1630040 RESOLVED FIXED Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Out-of-date CPS disclosure 1706976 RESOLVED INVALID Andy Warner [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Signing SHA-1 Hash for existing CA certificate with changes in Key Usage 1709223 RESOLVED FIXED Ryan Hurst [ca-compliance] 2022-11-14T22:22:57Z
Google Trust Services: Tracking bug for possible audit delays (audit due 2020-12) 1625498 RESOLVED INVALID kluge [ca-compliance] [audit-delay] [covid-19] 2022-11-14T22:22:57Z
Government of Spain (ACCV): Late Audit Statement 1507862 RESOLVED FIXED Jose Amador [ca-compliance] 2022-11-14T22:22:57Z
Government of Spain (ACCV): Missing BR Self Assessment 1458042 RESOLVED FIXED Jose Amador [ca-compliance] 2022-11-14T22:22:57Z
Government of Spain FNMT: CP/CPS lack CAA processing details 1596949 RESOLVED FIXED alain [ca-compliance] 2022-11-14T22:22:57Z
Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. 1544586 RESOLVED FIXED alain [ca-compliance] 2022-11-14T22:22:57Z
Government of Spain FNMT: OU exceeds 64 characters 1495507 RESOLVED FIXED Rafa Medina [ca-compliance] Next Update - 1-February 2019 2022-11-14T22:22:57Z
Government of Spain FNMT: QC Statement that contains at least one of the ETSI ESI statements 1625421 RESOLVED INVALID alain [ca-compliance] 2022-11-14T22:22:57Z
GRCA: Audit Letter Validation failures on intermediate certificates 1614448 RESOLVED FIXED National Development Council [ca-compliance] 2022-11-14T22:22:57Z
GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions 1523221 RESOLVED FIXED National Development Council [ca-compliance] 2022-11-14T22:22:57Z
GRCA: Misissued certificates: Invalid commonName, commonName not in SAN 1463975 RESOLVED FIXED National Development Council [ca-compliance] Next Update 1-October 2020 CKA_NSS_SERVER_DISTRUST_AFTER 2022-11-14T22:22:57Z
GRCA: Signing SHA-1 OCSP responses with unconstrained certificate 1397832 RESOLVED FIXED National Development Council [ca-compliance] 2022-11-14T22:22:57Z
HARICA: 3 EV TLS Certificates without L or ST 1597135 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
HARICA: Certificates with invalid policy tree 1699796 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
HARICA: Incorrect OCSP Delegated Responder Certificate 1649945 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] Next update 2020-11-18 2022-11-14T22:22:57Z
HARICA: Insufficient serial number entropy 1535509 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates 1580393 RESOLVED INVALID Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
Harica: P-384,ecdsa-with-SHA256 Certificates 1530971 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates 1535772 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] 2022-11-14T22:22:57Z
Hongkong Post / Certizen: Failure to report misissuance 1520299 RESOLVED FIXED Man Ho [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust - Intermittent issuance/validation failures and website outage 1778788 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust - Missing Revocation Reasons in CRL 1794047 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust / ISRG: Inconsistent Disclosure of Externally-Operated Intermediate 1671410 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust Expired CRLs 1792111 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Intermittent interruptions to DNS service 1734906 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: : CRL Potential Publication Delay due to Cache 1775454 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Certificates with Invalid values for stateOrProvinceName 1718552 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
Identrust: Discrepancy in values of address fields within CN of SSL Certificates 1526099 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: EV TLS certificate with invalid Jurisdiction state for government entity 1756261 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: EV TLS certificate with wrong jurisdiction state for private organization 1756850 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
Identrust: Failure to disclose Unconstrained intermediate Within 7 Days 1542082 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Failure to provide OCSP responses for valid ICA certificates 1758213 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Improper encoding of wildcard certificate 1446121 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
Identrust: Incorrect Subject Details for HydrantId 1635279 RESOLVED FIXED IdenTrust [ca-compliance] - Next Update - 1-October 2020 2022-11-14T22:22:57Z
Identrust: Internal names / failure to report 1500593 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Invalid OCSP Response Held in Cache 1678410 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Issuance of certificates greater than 398 days 1663080 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Issuance of OV SSL Certificate with doc vetting older than 398 days 1744627 RESOLVED FIXED IdenTrust [ca-compliance] Next update 2022-01-17 2022-11-14T22:22:57Z
Identrust: Issuance of Subordinate CA’s Without EKU 1669594 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Mis-Issued EV Certificates 1734917 RESOLVED FIXED IdenTrust [ca-compliance] Next update 2022-01-22 2022-11-14T22:22:57Z
IdenTrust: Missing Thumbprints In Some Annual Audit Reports 1588213 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Non-BR-Compliant Certificate Issuance 1391000 RESOLVED FIXED Vishvas Patel [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Non-BR-Compliant OCSP Responders 1398255 RESOLVED FIXED Vishvas Patel [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: OCSP Outage 1636544 RESOLVED FIXED IdenTrust [ca-compliance] Next Update - 30-July 2020 2022-11-14T22:22:57Z
IdenTrust: OCSP Responder missing id-pkix-ocsp-nocheck 1653680 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: OCSP responses for subordinate CA exceed the validity period per CPS guidelines 1772633 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: OCSP Signer Certificate Missing No-Check Extension 1749089 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Pre-certificates without a final certificate showing OCSP error 1758027 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Service Degradation 1677239 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Unavailable CRL and OCSP Responders 1754593 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
IdenTrust: Unavailable CRL for IdenTrust ‘DST Root CA X3’. 1709192 RESOLVED FIXED IdenTrust [ca-compliance] Next update 2021-07-01 2022-11-14T22:22:57Z
IdenTrust: Validation Source for EV Certificates not Publicly Disclosed 1753287 RESOLVED FIXED IdenTrust [ca-compliance] 2022-11-14T22:22:57Z
Invalid country field for Camerfirma root CA certificates 1468000 RESOLVED INVALID Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
IP certificate issued with Domain Validation 1550547 RESOLVED INVALID Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
iTrusChina: Failure to Respond to May 2022 Survey 1772412 RESOLVED FIXED iTrusChina Co.,Ltd. [ca-compliance] 2022-11-14T22:22:57Z
iTrusChina: verification errors for the roots' CRLs(ARL) 1712664 RESOLVED FIXED iTrusChina Co.,Ltd. [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: CA certificates not listed in audit report 1596744 RESOLVED FIXED Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: certificate issued to internal domain 1651026 RESOLVED FIXED Oscar Garcia [ca-compliance] Next Update 2020-12-01 2022-11-14T22:22:57Z
Izenpe: Certificates not disclosed in CCADB 1667846 RESOLVED INVALID Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: CRL and ARL exceed validity period value by one second 1738421 RESOLVED FIXED David [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: EV certificate with various issues 1267049 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: Failure to provide a preliminary report within 24 hours. 1647121 RESOLVED FIXED Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: incorrect value in stateOrProvinceName 1653284 RESOLVED FIXED Oscar Garcia [ca-compliance] Next Update 2020-12-01 2022-11-14T22:22:57Z
Izenpe: Multiple invalid EV certificates issued 1559765 RESOLVED FIXED Oscar Garcia [ca-compliance] - Next Update - 9-October 2020 2022-11-14T22:22:57Z
Izenpe: Multiple sub CAs with incorrectly encoded SubjectPublicKeyInfo algorithm 1685767 RESOLVED DUPLICATE Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: Non-BR-Compliant Certificate Issuance 1391054 RESOLVED FIXED Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: Non-BR-Compliant OCSP Responders 1398258 RESOLVED FIXED Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Izenpe: OU > 64 characters 1528290 RESOLVED FIXED Oscar Garcia [ca-compliance] 2022-11-14T22:22:57Z
Kamu SM: "Some-State" in stateOrProvinceName 1551369 RESOLVED FIXED Melis Şimşek [ca-compliance] 2022-11-14T22:22:57Z
Kamu SM: Insufficient Serial Number Entropy 1539190 RESOLVED FIXED Melis Şimşek [ca-compliance] 2022-11-14T22:22:57Z
Kamu SM: Non-BR-Compliant Certificate Issuance 1390998 RESOLVED FIXED Tuğba ÖZCAN [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: Certificates issued greater than stated in CPS 1708965 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: Certificates issued with multiple BR violations 1495497 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: CN domain not in SAN 1705187 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: CP/CPS contains noncompliant DV method, does not specify CAA domains 1705904 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: DV certificates with locality name, organization name and stateOrProvinceName 1705832 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: Invalid localityName + CRL Revoked but OCSP Unknown 1705337 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: Invalid organizationName 1705647 RESOLVED FIXED Piotr Grabowski [ca-compliance] Next update 2022-01-22 2022-11-14T22:22:57Z
KIR S.A.: Many certificates with OCSP Unknown 1705657 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days 1523186 RESOLVED FIXED Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
KIR S.A.: O > 64 characters 1532112 RESOLVED DUPLICATE Piotr Grabowski [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt intent to issue root and intermediate certificates with organizationName and CABF DV OID 1658437 RESOLVED WORKSFORME Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: 302 total OCSP responses available beyond acceptable timelines 1666047 RESOLVED FIXED Kiel C [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: CAA Misissuances 1398427 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: CAA Rechecking bug 1619047 RESOLVED FIXED Jacob Hoffman-Andrews [ca-compliance] Next Update - 14-August 2020 2022-11-14T22:22:57Z
Let's Encrypt: Case-sensitive CAA tag processing 1462735 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: certificate lifetimes 90 days plus one second 1715455 RESOLVED FIXED Josh Aas [ca-compliance] Next update 2021-11-12 2022-11-14T22:22:57Z
Let's Encrypt: Delay updating OCSP responses 1729567 RESOLVED FIXED Aaron Gable [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
Let's Encrypt: Expired ISRG Root OCSP X1 Certificate 1645276 RESOLVED FIXED Andrew Gabbitas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Failure to audit log subscriber certificate OCSP updates 1684112 RESOLVED FIXED Andrew Gabbitas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Failure to provide OCSP Responses for some certificates 1753123 RESOLVED FIXED Aaron Gable [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Failure to revoke key-compromised certificate within 24 hours 1639794 RESOLVED FIXED Jacob Hoffman-Andrews [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours 1627614 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Improper encoding of wildcard certificates 1446080 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Incomplete and Inconsistent CRLs 1793114 RESOLVED FIXED Aaron Gable [ca-compliance] 2022-11-26T18:18:16Z
Let's Encrypt: Mis-issued certificates related to SC48v2 1735247 RESOLVED FIXED Jillian [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: Non-BR-Compliant Certificate Issuance 1391867 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: OCSP "unauthorized" responses 1486650 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: OCSP Responder Returned "Unauthorized" for Some Precertificates 1577652 RESOLVED INVALID Jacob Hoffman-Andrews [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: OCSP responses with no revocationReason 1648840 RESOLVED FIXED Jacob Hoffman-Andrews [ca-compliance] 2022-11-14T22:22:57Z
Let's Encrypt: TLS Using ALPN TLS Version and OID 1751984 RESOLVED FIXED Aaron Gable [ca-compliance] Next update 2022-03-11 2022-11-14T22:22:57Z
Let’s Encrypt: 2019.08.20 Incident: Incorrect OCSP responses under certain conditions 1576789 RESOLVED FIXED Josh Aas [ca-compliance] 2022-11-14T22:22:57Z
Let’s Encrypt: Certificates issued to Elliptic Curve Debian Weak Keys 1789521 RESOLVED FIXED Andrew Gabbitas [ca-compliance] 2022-11-14T22:22:57Z
Let’s Encrypt: TLS Using ALPN Allows Additional Identifiers in Challenge Certificate 1752670 RESOLVED FIXED Jillian [ca-compliance] Next update 2022-03-11 2022-11-14T22:22:57Z
LuxTrust: Outdated audit statement for intermediate cert 1578505 RESOLVED FIXED ca [ca-compliance] - Overdue Audit for intermediate cert 2022-11-14T22:22:57Z
LuxTrust: Overdue Audit Statements 2019 1566580 RESOLVED WORKSFORME Yves Nullens [ca-compliance] Overdue Audits for root certs 2022-11-14T22:22:57Z
Microsec e-Szigno: Certificate validity period greater than 398 days 1676352 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] Next update 2021-05-01 2022-11-14T22:22:57Z
Microsec e-Szigno: Non-BR-Compliant Certificate Issuance 1391055 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] 2022-11-14T22:22:57Z
Microsec: Audit Letter Validation Failures 1625767 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] - Next Update - 1-June 2020 2022-11-14T22:22:57Z
Microsec: Incorrect OCSP Delegated Responder Certificate 1649947 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] 2022-11-14T22:22:57Z
Microsec: Issuance of 2 IVCP precertificates without givenName, surName, localityName fields 1622539 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] Next Update 15-July 2020 2022-11-14T22:22:57Z
Microsec: Misissuance of one OV certificate with Key Usage KeyEncipherment 1728384 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] 2022-11-14T22:22:57Z
Microsec: Validity period greater than 825 days 1512270 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] 2022-11-14T22:22:57Z
Microsoft DSRE PKI: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request 1620727 RESOLVED DUPLICATE Dustin Hollenback [ca-compliance] 2022-11-14T22:22:57Z
Microsoft DSRE PKI: problem reporting e-mail in CPS does not work 1604124 RESOLVED FIXED Dustin Hollenback [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services, Malformed ICAs (Key Usage Malformed) 1718991 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Certificate Mis-Issuance, DNSName is not FQDN, Preferred Name Syntax 1706860 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Certificate Mis-Issuance, DNSNames must have a valid TLD 1670337 RESOLVED FIXED John Mason [ca-compliance] Next Update 2021-04-19 2022-11-14T22:22:57Z
Microsoft PKI Services: DV certificate issued with OV fields 1674561 RESOLVED FIXED Dustin Hollenback [ca-compliance] Next update 2021-05-01 2022-11-14T22:22:57Z
Microsoft PKI Services: Failure to disclose Revocation of Intermediate CAs within 7 Days 1742195 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Failure to disclose Unconstrained Intermediate within 7 Days 1700809 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Malformed ICAs (missing certificate policy extensions) 1711147 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Overdue Audit Reports 2021 1724530 RESOLVED FIXED mohanr [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Policy Documentation, Failure to update Domain Validation Method 1693932 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Policy Documentation, Failure to update Subscriber Certificate Max Validity Period 1693930 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft PKI Services: Underscore in SAN 1705419 RESOLVED FIXED John Mason [ca-compliance] Next update 2021-09-15 2022-11-14T22:22:57Z
Microsoft: "unknown" OCSP response for issued certificates 1793443 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft: Certificate Mis-Issuance, Locality Missing 1644936 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Microsoft: Firewall log data retention 1658995 RESOLVED FIXED Dustin Hollenback [ca-compliance] Next Update - 21-Sept-2020 2022-11-14T22:22:57Z
Microsoft: Incomplete Logical Access Review Audit Evidence 1652827 RESOLVED FIXED Dustin Hollenback [ca-compliance] Next Update - 21-September 2020 2022-11-14T22:22:57Z
Microsoft: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586847 RESOLVED FIXED Jason Cooper [ca-compliance] 2022-11-14T22:22:57Z
Microsoft: Loss of Archived Firewall logs from Retention Store 1602999 RESOLVED FIXED mohanr [ca-compliance] 2022-11-14T22:22:57Z
Microsoft: Null Character Bug and Microsoft Root CAs 1598390 RESOLVED FIXED Julio Montano [ca-compliance] 2022-11-14T22:22:57Z
Microsoft: Unrevoked 4 intermediate certificates 1740585 RESOLVED FIXED John Mason [ca-compliance] 2022-11-14T22:22:57Z
Multicert: AIA CA Issuer field pointing to PEM encoded cert 1637093 RESOLVED FIXED ca.forum [ca-compliance] 2022-11-14T22:22:57Z
NAVER Cloud: Failure to Respond to May 2022 Survey 1772411 RESOLVED FIXED Han Yong, Park [ca-compliance] 2022-11-14T22:22:57Z
Netlock: CA Certificate Missing from Audit Reports 1716874 RESOLVED FIXED Anna Bányai [ca-compliance] 2022-11-14T22:22:57Z
NetLock: CN not in SAN 1462423 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
Netlock: Cumulative report connected to EV verification 1676440 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
Netlock: Failure to provide regular and timely incident updates 1572992 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
NetLock: Issuance of >398-day precertificates after 2020-09-01 1676367 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
NetLock: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586795 RESOLVED FIXED Varga Viktor [ca-compliance] Next Update 2020-12-01 2022-11-14T22:22:57Z
NetLock: Non-BR-Compliant Certificate Issuance 1391056 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName 1401211 RESOLVED FIXED Varga Viktor [ca-compliance] 2022-11-14T22:22:57Z
Netlock: Replacement of enduser certificates after the EVGL 1.7.4 self-audit 1680378 RESOLVED FIXED Anna Bányai [ca-compliance] 2022-11-14T22:22:57Z
Network Solutions: Audit report delay 1649507 RESOLVED FIXED Roy Dykes [ca-compliance] [audit-delay] 2022-11-14T22:22:57Z
Network Solutions: 2021 Audit Findings 1-3 1725047 RESOLVED DUPLICATE Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
Network Solutions: 2021 Audit Observation #1 1725039 RESOLVED FIXED Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
Network Solutions: 2021 Audit Observation #2 1725041 RESOLVED DUPLICATE Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
Network Solutions: 2021 Audit Observation #3 1725043 RESOLVED FIXED Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
Network Solutions: All test CA test website certificates are expired 1726333 RESOLVED FIXED Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
OCSP responding good for non-issued certs by Consorci AOC root already solved 1467110 RESOLVED DUPLICATE Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
PKIOverheid / QuoVadis: CPS inconsistencies 1650234 RESOLVED FIXED Stephen Davidson [ca-compliance] Next update 7-Aug 2020 2022-11-14T22:22:57Z
PKIoverheid: (KPN) Incorrect Subject OrganizationName 1746421 RESOLVED FIXED David Weissenberg [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: CIBG insufficient serial number entropy 1573490 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: Compliance issues CIBG TLS certificates 1578809 RESOLVED FIXED Jochem van den Berge [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: Incorrect OCSP Delegated Responder Certificate 1649964 RESOLVED FIXED Jorik van 't Hof [ca-compliance] Next Update 2021-01-25 2022-11-14T22:22:57Z
PKIoverheid: KPN CPS lacks problem reporting instructions 1596923 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: KPN CPS Lists Forbidden Domain Validation Method 3.2.2.4.6 1719451 RESOLVED FIXED David Weissenberg [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
PKIoverheid: KPN Insufficient Serial Number Entropy 1535871 RESOLVED FIXED Jochem van den Berge [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: KPN issued Invalid organizationalUnitName 1706950 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: Missing audit statement "UZI-register Medewerker Niet op Naam CA G21" 1609706 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: Missing WTBR audit statements Staat der Nederlanden 2017/2018 1605126 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: No BR Audit for subCAs technically capable of issuing TLS certs 1586125 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: Overdue audit statements for intermediate certificates 1669518 RESOLVED FIXED Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
PKIoverheid: TSP CPS lacks problem reporting instructions 1610507 RESOLVED DUPLICATE Jorik van 't Hof [ca-compliance] 2022-11-14T22:22:57Z
Problem with NETLOCK's codesigning CA 1734114 RESOLVED INVALID Anna Bányai [ca-compliance] 2022-11-14T22:22:57Z
PROCERT: Non-BR-Compliant Certificate Issuance 1391058 RESOLVED DUPLICATE Procert [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage 1468477 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis / Siemens: Insufficient serial number entropy 1534535 RESOLVED FIXED Rufus Buschart [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: BR Error - san dns name starts with period 1521950 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: EV serialNumber with "none" 1645708 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Incorrect EV businessCategory 1593357 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: IPaddress in DNSname SAN 1530623 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: LLB insufficient Serial Number Entropy 1540315 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: N/A in EV serialNumber field 1576283 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: OCSP handling of Certificate Transparency Pre-certs 1579950 RESOLVED INVALID Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
Quovadis: Certificate containing Debian weak key 1472052 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: DarkMatter Insufficient Serial Number Entropy 1531800 RESOLVED FIXED Scott Rea [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: EV JOI Issue 1581234 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Failure to provide a preliminary report within 24 hours 1762456 RESOLVED INVALID Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Failure to provide a preliminary report within 24 hours. 1649880 RESOLVED FIXED Stephen Davidson [ca-compliance] Next Update 1-October 2020 2022-11-14T22:22:57Z
QuoVadis: failure to reply in a timely manner 1590171 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: hostnames not in preferred name syntax 1738472 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: improper countryName format 1493760 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Incorrect EV jurisdiction of incorporation information 1589047 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Incorrect keyUsage for ECC certificate 1667518 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Incorrect OCSP Delegated Responder Certificate 1649938 RESOLVED FIXED Stephen Davidson [ca-compliance] Next Update 2021-01-07 2022-11-14T22:22:57Z
Quovadis: Insufficient Serial Number Entropy 1533899 RESOLVED INVALID Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: IP in dnsName 1524879 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs 1586792 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Multiple unreported misissuances in 2018 1519260 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Non-BR-Compliant Certificate Issuance 1391063 RESOLVED FIXED Stephen Davidson [ca-compliance] [remediation-accepted] Next Update - 2018-06-30 2022-11-14T22:22:57Z
Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) 1430909 RESOLVED FIXED Stephen Davidson [ca-compliance] - Next Update - mid-Feb 2018 2022-11-14T22:22:57Z
QuoVadis: Non-BR-Compliant OCSP Responder 1426238 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs 1519265 VERIFIED FIXED Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: revocation services validity set to expected value plus one second 1733000 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) 1563917 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
QuoVadis/PKIoverheid: incorrect OCSP response for precertificate 1724276 RESOLVED FIXED Stephen Davidson [ca-compliance] 2022-11-14T22:22:57Z
RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone 1409735 RESOLVED FIXED Steven Medin [ca-compliance] 2022-11-14T22:22:57Z
SECOM: "Default City" in Subject:localityName 1548714 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Ambiguity on KeyUsage with ECC public key 1560234 RESOLVED INVALID Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: CA Certificates Missing from Audit Reports 1717044 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: certificate for .test TLD 1524452 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: certificate for which “L” and “ST” not set 1544722 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: certificate for which “OU=-” 1544712 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: CP/CPS does not clearly specify domain validation methods 1705480 RESOLVED FIXED Hisashi Kamo [ca-compliance] Next update 2021-08-01 2022-11-14T22:22:57Z
SECOM: CrossTrust: OU > 64 characters 1532105 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Failed an annual update of Cybertrust Japan (CTJ) CPS 1769222 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days 1563574 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: failure to revoke underscores 1524816 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: FUJIFILM intermediate not listed in audit statement 1695938 RESOLVED FIXED Hisashi Kamo [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
SECOM: Incorrect OCSP Delegated Responder Certificate 1649962 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Insufficient Serial Number Entropy 1539358 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Mis-issued EV Certificates 1576133 RESOLVED FIXED Yuu Hidaka [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Non-BR-Compliant Certificate Issuance 1391064 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Non-BR-Compliant OCSP Responders 1398259 RESOLVED FIXED Hisashi Kamo [ca-compliance] [remediation-accepted] Next Update - 5-Mar 2018 2022-11-14T22:22:57Z
SECOM: Outdated audit statements for intermediate certs 1695993 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Root CRLs exceed maximum validity period by 1 second 1735998 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: TSA Certs Issued from Root 1452671 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Undisclosed intermediate certificates 1497703 RESOLVED FIXED Hisashi Kamo [ca-compliance] 2022-11-14T22:22:57Z
SECOM: Unqualified domain name in SAN 1695786 RESOLVED FIXED Hisashi Kamo [ca-compliance] Next update 2021-08-01 2022-11-14T22:22:57Z
Sectigo / Web.com: inconsistent disclosure of externally-operated intermediate 1567060 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: "Default City" in Subject:localityName 1548713 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: "Manual DCV" method used 1718579 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: "Some-State" in stateOrProvinceName 1551362 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: "unauthorized" OCSP responses 1639518 VERIFIED INVALID Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: 2020 failure to respond to abuse report discovered 1718785 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: CCADB failed ALV - D-TRUST CA 2-1 2015 1597948 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: CCADB failed ALV - Ensured Root CA 1597950 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: CCADB failed ALV - Network Solutions Certificate Authority 1597947 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Certificate Problem Report response issues 1650845 RESOLVED FIXED Nick France [ca-compliance] Updates in Bug #1648717 2022-11-14T22:22:57Z
Sectigo: Certificates with RSA keys where modulus is not divisible by 8 1653504 RESOLVED FIXED Nick France [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: CRL validity beyond CPS allowed value 1735761 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: DCV Reuse after 825 days 1718771 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: EV SSL Certificates with incorrect businessCategory 1590810 RESOLVED FIXED Robin Alden [ca-compliance] - Next Update - 1-June 2020 2022-11-14T22:22:57Z
Sectigo: EV SSL Certificates with incorrect subject details. 1575022 RESOLVED FIXED Robin Alden [ca-compliance] - Next Update - 15-Aug 2020 2022-11-14T22:22:57Z
Sectigo: Failure to block disallowed LDH labels in domain names 1740493 RESOLVED FIXED Martijn Katerbarg [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to provide a preliminary report within 24 hours 1619359 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to provide a preliminary report within 24 hours. 1648717 RESOLVED FIXED Rich Smith [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to provide timely incident reports 1563579 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours 1625715 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to revoke key-compromised certificate within 24 hours 1639804 RESOLVED FIXED Robin Alden [ca-compliance] Next update 15-Aug-2020 2022-11-14T22:22:57Z
Sectigo: Failure to revoke key-compromised certificates 1639805 RESOLVED FIXED Rich Smith [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Failure to revoke within 24 hours 1492006 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Forbidden Domain Validation Method 1714628 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Inadequate DCV 1694233 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Inappropriate subject:serialNumber information in EV certificates obtained through ACME 1712120 RESOLVED FIXED Tim Callan [ca-compliance] Next update 2021-10-01 2022-11-14T22:22:57Z
Sectigo: Incorrect EV businessCategory 1715929 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Incorrect JOI Country value 1747915 RESOLVED FIXED Martijn Katerbarg [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Incorrect JOI for federal credit unions 1741026 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Incorrect locality information 1714193 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Incorrect OCSP responses 1763203 RESOLVED FIXED Martijn Katerbarg [ca-compliance] Next update 2022-06-15 2022-11-14T22:22:57Z
Sectigo: invalid dnsName 1524730 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Invalid postalCode field 1708934 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Invalid stateOrProvinceName 1710243 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: invalid subject:organizationalUnitName on DV certificates 1593776 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Issuance of ECC leaf certificates with non-DER encoded keyUsage 1796803 RESOLVED FIXED Rob Stradling [ca-compliance] 2022-11-28T16:43:27Z
Sectigo: Lack of input validation in stateOrProvinceName 1645686 RESOLVED DUPLICATE Rich Smith [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Missing Changelog in CPS 1545208 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Missing registration numbers in EV certificates 1721271 RESOLVED FIXED Tim Callan [ca-compliance] Next update 2021-10-18 2022-11-14T22:22:57Z
Sectigo: Misspelled city name in localityName field 1782356 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Misspellings in stateOrProvince or localityName fields 1715024 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Mojibake in certificate Subject fields 1724458 RESOLVED FIXED Tim Callan [ca-compliance] Next update 2022-02-15 2022-11-14T22:22:57Z
Sectigo: Non-existent hostname in CDP and AIA URLs 1793787 RESOLVED FIXED Martijn Katerbarg [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: OCSP responses directly signed using root certificates without KU=digitalSignature 1741777 RESOLVED FIXED Rob Stradling [ca-compliance] Next update 2022-09-01 2022-11-14T22:22:57Z
Sectigo: Potential audit report delay 1648593 RESOLVED FIXED Nick France [ca-compliance] [audit-delay] 2022-11-14T22:22:57Z
Sectigo: potentially invalid organizational validation certificates 1717046 RESOLVED INVALID Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Reseller ZeroSSL and Private Key Generation 1699756 RESOLVED INVALID Ben Wilson [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: SC45 DCV Reuse Error 1756847 RESOLVED FIXED Martijn Katerbarg [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: State name in localityName 1720744 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Subject field with unvalidated information included in certificates 1736064 RESOLVED FIXED Tim Callan [ca-compliance] Next update 2022-02-16 2022-11-14T22:22:57Z
Sectigo: test certificates issued from trusted CA 1712188 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Truncated registration numbers in EV certificates 1732484 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: Use of forbidden subjectPublicKeyInfo algorithm 1518553 RESOLVED FIXED Robin Alden [ca-compliance] 2022-11-14T22:22:57Z
Sectigo: ZeroSSL: failure to revoke within 24 hours 1698936 RESOLVED FIXED Tim Callan [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Unvalidated domain in certificate 1546776 RESOLVED FIXED fcorday [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: "Some-State" in stateOrProvinceName 1551374 RESOLVED FIXED fcorday [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: BR Audit 2019 - matters to be resolved 1606031 RESOLVED FIXED Corey Bonnell [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: CPS section 6.1.1.1 number 3 non-compliance event 1671037 RESOLVED FIXED Andrea Holland [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Failure to provide a preliminary report within 24 hours. 1667799 RESOLVED FIXED Andrea Holland [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Inaccurate value in stateOrProvinceName 1667842 RESOLVED FIXED Andrea Holland [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Incorrect OCSP response 1765800 RESOLVED FIXED Andrea Holland [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Invalid localityName 1720723 RESOLVED FIXED Andrea Holland [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Metadata-only field values in 2 certificates 1646711 RESOLVED FIXED Corey Bonnell [ca-compliance] 2022-11-14T22:22:57Z
SecureTrust: Unconstrained ICA not included in WTBR audit report 1600844 RESOLVED FIXED Corey Bonnell [ca-compliance] 2022-11-14T22:22:57Z
Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders 1398233 RESOLVED FIXED Mihkel Tammsalu [ca-compliance] 2022-11-14T22:22:57Z
SK ID Solutions: Audit Letter Validation failures on intermediate certificates 1614449 RESOLVED FIXED Kristel Rünnimeri [ca-compliance] 2022-11-14T22:22:57Z
SK ID Solutions: Incorrect OCSP Delegated Responder Certificate 1649942 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: CRL not found - SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl 1548720 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Expired CRLs 1550576 RESOLVED INVALID Chris Kemmerer [ca-compliance] Expired CRLs 2022-11-14T22:22:57Z
SSL.com: Incorrect Domain Validation for 1 TLS certificate with FQDN having "www." string within domain labels 1724520 RESOLVED FIXED Chris Kemmerer [ca-compliance] Next update 2022-06-17 2022-11-14T22:22:57Z
SSL.com: Insufficient serial number entropy 1534147 RESOLVED FIXED Fotis Loukos [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Insufficient validation evidence for the localityName attribute of an OV certificate 1666872 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Intermediate certificate not listed in audit reports 1610000 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Issuance of 3 EV TLS certificates without 2-person validation of the organization information 1722089 RESOLVED FIXED Chris Kemmerer [ca-compliance] Next update 2022-06-10 2022-11-14T22:22:57Z
SSL.com: Issuance of an EV TLS certificate with incorrect O Field Value 1719916 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Issuance of TLS certificates with validation methods prohibited by SC-45 1750631 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Issued precertificate with Debian Weak Key 1620772 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: P-384 curve / ecdsa-with-SHA256 certificates 1534145 RESOLVED FIXED Fotis Loukos [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown" 1579509 RESOLVED INVALID Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
SSL.com: Wildcard DV certificate issued with a non-validated domain name 1678720 RESOLVED FIXED Chris Kemmerer [ca-compliance] 2022-11-14T22:22:57Z
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance 1391864 RESOLVED FIXED Mark Janssen [ca-compliance] 2022-11-14T22:22:57Z
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders 1398251 RESOLVED FIXED Mark Janssen [ca-compliance] 2022-11-14T22:22:57Z
Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone 1409859 RESOLVED INVALID Iñigo [ca-compliance] 2022-11-14T22:22:57Z
StartCom: 'un-revoking' intermediate certificates 1369342 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record 1409760 RESOLVED WONTFIX Iñigo [ca-compliance] 2022-11-14T22:22:57Z
StartCom: mis-issuance of certs with unvalidated domain names and bogus field values 1369359 RESOLVED FIXED Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL 1386894 RESOLVED DUPLICATE Kathleen Wilson [ca-compliance] 2022-11-14T22:22:57Z
Swisscom: certificates without DNS names in subjectAltName 1195115 RESOLVED WONTFIX H-P Waldegger [ca-compliance] 2022-11-14T22:22:57Z
Swisscom: Missing Audits for Unconstrained Intermediate Certificates 1464286 RESOLVED FIXED H-P Waldegger [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: "Some-State" in stateOrProvinceName 1551364 RESOLVED FIXED Timo Schmitt [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Audit Letter Validation failures on intermediate certificates 1614450 RESOLVED WORKSFORME Nathalie Weiler [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: BRs require full annual audits 1374381 RESOLVED FIXED Reinhard Dietrich [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Cert issued with a to long validity period 1443731 RESOLVED FIXED Juerg.Eiholzer [ca-compliance] - Next Update - 01-August 2018 2022-11-14T22:22:57Z
SwissSign: Certificate issue with Signature 1459557 RESOLVED FIXED Juerg.Eiholzer [ca-compliance] - Next Update - 01-August 2018 2022-11-14T22:22:57Z
SwissSign: Certificate with key length 16258 1731586 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Certificate with key length 4098 bit 1691704 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Domain validated certificate but with stateOrProvinceName 1473971 RESOLVED FIXED Reinhard Dietrich [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: duplicate serial number 1636140 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: duplicate serial number 1677737 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Error in OrganisationIdentifier in signature/seal certificate 1541064 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: failure to provide a preliminary report within 24 hours 1636141 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Failure to provide a preliminary report within 24 hours. 1671113 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Invalid DNSName in SAN 1428877 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Invalid stateOrProvinceName field 1670894 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Mis-Issuance of S/MIME certificates 1766255 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier 1506607 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Misissuance of Leaf Certificates because of incorrect postcode 1569651 RESOLVED FIXED Timo Schmitt [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Misissuance with mispellings in Location for a number of Certificates 1613334 RESOLVED FIXED Mike Guenther [ca-compliance] Next Update 31-July 2020 2022-11-14T22:22:57Z
SwissSign: Non-BR-Compliant Certificate Issuance 1391066 RESOLVED FIXED Corneia Enke [ca-compliance] [remediation-accepted] Next Update - 2017-11-04 2022-11-14T22:22:57Z
SwissSign: OCSP responder unreachable 1662137 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Two certs issued with same issuer and serial number 1404403 RESOLVED FIXED Corneia Enke [ca-compliance] 2022-11-14T22:22:57Z
SwissSign: Undisclosed Intermediate Certificates 1455132 RESOLVED FIXED Juerg.Eiholzer [ca-compliance] - Next Update - 16-October 2018 2022-11-14T22:22:57Z
SwissSign: wrong address in EV certificate 1734131 RESOLVED FIXED Mike Guenther [ca-compliance] 2022-11-14T22:22:57Z
Symantec: Non-audited, non-technically-constrained intermediate cert 1368178 RESOLVED FIXED Steven Medin [ca-compliance] 2022-11-14T22:22:57Z
Symantec: Non-BR-Compliant Certificate Issuance 1391067 RESOLVED FIXED Steven Medin [ca-compliance] 2022-11-14T22:22:57Z
T-Systems / DFN-PKI: 40 OV certificates with wrong ST 1534580 RESOLVED FIXED Jürgen Brauckmann [ca-compliance] 2022-11-14T22:22:57Z
T-Systems / DFN-PKI: 42 certificates with RSA modulus size in bits not divisable by 8 1651132 RESOLVED FIXED Jürgen Brauckmann [ca-compliance] - Next Update - 2-Oct-2020 2022-11-14T22:22:57Z
T-Systems: "Internet Widgits Pty Ltd" in organizationName 1638898 RESOLVED DUPLICATE Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: "Some-State" comparable issues 1567456 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: "Some-State" in stateOrProvinceName 1551371 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 1522080 RESOLVED INVALID Jürgen Brauckmann [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Improperly encoded QCStatements extension 1498463 RESOLVED FIXED Bernd [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Incorrect OCSP Delegated Responder Certificate 1649941 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Insufficient serial number entropy 1536082 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Invalid SAN Entries 1530718 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Issue with Organization field 1578417 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Non-BR-Compliant Certificate Issuance 1391074 RESOLVED FIXED Lothar Eickholt [ca-compliance] Next Update - 28-January 2019 2022-11-14T22:22:57Z
T-Systems: Non-BR-Compliant OCSP Responders 1426009 RESOLVED FIXED Lothar Eickholt [ca-compliance] 2022-11-14T22:22:57Z
T-Systems: Undisclosed Intermediate certificate 1455137 RESOLVED FIXED Bernd [ca-compliance] 2022-11-14T22:22:57Z
T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 1401486 RESOLVED FIXED Lothar Eickholt [ca-compliance] 2022-11-14T22:22:57Z
Taiwan-CA: Invalid SAN Entries 1535869 RESOLVED FIXED Hao-Chun Li [ca-compliance] 2022-11-14T22:22:57Z
Taiwan-CA: Invalid stateOrProvinceName 1709070 RESOLVED FIXED Hao-Chun Li [ca-compliance] Next update 2021-08-15 2022-11-14T22:22:57Z
Taiwan-CA: Misissued certificate: Invalid organizationUnitName 1629020 RESOLVED FIXED Hao-Chun Li [ca-compliance] 2022-11-14T22:22:57Z
Taiwan-CA: Non-BR-Compliant Certificate Issuance 1391068 RESOLVED FIXED Robin Lin [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: Certificate with invalid FQDN 1711432 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: CRL also contained unrevoked certificates 1655698 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: Finding in 2020 ETSI-Audit regarding weekly review of changes to configurations 1651611 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: Key Encipherment in two ECC SAN TLS certificates 1703528 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: Multiple commonName in certificates 1705791 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telekom Security: Wrong jurisdiction entries in certificates 1675314 RESOLVED FIXED Arnold Essing [ca-compliance] 2022-11-14T22:22:57Z
Telia CA: AIA CA Issuer field pointing to PEM encoded cert 1637854 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia CA: Ambiguity on KeyUsage with ECC public key 1612332 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia CA: Certificates with RSA keys where modulus is not divisible by 8 1674536 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia CA: Invalid email contact address was used for few domains 1736020 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia CA: Issued three precertificates with non-NIST EC curve 1738207 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: "Some-State" in stateOrProvinceName 1551372 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Disallowed curve (P-521) in leaf certificate 1689589 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Failure to disclose Unconstrained Intermediate within 7 Days 1563575 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: invalid IP value in SAN DNS field 1524567 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field 1528259 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) 1528261 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Misissued certificate - invalid dnsName 1524050 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Misissued certificate - Invalid OU value "-" 1528264 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Misissued certificate - Invalid wildcard format 1528263 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Non-BR-Compliant OCSP Responder 1426247 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Qualified Audit Statements 1475115 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Qualified BR Audit Statement 1565270 RESOLVED FIXED pekka.lahtiharju [ca-compliance] Next Update 2021-03-01 2022-11-14T22:22:57Z
Telia: Qualified BR Audit Statement 2020 1649683 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
Telia: Two CA certificates not listed in audit report 1614311 RESOLVED FIXED pekka.lahtiharju [ca-compliance] 2022-11-14T22:22:57Z
TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB 1451953 RESOLVED FIXED Wayne Thayer [ca-compliance] - Next Update - 01-May 2018 2022-11-14T22:22:57Z
TERENA: Insufficient validation of organizationalUnitName 1675923 RESOLVED INVALID Jeremy Rowley [ca-compliance] 2022-11-14T22:22:57Z
Trustcor: Incorrect CA-Issuers URI 1568356 RESOLVED FIXED Neil Dunbar [ca-compliance] 2022-11-14T22:22:57Z
TrustCor: Insufficient Serial Number Entropy 1532399 RESOLVED FIXED Neil Dunbar [ca-compliance] 2022-11-14T22:22:57Z
TrustCor: Non-audited intermediate certificates 1579284 RESOLVED FIXED Neil Dunbar [ca-compliance] 2022-11-14T22:22:57Z
TrustCor: Non-mention of Email CAs in WTBR audit reports 1599503 RESOLVED FIXED Neil Dunbar [ca-compliance] 2022-11-14T22:22:57Z
Trustis: Gap between audit periods 1623472 RESOLVED FIXED Blake Morgan [ca-compliance] Audit Gap 2022-11-14T22:22:57Z
Trustis: Non-Br-Compliant OCSP Responder 1426249 RESOLVED FIXED Blake Morgan [ca-compliance] 2022-11-14T22:22:57Z
Trustwave: Certs issued with same issuer and serial number 1405826 RESOLVED FIXED fcorday [ca-compliance] 2022-11-14T22:22:57Z
TunTrust: OCSP unreachable 1663953 RESOLVED FIXED Agence Nationale de Certification Electronique [ca-compliance] Next Update 2021-06-15 2022-11-14T22:22:57Z
TurkTrust: Failure to respond to January 2018 survey 1439127 RESOLVED FIXED Atilla Biler [ca-compliance] 2022-11-14T22:22:57Z
TurkTrust: Non-audited, non-technically-constrained intermediate certs 1367842 RESOLVED FIXED Atilla Biler [ca-compliance] 2022-11-14T22:22:57Z
TWCA: CA Certificate Missing from Audit Reports 1716670 RESOLVED FIXED Hao-Chun Li [ca-compliance] 2022-11-14T22:22:57Z
TWCA: Policy OID not set to indicate the assurance level to the issued certs 1738778 RESOLVED FIXED Hao-Chun Li [ca-compliance] 2022-11-14T22:22:57Z
Visa: Non-BR-Compliant Certificate Issuance 1391087 RESOLVED FIXED Marcelo B. Silva [ca-compliance] 2022-11-14T22:22:57Z
Visa: Non-BR-Compliant OCSP Responders 1398261 RESOLVED FIXED Marcelo B. Silva [ca-compliance] 2022-11-14T22:22:57Z
Visa: Qualified Audit Statements 1485851 RESOLVED FIXED PKI Policy [ca-compliance] 2022-11-14T22:22:57Z
Web.com: Failure to respond in time to revocation requests 1723121 RESOLVED FIXED Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
Web.com: Overdue Audit Statements 2021 1721473 RESOLVED FIXED Keith McKenney [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Failure to disclose intermediate in CCADB 1503638 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Incorrect OCSP Delegated Responder Certificate 1649939 RESOLVED FIXED Pedro Fuentes [ca-compliance] [covid-19] Next Update - 25 October, 2020 2022-11-14T22:22:57Z
WISeKey: Insufficient Serial Number Entropy 1540281 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Issuance of certificate with non-DER encoded keyUsage 1793692 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Issuance of certificate with two potentially conflicting policy OIDs 1626868 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Non-BR-Compliant Certificate Issuance 1391089 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Revocation of multiple intermediate CAs 1549308 RESOLVED INVALID Wayne Thayer [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Typo in Organization field 1609501 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z
WISeKey: Unofficial DBA in Organization field 1614290 RESOLVED FIXED Pedro Fuentes [ca-compliance] 2022-11-14T22:22:57Z

861 Total; 0 Open (0%); 859 Resolved (99.77%); 2 Verified (0.23%);


Delayed Revocation

Full Query
Summary ID Status Resolution Assigned to Whiteboard Last change time
Actalis: Delayed revocation of non-BR-compliant CA Certificate within 7 days 1718554 RESOLVED FIXED Adriano Santoni [ca-compliance] [delayed-revocation-ca] Next update 2021-09-22 2022-11-14T22:22:57Z
Actalis: delayed revocation related to inaccurate value in stateOrProvinceName 1670861 RESOLVED FIXED Adriano Santoni [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Actalis: Failure to revoke certs within the BR required timeframe 1572638 RESOLVED FIXED Giorgio Girelli [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Actalis: Failure to revoke within 7 days: OCSP EKU issue 1651651 RESOLVED FIXED Adriano Santoni [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 2022-11-14T22:22:57Z
Amazon Trust Services: Revocation Time for Intermediate Certificates 1719920 RESOLVED FIXED Heather (Amazon Trust Services) [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
Asseco DS / Certum: Failure to revoke intermediate certificates within the BR time period 1600158 RESOLVED FIXED Wojciech Trapczyński [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
Asseco DS/Certum: Failure to revoke within 5 days 1668523 RESOLVED FIXED Aleksandra Kurosz [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-15 2022-11-14T22:22:57Z
Buypass: Failure to revoke PSD2 QWACs within mandated 5 days 1628292 RESOLVED FIXED Mads Henriksveen [ca-compliance] [delayed-revocation-leaf] Next update 2020-12-01 2022-11-14T22:22:57Z
Buypass: intermediate certificates not revoked within BR time period 1598319 RESOLVED FIXED Mads Henriksveen [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
Camerfirma: BR revocation period exceeded 1624658 RESOLVED FIXED Ana Lopes [ca-compliance] [delayed-revocation-leaf] [covid-19] 2022-11-14T22:22:57Z
Camerfirma: Decision not to revoke certificates with authorityKeyIdentifier that violates Mozilla Policy 1609828 RESOLVED FIXED Juan Angel Martin [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Camerfirma: Delayed revocations of certificates issued by old CAs with an RSA modulus size of 2047 bits 1692535 RESOLVED FIXED Ben Wilson [ca-compliance] [delayed-revocation-leaf] Next update 2022-02-18 2022-11-14T22:22:57Z
Camerfirma: Delayed revocations related to certificates without CABForum OV Reserved Policy Identifier 1686966 RESOLVED FIXED Ana Lopes [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident 1647099 RESOLVED FIXED Ana Lopes [ca-compliance] [delayed-revocation-leaf] [covid-19] 2022-11-14T22:22:57Z
Camerfirma: Delayed revocations related to Invalid stateOrProvinceName field 1668331 RESOLVED FIXED Juan Angel Martin [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Camerfirma: Failure to revoke within 7 days: OCSP EKU issue 1652603 RESOLVED FIXED Eusebio Herrera [ca-compliance] [delayed-revocation-ca] 2020-12-01 2022-11-14T22:22:57Z
Camerfirma: Govern d'Andorra audits 1575530 RESOLVED FIXED Juan Angel Martin [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
Camerfirma: Invalid authorityKeyIdentifier, violating Mozilla Policy and RFC 5280 1586860 RESOLVED FIXED Juan Angel Martin [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
CFCA: O > 64 characters 1532113 RESOLVED FIXED Oliver Bi [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
D-TRUST: Delayed revocation of EV certificates 1580525 RESOLVED FIXED Enrico Entschew [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days 1674082 RESOLVED FIXED r.delval [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Dhimyotis/Certigna: Failure to revoke in the timeline specified by the BRs 1685142 RESOLVED DUPLICATE r.delval [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
DigiCert: Delay of revocation for EV audit inconsistency incident 1651828 RESOLVED FIXED Brenda Bernal [ca-compliance] [delayed-revocation-leaf] [covid-19] 2022-11-14T22:22:57Z
DigiCert: Delayed Revocation of ~5.5 hours 1797165 RESOLVED FIXED Jeremy Rowley [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
DigiCert: Failure to revoke within 7 days: OCSP EKU issue 1651461 RESOLVED FIXED Brenda Bernal [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
E-Tugra: The failure to revoke a certificate 1687608 RESOLVED FIXED Davut Tokgöz [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: Compromised Private Key was not Revoked in Less than 24 Hours 1611241 RESOLVED FIXED Dathan Demone [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: Failure to revoke a certificate 1636339 RESOLVED FIXED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: Late Revocation due to SHA-256 hash algorithm 1651481 RESOLVED FIXED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: Late Revocation for Invalid State/Province Issue 1658794 RESOLVED FIXED Dathan Demone [ca-compliance][delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: Late Revocation for SSL Certificates issued with Un-verified IP Addresses 1748634 RESOLVED FIXED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Entrust: SHA-256 hash algorithm used with ECC P-384 key 1648472 RESOLVED FIXED Bruce Morton [ca-compliance] [delayed-revocation-leaf] Next Update - 21-Sept. 2020 2022-11-14T22:22:57Z
Firmaprofesional: Failure to revoke ICAs within 7 days: OCSP EKU 1651637 RESOLVED FIXED Maria Jose Prieto [ca-compliance] [delayed-revocation-ca] Next update 2021-04-23 2022-11-14T22:22:57Z
GlobalSign: Failure to revoke 2 noncompliant QWACs within 5 days 1625445 RESOLVED FIXED Paul Brown [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
GlobalSign: Failure to revoke noncompliant certificates within 5 days 1654545 RESOLVED FIXED Arvid Vermote [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
GlobalSign: Failure to revoke noncompliant ICA within 7 days 1651447 RESOLVED FIXED Arvid Vermote [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
GlobalSign: Failure to revoke noncompliant ICA within 7 days 1599788 RESOLVED FIXED Arvid Vermote [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
GlobalSign: ICAs in CCADB, without EKU extension are listed in WTCA report but not in WTBR report 1591005 RESOLVED FIXED Arvid Vermote [ca-compliance] [delayed-revocation-ca] Next Update 2021-03-15 2022-11-14T22:22:57Z
GlobalSign: Untimely revocation of TLS certificate after submission of private key compromise 1620922 RESOLVED FIXED Arvid Vermote [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
GoDaddy: Failure to revoke 210 subscriber certificates within 24 hours 1793848 RESOLVED FIXED Brittany Randall [ca-compliance] [delayed-revocation-leaf] 2022-11-26T18:17:40Z
GoDaddy: Failure to Revoke Subscriber Certificates within 24 hours 1742657 RESOLVED FIXED Brittany Randall [ca-compliance] [delayed-revocation-leaf] Next update 2022-03-31 2022-11-14T22:22:57Z
Google Trust Services: Failure to revoke subscriber certificates within BR timeframe 1715421 RESOLVED FIXED Fotis Loukos [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
HARICA: Delayed revocation for non-BR-compliant CA Certificates within 7 days 1651465 RESOLVED FIXED Dimitris Zacharopoulos [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2022-11-14T22:22:57Z
Identrust: Delay Revocation for EV SSL Certificates 1757247 RESOLVED FIXED IdenTrust [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Identrust: Failure to Revoke Subscriber Certificates Within 5 days 1736706 RESOLVED FIXED IdenTrust [ca-compliance] [delayed-revocation-leaf] [ca-compliance] Next update 2022-01-05 2022-11-14T22:22:57Z
IdenTrust: Undisclosed Unrevoked ICAs 1598807 RESOLVED FIXED IdenTrust [ca-compliance] [delayed-revocation-ca] [covid-19] - Next Update - 7-Aug 2020 2022-11-14T22:22:57Z
Izenpe: Failure to revoke within 5 days 1656487 RESOLVED FIXED Oscar Garcia [ca-compliance][delayed-revocation-leaf] 2022-11-14T22:22:57Z
Izenpe: intermediate certificates not revoked within BR time period 1598608 RESOLVED FIXED Oscar Garcia [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
KIR S.A.: Delayed revocations of certificates 1709872 RESOLVED FIXED Piotr Grabowski [ca-compliance] [delayed-revocation-leaf] Next update 2022-01-22 2022-11-14T22:22:57Z
Let's Encrypt: Delayed revocation for removed gTLD 1795483 RESOLVED FIXED James Renken [ca-compliance] [delayed-revocation-leaf] 2022-11-30T17:39:40Z
Let's Encrypt: Failure to revoke for Certificate Lifetime Incident 1715672 RESOLVED FIXED Aaron Gable [ca-compliance] [delayed-revocation-leaf] Next update 2022-01-12 2022-11-14T22:22:57Z
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours 1625322 RESOLVED FIXED Josh Aas [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Let's Encrypt: Incomplete revocation for CAA rechecking bug 1619179 RESOLVED FIXED Josh Aas [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Microsec: Failure to revoke noncompliant ICA within 7 days 1651632 RESOLVED FIXED dr. Sándor SZŐKE [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2022-11-14T22:22:57Z
Netlock - Failure to revoke noncompliant ICA within 7 days 1656882 RESOLVED FIXED Varga Viktor [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
Netlock: Delayed revocation report connected to ticket 1680378 1688844 RESOLVED FIXED Varga Viktor [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue 1652922 RESOLVED DUPLICATE Ben Wilson [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue 1652604 RESOLVED FIXED Jorik van 't Hof [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2022-11-14T22:22:57Z
QuoVadis: Failure to revoke certificates with compromised private keys 1624504 RESOLVED FIXED Stephen Davidson [ca-compliance] [delayed-revocation-leaf] - Next update 31-July 2020 2022-11-14T22:22:57Z
QuoVadis: Unconstrained CAs missing audits 1581597 RESOLVED FIXED Stephen Davidson [ca-compliance] [delayed-revocation-ca] [covid-19] 2022-11-14T22:22:57Z
QuoVadis: Failure to revoke within 7 days: OCSP EKU issue 1651553 RESOLVED FIXED Stephen Davidson [ca-compliance] [delayed-revocation-ca] Next update 2021-01-22 2022-11-14T22:22:57Z
QuoVadis: Unconstrained CAs revocation 1599916 RESOLVED FIXED Stephen Davidson [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
SECOM: Delayed Revocation of CA Certificate with OCSP EKU Issue 1652610 RESOLVED FIXED Hisashi Kamo [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
SECOM: Delayed Revocation of non-technically constrained FUJIFILM Certificates 1707229 RESOLVED FIXED Hisashi Kamo [ca-compliance] [delayed-revocation-leaf] Next update 2022-04-29 2022-11-14T22:22:57Z
Sectigo: Failure to properly respond to a report of subscriber key compromise 1635840 RESOLVED FIXED Robin Alden [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Sectigo: Failure to revoke within 5 days 1665763 RESOLVED FIXED Rich Smith [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
Sectigo: Non-revocation of certificates with subject:organizationalUnitName in DV certificates 1620561 RESOLVED FIXED Nick France [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-05 2022-11-14T22:22:57Z
SecureTrust: Delayed revocation of a customer revoke request 1724485 RESOLVED FIXED Andrea Holland [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
SSL.com: Delayed revocation of 53 certificates affected by bug #1750631 1752636 RESOLVED FIXED Chris Kemmerer [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
SwissSign: CP/CPS certificate profile issue 1558552 RESOLVED FIXED Mike Guenther [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
SwissSign: Delayed revocation for mispellings in Location for a number of Certificates 1613406 RESOLVED FIXED Mike Guenther [ca-compliance] [delayed-revocation-leaf] Next Update 31-Aug 2020 2022-11-14T22:22:57Z
Telekom Security: Delayed Revocations of Sub-CA certificates 1651487 RESOLVED FIXED Arnold Essing [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2022-11-14T22:22:57Z
Telia CA: Delayed revocation of 5 EE certificates in connection to id=1736020 1737808 RESOLVED FIXED pekka.lahtiharju [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
TrustCor: Non-revocation of CA certificates within 7 days 1599571 RESOLVED FIXED Neil Dunbar [ca-compliance] [delayed-revocation-ca] 2022-11-14T22:22:57Z
WISeKey: Failure to meet revocation deadline 1610767 RESOLVED FIXED Pedro Fuentes [ca-compliance] [delayed-revocation-leaf] 2022-11-14T22:22:57Z
WISeKey: Failure to revoke ICA Certificates within 7 days (OCSP EKU) 1651730 RESOLVED FIXED Pedro Fuentes [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 2022-11-14T22:22:57Z

76 Total; 0 Open (0%); 76 Resolved (100%); 0 Verified (0%);