CA/Closed Incidents
From MozillaWiki
< CA
Closed CA Compliance Bugs
A historical view of past overdue audit statements may be found here.
Below is a historical view of past CA compliance bugs. These bugs may have been valid and remedied by the CA, or may have been deemed invalid and closed as unnecessary.
All Other Issues
| Summary | ID | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| [meta] Bug for Tracking BR Compliance Issues | 1029147 | RESOLVED | Kathleen Wilson | [ca-compliance] -- tracking bug for BR Compliance issues | 2018-01-18T18:13:04Z |
| ACCV: Insufficient serial number entropy | 1536213 | RESOLVED | Jose Amador | [ca-compliance] | 2019-07-23T15:55:50Z |
| Actalis: Certs issued with same issuer and serial number | 1405817 | RESOLVED | Adriano Santoni | [ca-compliance] | 2018-01-18T15:49:40Z |
| Actalis: inaccurate value in stateOrProvinceName | 1648997 | RESOLVED | Adriano Santoni | [ca-compliance] - Next Update - 1-October 2020 | 2020-12-09T18:27:44Z |
| Actalis: Incorrect OCSP Delegated Responder Certificate | 1649961 | RESOLVED | Adriano Santoni | [ca-compliance] | 2020-08-07T14:37:12Z |
| Actalis: Insufficient serial number entropy | 1534295 | RESOLVED | Adriano Santoni | [ca-compliance] | 2019-08-09T16:41:07Z |
| Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy | 1586787 | RESOLVED | Giorgio Girelli | [ca-compliance] | 2020-01-24T22:41:09Z |
| Actalis: Non BR Compliant OCSP Responder | 1523680 | RESOLVED | Adriano Santoni | [ca-compliance] | 2019-02-20T17:33:18Z |
| Actalis: Non-BR-Compliant Certificate Issuance | 1390974 | RESOLVED | Adriano Santoni | [ca-compliance] | 2017-09-20T05:24:05Z |
| AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN | 1420766 | RESOLVED | Linus Hallberg | [ca-compliance] | 2017-11-29T15:41:06Z |
| Amazon: CAA Misissuances | 1398428 | RESOLVED | Peter Bowen | [ca-compliance] | 2017-11-03T12:10:13Z |
| Amazon: Failure to comply with RFC 5280 | 1521623 | RESOLVED | Trevoli (Amazon Trust Services) | [ca-compliance] | 2019-02-05T23:01:29Z |
| Amazon: No Space In Private Organization | 1569266 | RESOLVED | Dave Blunt | [ca-compliance] | 2019-08-10T23:03:35Z |
| Amazon: Revoked Sample Certs - No SANs | 1574594 | RESOLVED | Trevoli (Amazon Trust Services) | [ca-compliance] | 2019-09-17T20:34:58Z |
| Amazon: Test revoked certificates with invalid validity period | 1525710 | RESOLVED | Trevoli (Amazon Trust Services) | [ca-compliance] | 2019-03-04T19:54:07Z |
| Apple: Empty SingleExtension in OCSP responses | 1669618 | RESOLVED | certification_authority | [ca-compliance] | 2020-12-29T15:41:31Z |
| Apple: EV Certificate Approver Authorization | 1659316 | RESOLVED | certification_authority | [ca-compliance] | 2020-10-05T16:58:56Z |
| Apple: OCSP availability 2020-11-12 | 1677234 | RESOLVED | certification_authority | [ca-compliance] Next Update 2021-01-31 | 2021-02-08T17:33:05Z |
| Apple: OCSP responders return responses with incorrect issuer | 1588001 | RESOLVED | certification_authority | [ca-compliance] - Next Update - 30-June 2020 | 2021-06-07T18:12:24Z |
| Apple: Patch Management | 1598829 | RESOLVED | certification_authority | [ca-compliance] | 2020-04-01T03:54:50Z |
| Asseco DS / Certum: CA certificates not listed in audit report | 1598277 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-12-03T04:23:48Z |
| Asseco DS / Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record | 1409766 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-09-17T20:39:27Z |
| Asseco DS / Certum: CAA mis-issuance on critical flag and unknown CAA tag | 1409764 | RESOLVED | Arkadiusz Ławniczak | [ca-compliance] | 2019-09-17T20:39:40Z |
| Asseco DS / Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN | 1420860 | RESOLVED | Arkadiusz Ławniczak | [ca-compliance] | 2019-09-17T20:36:03Z |
| Asseco DS / Certum: commonName not from subjectAltName entries | 1550575 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-07-18T21:28:15Z |
| Asseco DS / Certum: Corrupted certificates | 1511459 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-09-17T20:39:21Z |
| Asseco DS / Certum: EV certificate mis-issue | 1451228 | RESOLVED | Arkadiusz Ławniczak | [ca-compliance] | 2019-09-17T20:39:45Z |
| Asseco DS / Certum: EV Certificates issued with wrong Business Category | 1600301 | RESOLVED | Aleksandra Kapinos | [ca-compliance] | 2019-12-09T21:33:05Z |
| Asseco DS / Certum: Failure to provide a preliminary report within 24 hours. | 1667684 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2020-11-19T05:11:27Z |
| Asseco DS / Certum: inconsistent disclosure of externally-operated intermediate | 1567062 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-09-17T20:36:34Z |
| Asseco DS / Certum: Incorrect localityName | 1710206 | RESOLVED | Aleksandra Kurosz | [ca-compliance] | 2021-05-08T20:51:17Z |
| Asseco DS / Certum: Incorrect OCSP response encoding | 1639502 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2020-08-31T22:44:44Z |
| Asseco DS / Certum: Invalid dnsNames | 1524195 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-07-01T20:30:10Z |
| Asseco DS / Certum: Invalid stateOrProvinceName field | 1667986 | RESOLVED | Aleksandra Kurosz | [ca-compliance] | 2021-05-04T21:46:38Z |
| Asseco DS / Certum: Invalid value in SAN dNSName | 1611458 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2020-06-02T17:50:38Z |
| Asseco DS / Certum: IP in dnsName | 1524878 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-09-17T20:36:08Z |
| Asseco DS / Certum: non-audited intermediate certificate | 1579299 | RESOLVED | Aleksandra Kapinos | [ca-compliance] | 2019-12-09T23:40:59Z |
| Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys | 1435770 | RESOLVED | Arkadiusz Ławniczak | [ca-compliance] | 2019-09-17T20:39:51Z |
| Asseco DS / Certum: Overdue Audit Statements 2019 | 1566586 | RESOLVED | Wojciech Trapczyński | [ca-compliance] Overdue Audits for root certs | 2019-09-17T20:36:19Z |
| Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) | 1495518 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-09-17T20:35:32Z |
| Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm | 1518560 | RESOLVED | Wojciech Trapczyński | [ca-compliance] | 2019-02-19T17:42:51Z |
| ATOS: Incorrect OCSP Delegated Responder Certificate | 1649963 | RESOLVED | michael.schwieters | [ca-compliance] | 2020-07-26T03:07:46Z |
| Atos: Insufficient Serial Number Entropy | 1540961 | RESOLVED | michael.schwieters | [ca-compliance] | 2019-06-29T00:36:27Z |
| Atos: Tracking bug for possible audit delays | 1626355 | RESOLVED | michael.schwieters | [ca-compliance][audit-delay][covid-19] Next Update 1-Oct-2020 | 2020-10-31T16:58:05Z |
| Buypass: Insufficient Serial Number Entropy | 1539307 | RESOLVED | Mads Henriksveen | [ca-compliance] | 2019-06-28T16:36:43Z |
| Buypass: Intermediate certificates not listed in audit reports | 1595113 | RESOLVED | Mads Henriksveen | [ca-compliance] | 2020-04-01T04:10:26Z |
| Buypass: Missing NCA identifier in cabfOrganizationIdentifier in PSD2 QWACs | 1626078 | RESOLVED | Mads Henriksveen | [ca-compliance] | 2020-05-19T16:05:58Z |
| Buypass: PSD2 QWAC with RSA modulus not divisible by 8 | 1654216 | RESOLVED | Mads Henriksveen | [ca-compliance] Next Update 30-Sept-2020 | 2020-10-05T16:59:24Z |
| Camerfirma: audit gap | 1583470 | RESOLVED | Ana Lopes | [ca-compliance] | 2020-01-22T23:29:38Z |
| Camerfirma: certificate for unregistered domain cuatis.net | 1672423 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-01-22T18:40:48Z |
| Camerfirma: Certificate issued with 3-year lifespan, unknown policy | 1686524 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2021-03-19T18:12:54Z |
| Camerfirma: certificate with an incorrect OrganizationName | 1680083 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2021-02-12T17:41:59Z |
| Camerfirma: Certificates without CABForum OV Reserved Policy Identifier | 1685557 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:12:23Z |
| Camerfirma: Certs issued with same issuer and serial number | 1405815 | RESOLVED | Ramiro Muñoz Muñoz | [ca-compliance] | 2017-10-13T08:25:10Z |
| Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName | 1357067 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-10-13T16:52:00Z |
| Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant | 1688215 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:14:22Z |
| Camerfirma: EV Certificates issued with wrong Business Category | 1600114 | RESOLVED | Ana Lopes | [ca-compliance] | 2020-01-21T23:58:14Z |
| Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA | 1672029 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:14:46Z |
| Camerfirma: failure to revoke underscores | 1524871 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2019-09-10T22:27:44Z |
| Camerfirma: Incorrect disclosure of Intesa Sanpaolo sub-CA | 1672562 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-01-22T18:40:28Z |
| Camerfirma: Incorrect OCSP Delegated Responder Certificate | 1649944 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2020-08-07T14:43:47Z |
| Camerfirma: Inforcert misissued certificates | 1556806 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2019-12-14T00:12:41Z |
| Camerfirma: Intesa Sanpaolo misissued certificates | 1557085 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2019-08-03T03:38:32Z |
| Camerfirma: Invalid authorityKeyIdentifier - recurrent incident | 1623384 | RESOLVED | Ana Lopes | [ca-compliance] | 2020-08-07T15:01:41Z |
| Camerfirma: Invalid stateOrProvinceName field | 1667430 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:15:18Z |
| Camerfirma: Missing audit for Intermediate certificate | 1455147 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2018-08-08T00:29:24Z |
| Camerfirma: MULTICERT certificates with a validity period greater than 825 days | 1509002 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2019-04-16T22:52:13Z |
| Camerfirma: MULTICERT Misissuance and missing audits | 1502957 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2020-05-27T16:21:53Z |
| Camerfirma: MULTICERT organizationName Too Long | 1481862 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2019-04-16T22:53:44Z |
| Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy | 1534429 | RESOLVED | ca.forum | [ca-compliance] | 2019-08-14T07:30:49Z |
| CamerFirma: No disclosure of verification sources | 1688382 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:02:21Z |
| Camerfirma: Non-BR-Compliant Certificate Issuance | 1390977 | RESOLVED | Ramiro Muñoz Muñoz | [ca-compliance] | 2018-03-02T21:18:42Z |
| Camerfirma: Non-BR-Compliant Issuance - DNSName is empty | 1443857 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2018-05-17T17:52:09Z |
| Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field | 1431164 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2018-05-24T16:47:45Z |
| Camerfirma: Non-BR-Compliant OCSP Responders | 1426233 | RESOLVED | Ramiro Muñoz Muñoz | [ca-compliance] | 2018-01-04T17:04:02Z |
| Camerfirma: Old CAs with an RSA modulus size of 2047 bits | 1692533 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:16:09Z |
| Camerfirma: Outdated audit statements for intermediate certs | 1549861 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2020-01-21T23:17:59Z |
| Camerfirma: Potential Mis-Issuance based on CAA records | 1420871 | RESOLVED | Ramiro Muñoz Muñoz | [ca-compliance] | 2018-01-17T17:58:16Z |
| Camerfirma: Qualified Audit Statements | 1478933 | RESOLVED | Juan Angel Martin | [ca-compliance] | 2019-09-17T20:36:56Z |
| Camerfirma: suspicious certificate for com.com | 1672409 | RESOLVED | Ana Lopes | [ca-compliance] | 2021-03-19T18:12:39Z |
| Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate | 1532333 | RESOLVED | Eusebio Herrera | [ca-compliance] | 2020-01-18T00:07:12Z |
| Certicamara: Failure to respond to September 2018 CA Survey | 1498409 | RESOLVED | Leonardo Maldonado | [ca-compliance] | 2019-01-04T21:35:16Z |
| Certicamara: Undisclosed Intermediate certificates | 1455128 | RESOLVED | Leonardo Maldonado | [ca-compliance] | 2019-01-04T16:58:08Z |
| Certigna : certificates issued with 2 SCT | 1709896 | RESOLVED | Josselin Allemandou | [ca-compliance] | 2021-05-10T19:45:42Z |
| Certigna: Issuance without respecting CAA records | 1485413 | RESOLVED | Josselin Allemandou | [ca-compliance] | 2019-01-04T21:45:05Z |
| Certinomis: 174 certificates with unknown OCSP status | 1551390 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-23T19:05:03Z |
| Certinomis: certificate for test.com, O=Entreprise TEST | 1496088 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:08:46Z |
| Certinomis: certificates for an unregistered domain, with unknown OCSP status | 1544933 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-23T19:04:35Z |
| Certinomis: certificates with invalid DNS SAN | 1551357 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-23T19:03:16Z |
| Certinomis: certificates with space in dNSName SAN | 1539531 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-07T23:09:23Z |
| Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB | 1386891 | RESOLVED | Franck Leroy | [ca-compliance] | 2017-10-24T09:52:02Z |
| Certinomis: email address in DNS SAN | 1503128 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:07:55Z |
| Certinomis: invalid CDP extension | 1524451 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-14T00:00:43Z |
| Certinomis: invalid DNS names in SAN | 1524094 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:09:18Z |
| Certinomis: Invalid SAN in a certificate | 1542793 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-07T23:04:38Z |
| Certinomis: invalid state and locality fields in subject | 1524103 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-08-11T21:22:11Z |
| Certinomis: Invalid TLD in SAN | 1542328 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-23T19:04:05Z |
| Certinomis: misissued "test" certificates | 1524448 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:06:56Z |
| Certinomis: Non-BR-Compliant Certificate Issuance | 1390978 | RESOLVED | Franck Leroy | [ca-compliance] | 2017-11-29T14:19:25Z |
| Certinomis: O=POUR TEST in subject | 1524112 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:06:35Z |
| Certinomis: Unqualified Domain Name in SAN | 1495524 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:05:35Z |
| Certinomis: Use of Domain Validation Method 3.2.2.4.5 after August 1, 2018 | 1547072 | RESOLVED | François CHASSERY | [ca-compliance] | 2019-05-10T00:36:48Z |
| Certinomis: validity period >825 days | 1524449 | RESOLVED | Marc MAITRE | [ca-compliance] | 2019-05-23T19:07:29Z |
| Certinomis/Docapost: Failure to respond to January 2018 survey | 1439126 | RESOLVED | Franck Leroy | [ca-compliance] | 2018-05-24T00:15:29Z |
| Certinomis/Docapost: Non-BR-Compliant OCSP Responders | 1425998 | RESOLVED | Franck Leroy | [ca-compliance] | 2018-01-16T22:37:43Z |
| certSIGN: "Some-State" in stateOrProvinceName | 1551375 | RESOLVED | Cristian Garabet | [ca-compliance] | 2019-07-24T22:13:19Z |
| certSIGN: misissued an OV SSL certificate with no organizationName and localityName, instead of a DV SSL as requested by client | 1674886 | RESOLVED | Gabriel PETCU | [ca-compliance] | 2021-06-11T18:02:39Z |
| certSIGN: Non-BR-Compliant Certificate Issuance | 1390979 | RESOLVED | Cristian Garabet | [ca-compliance] [remediation-accepted] Next Update: 2017-10-01 | 2017-10-13T18:10:15Z |
| certSIGN: Non-BR-Compliant OCSP Responders | 1398243 | RESOLVED | Cristian Garabet | [ca-compliance] | 2018-02-07T18:05:33Z |
| CFCA: Internal iPAddress in certificate | 1524143 | RESOLVED | Jonathan Sun | [ca-compliance] | 2019-04-08T19:26:05Z |
| CFCA: invalid dnsNames | 1524733 | RESOLVED | Jonathan Sun | [ca-compliance] | 2020-02-06T02:00:17Z |
| CFCA: Invalid TLD in SAN | 1532429 | RESOLVED | Jonathan Sun | [ca-compliance] | 2019-06-28T20:27:26Z |
| CFCA: Missed CPS update publication on website in 2018 | 1565494 | RESOLVED | Oliver Bi | [ca-compliance] | 2019-08-15T14:06:59Z |
| CFCA: Repeated unexplained delays in providing timely status updates | 1613409 | RESOLVED | Oliver Bi | [ca-compliance] | 2020-04-01T03:52:42Z |
| CFCA: Wrong OrganizationName | 1608333 | RESOLVED | Oliver Bi | [ca-compliance] | 2020-01-17T22:48:22Z |
| CFCA: Wrong SerialNumber encoding | 1532559 | RESOLVED | Jonathan Sun | [ca-compliance] | 2020-08-07T15:02:25Z |
| Chunghwa Telecom: Audit Letter Validation failures on intermediate certificates | 1614444 | RESOLVED | Li-Chun CHEN | [ca-compliance] | 2020-02-12T20:50:55Z |
| Chunghwa Telecom: Test certificate with unregistered domain name | 1532436 | RESOLVED | Li-Chun CHEN | [ca-compliance] | 2020-11-11T05:11:23Z |
| Comodo CA issuing EV Certs without Higher Authority checks | 1501374 | RESOLVED | Robin Alden | [ca-compliance] | 2020-01-09T22:59:56Z |
| Comodo: CAA Mis-Issuance on basic test case | 1410834 | RESOLVED | Robin Alden | [ca-compliance] | 2018-05-23T22:19:09Z |
| Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN | 1420858 | RESOLVED | Rob Stradling | [ca-compliance] | 2017-12-06T15:51:14Z |
| Comodo: CAA Misissuance | 1398545 | RESOLVED | Rob Stradling | [ca-compliance] | 2017-12-06T16:36:39Z |
| Comodo: CAA misissuances due to race condition | 1423624 | RESOLVED | Rob Stradling | [ca-compliance] | 2017-12-20T14:53:35Z |
| Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation | 1461391 | RESOLVED | Robin Alden | [ca-compliance] | 2019-01-04T20:49:48Z |
| Comodo: Non-BR-Compliant Certificate Issuance | 1390981 | RESOLVED | Rob Stradling | [ca-compliance] | 2017-12-08T11:36:13Z |
| Comodo: Possible CAA Misissuance due against critical record | 1532313 | RESOLVED | Wayne Thayer | [ca-compliance] | 2019-03-04T19:19:44Z |
| Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) | 1420873 | RESOLVED | Rob Stradling | [ca-compliance] | 2017-12-06T17:53:07Z |
| Consorci AOC : Misissued certificates: commonName:organizationIdentifier attribute inclusion not conforming CABForum guidelines 1.6.9 | 1590723 | RESOLVED | Francesc Ferrer | [ca-compliance] | 2019-12-27T15:31:15Z |
| Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy | 1538673 | RESOLVED | Francesc Ferrer | [ca-compliance] | 2019-04-22T22:09:56Z |
| Consorci AOC: Insufficient Audit Statements | 1425805 | RESOLVED | Francesc Ferrer | [ca-compliance] | 2019-01-03T21:31:17Z |
| Consorci AOC: Non-BR-Compliant Certificate Issuance | 1390988 | RESOLVED | Francesc Ferrer | [ca-compliance] - Next Update - 01-July 2018 | 2018-08-01T18:33:24Z |
| Consorci AOC: Non-BR-Compliant OCSP Responders | 1398246 | RESOLVED | Francesc Ferrer | [ca-compliance] | 2018-10-12T17:25:25Z |
| Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert | 1428832 | RESOLVED | Francesc Ferrer | [ca-compliance] | 2018-01-09T16:46:49Z |
| Consorci AOC: Qualified audit statements | 1496616 | RESOLVED | Francesc Ferrer | [ca-compliance] CKA_NSS_SERVER_DISTRUST_AFTER | 2020-06-20T20:30:44Z |
| Cybertrust Japan: three test websites not provided | 1466252 | RESOLVED | masahiro.shikutani | [ca-compliance] - Next update 19-Oct-2018 | 2019-02-20T01:38:01Z |
| D-TRUST: Certificate with RSA key where modulus is not divisible by 8 | 1691117 | RESOLVED | Enrico Entschew | [ca-compliance] | 2021-03-11T17:46:23Z |
| D-TRUST: EV certificates with incorrectly used businessCategory entry | 1599561 | RESOLVED | Enrico Entschew | [ca-compliance] | 2019-12-24T22:29:12Z |
| D-TRUST: incorrectly formatted businessCategory entry | 1567588 | RESOLVED | Enrico Entschew | [ca-compliance] | 2019-12-03T03:43:35Z |
| D-TRUST: Issuance of non-conformant SSL certificate | 1610303 | RESOLVED | Enrico Entschew | [ca-compliance] - Next Update - 2-Oct-2020 | 2020-10-13T02:59:25Z |
| D-TRUST: Non-BR-Compliant Certificate Issuance | 1390990 | RESOLVED | Arno Fiedler | [ca-compliance] | 2019-04-02T00:52:50Z |
| D-TRUST: Precertificate OU > 64 Characters | 1563772 | RESOLVED | Enrico Entschew | [ca-compliance] | 2019-09-17T00:57:27Z |
| D-TRUST: Private Key Disclosed by Customer as Part of CSR | 1682270 | RESOLVED | Enrico Entschew | [ca-compliance] | 2021-02-26T18:02:39Z |
| D-TRUST: syntax error in one tls certificate | 1509512 | RESOLVED | Enrico Entschew | [ca-compliance] | 2019-02-20T01:22:27Z |
| D-TRUST: Wrong key usage (Key Encipherment) | 1647468 | RESOLVED | Enrico Entschew | [ca-compliance] | 2021-04-30T15:36:48Z |
| DFN-PKI: Finding in 2020 ETSI audit | 1672208 | RESOLVED | Jürgen Brauckmann | [ca-compliance] | 2020-12-09T18:25:56Z |
| Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days | 1667744 | RESOLVED | Josselin Allemandou | [ca-compliance] | 2021-03-31T21:53:57Z |
| Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB | 1451949 | RESOLVED | Josselin Allemandou | [ca-compliance] | 2018-04-10T16:06:01Z |
| Dhimyotis/Certigna: Unconstrained CAs missing audits | 1614821 | RESOLVED | Josselin Allemandou | [ca-compliance] | 2020-03-12T23:41:29Z |
| DigiCert / ABB: Issues with DN, country code and keyUsage | 1456655 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-09-15T22:39:25Z |
| DigiCert / CTJ: Metadata in OU fields, Reserved IP Address | 1397957 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-01-14T22:06:51Z |
| DigiCert / InfoCert: Insufficient Serial Number Entropy | 1397951 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-10-13T21:36:08Z |
| DigiCert / Inteso San Paulo: Double dot characters | 1397969 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-02-05T19:06:40Z |
| DigiCert / Justica: Invalid DNS names | 1397961 | RESOLVED | Jeremy Rowley | [ca-compliance] - Need updated audit statements for the subCA | 2018-06-25T18:42:27Z |
| DigiCert / Microsoft: inconsistent disclosure of externally-operated intermediate | 1647084 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-09-04T19:38:17Z |
| DigiCert / Siemens: Insufficient Serial Number Entropy | 1397954 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-10-12T12:59:18Z |
| DigiCert / Swiss Government: CommonName not in SANs | 1397965 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-09-20T05:36:53Z |
| DigiCert / Telecom Italia: Several Problems | 1397960 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-08-28T17:49:02Z |
| DigiCert / Terena: Metadata in OU fields | 1397958 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-09-20T05:13:05Z |
| DigiCert / Verizon: Reserved/Intranet domain name | 1397968 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-09-08T12:24:16Z |
| DigiCert / Wells Fargo: Invalid DNS names | 1397963 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-02-06T17:24:54Z |
| DigiCert OCSP services returns 1 byte | 1577014 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-10-22T17:58:50Z |
| DigiCert Onion Certs | 1447192 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-06-03T18:53:15Z |
| DigiCert Validation Scope Incident | 1556948 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-11-26T01:34:23Z |
| DigiCert: "Internet Widgits Pty Ltd" in organizationalUnitName | 1639032 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-08-02T21:05:31Z |
| DigiCert: "Some-State" in stateOrProvinceName | 1551363 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-09-06T16:43:47Z |
| DigiCert: & character in a printableString in ICA | 1593814 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-12-24T00:08:24Z |
| DigiCert: ABB greater than 825 day cert issuance | 1451446 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-02-15T21:24:46Z |
| DigiCert: Apple: Non-compliant Common Name Length | 1556906 | RESOLVED | certification_authority | [ca-compliance] | 2019-12-24T18:05:07Z |
| DigiCert: Apple: Non-compliant Serial Numbers | 1533655 | RESOLVED | certification_authority | [ca-compliance] | 2019-07-20T00:56:21Z |
| DigiCert: Apple: Precertificates without corresponding certificates return OCSP value of "unknown" | 1582519 | RESOLVED | certification_authority | [ca-compliance] | 2019-10-05T00:06:34Z |
| DigiCert: Apple: Unconstrained CAs not included in WTBR report | 1575125 | RESOLVED | Wayne Thayer | [ca-compliance] | 2019-10-18T18:53:56Z |
| Digicert: CAA Checking Issue | 1550645 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-05-22T18:03:15Z |
| DigiCert: Certificate Issues Identified on the Mailing List | 1389172 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-09-20T05:01:50Z |
| Digicert: delayed publication of revocation information | 1640805 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-08-05T20:53:27Z |
| DigiCert: DigiCert issued cert with CN too long | 1353827 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-09-21T04:55:30Z |
| DigiCert: Domain validation skipped | 1595921 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-01-24T00:36:19Z |
| DigiCert: ECCE 001 issuing certificates without subject alternative name extension | 1262610 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-04-26T19:23:50Z |
| DigiCert: Entity not verified in organizationalUnitName | 1676003 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-11-30T04:05:07Z |
| DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days | 1563573 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-02-01T20:20:19Z |
| DigiCert: Failure to find and revoke key-compromised certificates within 24 hours | 1693343 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2021-03-19T18:02:46Z |
| DigiCert: Failure to properly encode Subject name | 1618256 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-04-06T13:50:30Z |
| DigiCert: Failure to provide a preliminary report within 24 hours. | 1649277 | RESOLVED | Brenda Bernal | [ca-compliance] Next Update 1-October-2020 | 2020-10-31T16:55:39Z |
| DigiCert: Failure to revoke invalid serialNumber EV certificates within 5 days | 1646866 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-06-20T20:27:56Z |
| Digicert: Failure to revoke key-compromised certificate | 1639802 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-07-06T21:46:55Z |
| Digicert: Failure to revoke key-compromised certificates within 24 hours | 1639801 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-11-19T18:14:55Z |
| DigiCert: Failure to supervise ABB Subordinate CA | 1566162 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-09-15T22:55:08Z |
| DigiCert: Good OCSP Responses for Revoked Intermediates | 1523676 | RESOLVED | Ben Wilson | [ca-compliance] | 2019-04-04T18:12:09Z |
| DigiCert: improper domain validation | 1483715 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-11-16T22:57:12Z |
| DigiCert: in-addr.arpa Misissuance | 1531817 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-07-01T22:43:48Z |
| DigiCert: Inconsistent EV audits | 1650910 | RESOLVED | Brenda Bernal | [ca-compliance] - Next Update - 21-Sept-2020 | 2020-10-07T15:37:03Z |
| DigiCert: Incorrect OCSP Delegated Responder Certificate | 1649951 | RESOLVED | Martin Sullivan | [ca-compliance] | 2021-03-11T17:45:11Z |
| DigiCert: Insufficient entropy in serial numbers | 1417777 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-11-28T12:19:34Z |
| DigiCert: Intermediate Cert(s) not disclosed in CCADB | 1451950 | RESOLVED | Ben Wilson | [ca-compliance] | 2018-10-12T19:24:48Z |
| Digicert: Internal Domain Name cert mis-issuance | 1500621 | RESOLVED | Brenda Bernal | [ca-compliance] | 2018-11-16T23:02:54Z |
| DigiCert: Invalid Country Code Issuance | 1465600 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-06-28T20:18:33Z |
| DigiCert: Invalid localityName | 1710856 | RESOLVED | Brenda Bernal | [ca-compliance] | 2021-06-03T01:12:56Z |
| DigiCert: Invalid stateOrProvinceName | 1710444 | RESOLVED | Brenda Bernal | [ca-compliance] | 2021-06-03T01:12:41Z |
| DigiCert: IP in dnsName | 1524875 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-05-17T22:05:40Z |
| DigiCert: Issuance of Cert with Compromised Key | 1624527 | RESOLVED | Jeremy Rowley | [ca-compliance] Next Update - 1-June 2020 | 2020-07-20T20:40:17Z |
| DigiCert: JOI Issue | 1576013 | RESOLVED | Jeremy Rowley | [ca-compliance] Next Update - 1-Oct-2020 | 2020-11-13T18:43:00Z |
| Digicert: Key Size Not Divisible By 8 | 1653475 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-08-02T21:08:14Z |
| Digicert: KPN Outdated Audit | 1539296 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-06-29T00:30:54Z |
| DigiCert: Malformed ICA | 1654967 | RESOLVED | Martin Sullivan | [ca-compliance] | 2020-12-15T17:23:43Z |
| DigiCert: Mis-issuance of certificate with https in CN/SAN | 1445857 | RESOLVED | Ben Wilson | [ca-compliance] | 2019-09-18T20:09:52Z |
| DigiCert: Missed Underscore Certificate Revocations | 1526154 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-04-25T00:24:49Z |
| DigiCert: Missing audits for Intermediate certificates | 1455150 | RESOLVED | Ben Wilson | [ca-compliance] | 2018-08-16T21:53:08Z |
| DigiCert: no subject alternative name in Siemens certs | 1017157 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-04-26T19:23:50Z |
| DigiCert: Non-audited, non-technically-constrained intermediate certs | 1368176 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-09-18T14:26:46Z |
| DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID | 1339339 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-04-26T19:23:50Z |
| DigiCert: Non-BR-Compliant OCSP Responders | 1398269 | RESOLVED | Jeremy Rowley | [ca-compliance] - Next Update - 30-April 2018 | 2018-06-21T17:23:31Z |
| DigiCert: OCSP NextUpdate | 1627152 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-05-19T16:02:00Z |
| DigiCert: OCSP responder returning invalid responses | 1662346 | RESOLVED | Martin Sullivan | [ca-compliance] Next Update - 15-Oct 2020 | 2020-10-21T16:20:52Z |
| DigiCert: P-384,ecdsa-with-SHA512 Certificates | 1527423 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-07-18T00:25:43Z |
| DigiCert: Private Keys Disclosed by Customers as Part of CSR | 1675684 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-12-15T17:24:08Z |
| DigiCert: Revoked intermediate certificates not in CRL | 1548719 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-08-06T17:44:41Z |
| Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance | 1436173 | RESOLVED | Ben Wilson | [ca-compliance] | 2018-08-22T17:52:32Z |
| DigiCert: SHA-1 intermediate issued after 2016-01-01 | 1684442 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2021-03-07T05:37:20Z |
| DigiCert: SHA-256 hash algorithm used with ECC P-384 key | 1664325 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-09-16T10:25:55Z |
| DigiCert: Symantec non-constrained/non-disclosed intermediates | 1417771 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-08-27T14:00:16Z |
| DigiCert: TERENA: No localityName in EV precert | 1586604 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-10-09T00:18:43Z |
| DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension | 1304895 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-06-20T16:23:52Z |
| DigiCert: Underscore character certificates | 1515564 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2018-12-21T17:59:51Z |
| DigiCert: Underscores - Canadian Imperial Bank of Commerce | 1516561 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-02-26T22:13:42Z |
| DigiCert: Underscores - Citi | 1517617 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-07-31T23:48:03Z |
| DigiCert: Underscores - CVS Pharmacy | 1515788 | RESOLVED | Brenda Bernal | [ca-compliance] Next Update - 8-February 2019 | 2019-02-15T19:24:57Z |
| DigiCert: Underscores - Discover | 1516453 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-02-15T19:25:18Z |
| DigiCert: Underscores - Ericsson | 1516599 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-07-31T23:48:08Z |
| DigiCert: Underscores - Intuit | 1519572 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-05-01T23:26:22Z |
| DigiCert: Underscores - Verizon | 1516545 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-03-03T20:28:38Z |
| Digicert: Undisclosed CAs -Federated Trust CA-1 | 1499585 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-11-01T17:24:34Z |
| DigiCert: Unrevocation of BT Class 2 CA - G2 CA Certificate | 1442091 | RESOLVED | Ben Wilson | [ca-compliance] | 2019-09-18T20:25:47Z |
| DigiCert: Use of forbidden subjectPublicKeyInfo algorithm | 1518555 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-01-15T18:25:22Z |
| DigiCert: Verizon CPS lacks problem reporting instructions | 1596931 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-12-03T03:16:58Z |
| DigiCert: Verizon mis-issued test certificates | 1335132 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-11-28T10:37:09Z |
| DigiCert: Verizon: "Default City" in Subject:localityName | 1548716 | RESOLVED | Brenda Bernal | [ca-compliance] | 2019-05-20T22:42:46Z |
| DigiCert: WTCA / WTBR Audit 2019 - Matters to be resolved | 1613505 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-05-19T20:55:03Z |
| Digicert/Symantec: EV JOI Issue | 1413761 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-11-28T12:18:04Z |
| DigiCert/Verizon: Qualified 2019 Audit Statements | 1573937 | RESOLVED | Brenda Bernal | [ca-compliance] | 2020-02-02T00:56:06Z |
| DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN | 1420861 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2017-11-30T22:14:19Z |
| Disig: Failure to provide a preliminary report within 24 hours. | 1670458 | RESOLVED | Peter Miskovic | [ca-compliance] | 2021-01-22T19:06:22Z |
| Disig: Non-BR-Compliant Certificate Issuance | 1390991 | RESOLVED | Peter Miskovic | [ca-compliance] [remediation-accepted] Next Update - 2017-10 | 2018-02-09T22:09:08Z |
| Disig: Non-BR-Compliant OCSP Responders | 1398242 | RESOLVED | Peter Miskovic | [ca-compliance] | 2018-05-23T21:13:21Z |
| Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea | 1451578 | RESOLVED | Wayne Thayer | [ca-compliance] - Government of Korea GPKI | 2018-09-07T21:08:26Z |
| DocuSign/Keynectis: Missing BR Self Assessment | 1458038 | RESOLVED | Erwann Abalea | [ca-compliance] | 2019-01-04T20:57:58Z |
| DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance | 1390994 | RESOLVED | Erwann Abalea | [ca-compliance] | 2017-12-01T13:23:51Z |
| DocuSign/Keynectis: Non-BR-Compliant OCSP Responders | 1398247 | RESOLVED | Erwann Abalea | [ca-compliance] | 2019-01-03T21:15:06Z |
| DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates | 1444455 | RESOLVED | Erwann Abalea | [ca-compliance] | 2019-01-03T21:39:32Z |
| DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA | 1447497 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-03-23T23:33:01Z |
| DocuSign/Keynectis: Undisclosed Intermediate certificate | 1497700 | RESOLVED | Erwann Abalea | [ca-compliance] | 2019-01-04T22:10:37Z |
| DSV-Gruppe: Failure to respond to January 2018 survey | 1439129 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-05-08T00:00:16Z |
| E-Tugra: audit delay because of an environmental disaster/pandemic | 1659426 | RESOLVED | Davut Tokgöz | [ca-compliance][audit-delay][covid-19] | 2020-11-04T05:01:41Z |
| E-Tugra: commonName not in SAN | 1687139 | RESOLVED | Davut Tokgöz | [ca-compliance] Next Update 2021-03-05 | 2021-04-07T14:03:03Z |
| E-Tugra: Delayed Response of Revocation Request | 1687513 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2021-04-07T14:01:54Z |
| E-Tugra: Failure to respond to January 2018 survey | 1439128 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2018-05-30T23:13:01Z |
| E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString | 1462797 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2019-02-20T16:59:33Z |
| E-Tugra: Insufficient serial number entropy | 1542302 | RESOLVED | Davut Tokgöz | [ca-compliance] - Next Update | 2019-05-01T23:30:32Z |
| E-Tugra: Intermittent OCSP response with status 'Unknown' | 1687330 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2021-04-07T14:02:49Z |
| E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit | 1582601 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2019-11-02T17:54:54Z |
| E-Tugra: Validity period > 825 days | 1449371 | RESOLVED | Davut Tokgöz | [ca-compliance] | 2018-04-20T21:23:08Z |
| EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate | 1397830 | RESOLVED | Raúl Santisteban | [ca-compliance] | 2019-09-17T21:48:45Z |
| eMudhra: emSign CA ECC Test Certificate Misissuance | 1665688 | RESOLVED | Vijay Kumar | [ca-compliance] | 2020-10-16T19:20:11Z |
| Entrust: AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue | 1536287 | RESOLVED | Dathan Demone | [ca-compliance] | 2019-09-17T20:40:52Z |
| Entrust: Certificate issued with '-' in ST field | 1512018 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-05-15T00:11:12Z |
| Entrust: Certificate Issued with Incorrect Country Code | 1559376 | RESOLVED | Dathan Demone | [ca-compliance] | 2019-09-05T23:58:08Z |
| Entrust: Certificate issued with validity greater than 825-days | 1561013 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-12-24T22:26:01Z |
| Entrust: EV Certificates Issued with Business Category "Non-Commercial" when it should have been set to "Private Organization" | 1599484 | RESOLVED | Dathan Demone | [ca-compliance] | 2020-02-08T05:21:50Z |
| Entrust: Failure to provide a preliminary report within 24 hours. | 1667690 | RESOLVED | Dathan Demone | [ca-compliance] | 2021-01-27T19:45:01Z |
| Entrust: Incorrect keyUsage for ECC certificate | 1667448 | RESOLVED | Bruce Morton | [ca-compliance] | 2020-10-31T16:58:21Z |
| Entrust: Invalid data in commonName fields | 1675295 | RESOLVED | Bruce Morton | [ca-compliance] | 2020-11-04T17:30:34Z |
| Entrust: Invalid data in State/Province Field | 1658792 | RESOLVED | Dathan Demone | [ca-compliance] Next Update 2021-04-01 | 2021-06-07T16:27:16Z |
| Entrust: IP Address in dNSName form | 1448986 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-09-17T20:40:58Z |
| Entrust: IP in dnsName | 1524876 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-03-01T16:09:50Z |
| Entrust: Issued Certificates to incorrect Organization | 1535735 | RESOLVED | Dathan Demone | [ca-compliance] | 2019-09-17T20:41:05Z |
| Entrust: Late mis-issue certificate revocation | 1520876 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-02-20T01:28:10Z |
| Entrust: Late revocation of underscore certificate | 1521520 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-02-01T03:45:24Z |
| Entrust: Non-BR-Compliant Certificate Issuance | 1390996 | RESOLVED | Kirk Hall | [ca-compliance] [remediation-accepted] Next Update - 2017-11 | 2017-12-01T11:53:40Z |
| Entrust: Non-BR-Compliant OCSP Responder | 1428891 | RESOLVED | Bruce Morton | [ca-compliance] | 2018-01-26T02:43:12Z |
| Entrust: Outdated audit statement for intermediate cert | 1549862 | RESOLVED | Bruce Morton | [ca-compliance] | 2020-01-21T23:23:33Z |
| Entrust: Printable String Constraint Failure | 1635096 | RESOLVED | Bruce Morton | [ca-compliance] Next Update 21-Sept-2020 | 2020-10-05T20:41:09Z |
| Entrust: Question marks in certificate O and L fields | 1552562 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-06-28T16:25:38Z |
| Entrust: S/MIME Certificate Issued with Incorrect Policy OID | 1627346 | RESOLVED | Bruce Morton | [ca-compliance] - Next Update - 1-June 2020 | 2020-05-22T19:53:06Z |
| Entrust: SHA-1 Issuance and other misissuance while testing | 1567659 | RESOLVED | Bruce Morton | [ca-compliance] | 2019-09-16T18:16:45Z |
| Entrust: Subscriber provides private key with CSR | 1673119 | RESOLVED | Bruce Morton | [ca-compliance] | 2020-12-11T17:39:47Z |
| Firmaprofesional / SIGNE: No BR Audit for subCA technically capable of issuing TLS certs | 1586115 | RESOLVED | chemalogo | [ca-compliance] - Missing BR Audit | 2019-10-28T18:07:08Z |
| Firmaprofesional: 2019 audit Finding #1 - 6.2 Identification and Authorization | 1610448 | RESOLVED | chemalogo | [ca-compliance] | 2020-02-07T03:22:39Z |
| Firmaprofesional: 2019 audit Finding #2 - 6.4 Facility, management, and operational controls | 1612929 | RESOLVED | chemalogo | [ca-compliance] | 2020-02-07T03:23:43Z |
| Firmaprofesional: 2019 Audit Report Findings | 1606380 | RESOLVED | chemalogo | [ca-compliance] | 2020-05-22T17:00:41Z |
| Firmaprofesional: 2020 Audit Report Finding 1 out of 4 | 1649502 | RESOLVED | chemalogo | [ca-compliance] | 2020-09-21T15:52:44Z |
| Firmaprofesional: 2020 Audit Report Finding 2 out of 4 | 1649679 | RESOLVED | Maria Jose Prieto | [ca-compliance] | 2020-11-09T17:26:20Z |
| Firmaprofesional: 2020 Audit Report Finding 3 out of 4 | 1649724 | RESOLVED | Maria Jose Prieto | [ca-compliance] | 2020-09-21T15:51:51Z |
| Firmaprofesional: 2020 Audit Report Finding 4 out of 4 | 1649726 | RESOLVED | Maria Jose Prieto | [ca-compliance] | 2021-02-08T17:31:56Z |
| Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy | 1538638 | RESOLVED | chemalogo | [ca-compliance] | 2020-01-13T19:34:16Z |
| Firmaprofesional: Incorrect OCSP Delegated Responder Certificate | 1649943 | RESOLVED | chemalogo | [ca-compliance] | 2020-08-07T14:39:07Z |
| Firmaprofesional: incorrect reserved CA/B Forum OIDs in certificates | 1700145 | RESOLVED | chemalogo | [ca-compliance] | 2021-06-11T17:42:13Z |
| Firmaprofesional: Insufficient Audit Statements | 1412950 | RESOLVED | Oscar Conesa | [ca-compliance] | 2019-07-05T11:51:32Z |
| Firmaprofesional: Missing BR Self Assessment | 1458064 | RESOLVED | chemalogo | [ca-compliance] | 2018-05-23T18:42:58Z |
| Firmaprofesional: Non-audited, non-technically-constrained intermediate certs | 1368171 | RESOLVED | Oscar Conesa | [ca-compliance] | 2017-10-13T21:42:23Z |
| Firmaprofesional: Non-BR-Compliant OCSP Responders | 1398240 | RESOLVED | chemalogo | [ca-compliance] | 2018-05-04T00:32:43Z |
| Firmaprofesional: Undisclosed Intermediate certificate | 1455119 | RESOLVED | chemalogo | [ca-compliance] | 2019-01-03T22:38:48Z |
| Firmaprofesional: Undisclosed Intermediate certificate SDS | 1464359 | RESOLVED | Wayne Thayer | [ca-compliance] | 2019-09-18T21:20:11Z |
| Firmaprofesional: Undisclosed Intermediate certificate SIGNE | 1464335 | RESOLVED | Wayne Thayer | [ca-compliance] | 2019-09-18T21:20:32Z |
| FNMT: Issuance of QCP-n certificates without verifying identity | 1693304 | RESOLVED | alain | [ca-compliance] | 2021-03-26T15:19:34Z |
| FNMT: Minor non-conformities in 2020 audit statement | 1626805 | RESOLVED | alain | [ca-compliance] | 2020-07-09T08:09:13Z |
| FNMT: Minor non-conformities in 2021 audit statement | 1704199 | RESOLVED | Brox | [ca-compliance] | 2021-04-30T15:37:06Z |
| GDCA: Authentication of Organization Identity Failure for an OV Certificate | 1546253 | RESOLVED | capoc | [ca-compliance] | 2019-08-11T00:30:23Z |
| GDCA: Insufficient Serial Number Entropy | 1536831 | RESOLVED | capoc | [ca-compliance] | 2019-06-29T00:35:52Z |
| GDCA: Misissuance of certificates with IP address | 1475563 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-07-18T17:09:49Z |
| GDCA: Misissuance of certificates with small RSA keys | 1467414 | RESOLVED | capoc | [ca-compliance] - Next Update - 20-June 2018 | 2019-09-18T21:22:42Z |
| GDCA:Incorrect Value in organizationName Field | 1662382 | RESOLVED | capoc | [ca-compliance] | 2020-10-05T21:21:27Z |
| GlobalSign - Wrong business category (Non Commercial Entity when should have been Private Organization) | 1599775 | RESOLVED | Eva Van Steenberge | [ca-compliance] | 2020-01-22T21:52:19Z |
| GlobalSign: 4 Misissued certificates with invalid CN | 1552586 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-08-11T04:15:08Z |
| GlobalSign: AT&T Insufficient Serial Number Entropy | 1535873 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-04-24T20:39:18Z |
| GlobalSign: AT&T SSL certificates without the AIA extension | 1547691 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-09-15T23:08:05Z |
| GlobalSign: Certificate issued with RSASSA-PSS public key | 1630870 | RESOLVED | Paul Brown | [ca-compliance] Next update - 30-June, 2020 | 2020-07-06T20:09:56Z |
| GlobalSign: Certificates with RSA keys where modulus is not divisible by 8 | 1654896 | RESOLVED | Arvid Vermote | [ca-compliance] | 2020-11-04T04:56:50Z |
| GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs | 1650018 | RESOLVED | Arvid Vermote | [ca-compliance] | 2020-09-14T12:32:36Z |
| GlobalSign: Empty SingleExtension in OCSP responses | 1667944 | RESOLVED | Paul Brown | [ca-compliance] | 2021-03-07T05:38:12Z |
| GlobalSign: Failure to provide a preliminary report within 24 hours | 1668005 | RESOLVED | Arvid Vermote | [ca-compliance] | 2020-11-20T21:50:35Z |
| Globalsign: Failure to revoke key-compromised certificate within 24 hours | 1639799 | RESOLVED | Arvid Vermote | [ca-compliance] Next Update - 12-June 2020 | 2020-06-18T18:09:45Z |
| GlobalSign: Incorrect Jurisdiction of Incorporation information for Japan | 1658932 | RESOLVED | Eva Van Steenberge | [ca-compliance] Next Update - 1-Oct-2020 | 2020-10-16T19:19:41Z |
| GlobalSign: Invalid stateOrProvinceName value | 1668007 | RESOLVED | Arvid Vermote | [ca-compliance] | 2021-02-12T17:42:50Z |
| GlobalSign: IP in dnsName | 1524877 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-02-21T22:38:00Z |
| GlobalSign: Misissuance of QWAC Certificates | 1623356 | RESOLVED | douglas.beattie | [ca-compliance] | 2020-07-26T03:06:56Z |
| GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields | 1390997 | RESOLVED | Linus Hallberg | [ca-compliance] [remediation-accepted] | 2017-09-05T19:52:28Z |
| GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName | 1393555 | RESOLVED | Linus Hallberg | [ca-compliance] | 2017-12-05T15:44:16Z |
| GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits | 1393557 | RESOLVED | Linus Hallberg | [ca-compliance] | 2017-11-22T14:44:37Z |
| GlobalSign: OCSP Responder Returns invalid values for Some Precertificates | 1579413 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-10-05T00:04:20Z |
| GlobalSign: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request | 1605372 | RESOLVED | douglas.beattie | [ca-compliance] | 2020-03-07T01:20:18Z |
| GlobalSign: OCSP Status HTTP 530 | 1622505 | RESOLVED | Arvid Vermote | [ca-compliance] | 2020-08-16T23:17:07Z |
| GlobalSign: RSA-1024 leaf certificate issued after 2013-12-31 | 1690807 | RESOLVED | Eva Van Steenberge | [ca-compliance] | 2021-05-07T15:32:19Z |
| GlobalSign: SHA-256 hash algorithm used with ECC P-384 key | 1664328 | RESOLVED | Arvid Vermote | [ca-compliance] Next Update 2021-03-05 | 2021-03-11T17:45:33Z |
| GlobalSign: SPKI lacks explicit NULL parameter, | 1554259 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-08-10T23:46:27Z |
| GlobalSign: SSL Certificates with US country code and invalid State/Prov | 1575880 | RESOLVED | douglas.beattie | [ca-compliance] - Next Update 2021-01-15 | 2021-01-27T19:44:24Z |
| GlobalSign: Use of Domain Validation Random Value for more than 30 days | 1654544 | RESOLVED | Arvid Vermote | [ca-compliance] | 2020-09-09T22:50:55Z |
| GlobalSign: Virginia Tech Insufficient Serial Number Entropy | 1536760 | RESOLVED | douglas.beattie | [ca-compliance] | 2019-04-08T19:20:07Z |
| GoDaddy: Document Reuse Issue | 1646226 | RESOLVED | Daniela Hood | [ca-compliance] | 2020-07-24T00:20:59Z |
| GoDaddy: Agreed-Upon Website Domain Validation Issue | 1647030 | RESOLVED | Daniela Hood | [ca-compliance] | 2020-08-07T15:00:53Z |
| GoDaddy: Certificates issued with validity periods greater than 398-days | 1662807 | RESOLVED | Joanna | [ca-compliance] Next Update 2021-01-11 | 2021-02-26T16:29:24Z |
| GoDaddy: cross certificate disclosure to CCADB | 1572234 | RESOLVED | Joanna | [ca-compliance] | 2020-01-22T22:47:55Z |
| GoDaddy: Domain Validation Reuse Issue | 1605804 | RESOLVED | Joanna | [ca-compliance] - Next Update - 1-June 2020 | 2020-06-29T04:06:45Z |
| GoDaddy: DV certificates with organizationalUnit field in subject | 1662810 | RESOLVED | Joanna | [ca-compliance] | 2020-10-13T02:58:39Z |
| GoDaddy: Expired CRLs | 1645832 | RESOLVED | Daniela Hood | [ca-compliance] Next Update - 2021-01-01 | 2021-03-30T21:13:18Z |
| GoDaddy: Failure to respond to January 2018 survey | 1439123 | RESOLVED | Daymion Reynolds | [ca-compliance] | 2018-02-26T16:07:07Z |
| GoDaddy: Failure to revoke certificate with compromised key within 24 hours | 1640310 | RESOLVED | Daniela Hood | [ca-compliance] | 2020-11-17T22:52:46Z |
| GoDaddy: Failure to revoke key-compromised certificates within 24 hours | 1639798 | RESOLVED | Joanna | [ca-compliance] | 2020-07-08T17:39:35Z |
| GoDaddy: failure to revoke underscores | 1524815 | RESOLVED | Joanna | [ca-compliance] | 2019-12-24T19:18:40Z |
| GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString | 1462844 | RESOLVED | Daymion Reynolds | [ca-compliance] | 2019-01-09T23:36:41Z |
| GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority | 988633 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-09-20T01:27:06Z |
| GoDaddy: inconsistent disclosure of externally-operated intermediate | 1567061 | RESOLVED | Joanna | [ca-compliance] | 2020-01-23T23:41:23Z |
| GoDaddy: Insufficient serial number entropy | 1533774 | RESOLVED | Joanna | [ca-compliance] | 2020-01-24T19:57:36Z |
| GoDaddy: Issues with State and Country fields | 1577913 | RESOLVED | Joanna | [ca-compliance] | 2020-01-22T23:32:26Z |
| GoDaddy: Non-BR-Compliant Certificate Issuance | 1391429 | RESOLVED | Daymion Reynolds | [ca-compliance] [remediation-accepted] Next Update - 2017-11-30 | 2017-12-01T10:21:56Z |
| GoDaddy: Random Value Vulnerability in Domain Validation | 1484766 | RESOLVED | Daymion Reynolds | [ca-compliance] | 2019-01-04T21:39:07Z |
| Google Trust Services: 63 bit serial numbers in some certificates | 1532842 | RESOLVED | ryan_hurst | [ca-compliance] | 2019-07-15T19:03:22Z |
| Google Trust Services: Certificates not disclosed in CCADB | 1667844 | RESOLVED | Ryan Hurst | [ca-compliance] | 2020-12-11T17:40:06Z |
| Google Trust Services: CRL handling of expired certificates not fully compliant with RFC 5280 Section 3.3 | 1581183 | RESOLVED | Andy Warner | [ca-compliance] | 2020-01-22T23:55:09Z |
| Google Trust Services: digitalSignature KeyUsage not set | 1652581 | RESOLVED | Andy Warner | [ca-compliance] | 2021-06-11T18:03:27Z |
| Google Trust Services: Improper OCSP response for intermediate certificate | 1522975 | RESOLVED | kluge | [ca-compliance] | 2019-09-17T20:41:46Z |
| Google Trust Services: Incorrect revocation data temporarily served for GTS Y3 & Y4 | 1634795 | RESOLVED | Andy Warner | [ca-compliance] | 2020-08-07T15:03:09Z |
| Google Trust Services: Invalid ASN.1 encoding of singleExtensions in OCSP responses | 1678183 | RESOLVED | Andy Warner | [ca-compliance] | 2021-06-07T18:21:18Z |
| google Trust Services: invalid curve-hash combination | 1612389 | RESOLVED | Andy Warner | [ca-compliance] | 2020-04-14T22:03:37Z |
| Google Trust Services: Invalid OCSP responses | 1630079 | RESOLVED | Andy Warner | [ca-compliance] | 2020-04-15T04:39:52Z |
| Google Trust Services: OCSP serving issue 2020-04-09 | 1630040 | RESOLVED | Andy Warner | [ca-compliance] | 2020-05-21T03:41:19Z |
| Google Trust Services: Out-of-date CPS disclosure | 1706976 | RESOLVED | Andy Warner | [ca-compliance] | 2021-04-28T16:47:33Z |
| Google Trust Services: Tracking bug for possible audit delays (audit due 2020-12) | 1625498 | RESOLVED | kluge | [ca-compliance] [audit-delay] [covid-19] | 2020-09-21T16:14:51Z |
| Government of Spain (ACCV): Late Audit Statement | 1507862 | RESOLVED | Jose Amador | [ca-compliance] | 2019-01-02T23:09:35Z |
| Government of Spain (ACCV): Missing BR Self Assessment | 1458042 | RESOLVED | Jose Amador | [ca-compliance] | 2018-05-23T18:41:53Z |
| Government of Spain FNMT: CP/CPS lack CAA processing details | 1596949 | RESOLVED | alain | [ca-compliance] | 2019-12-17T18:09:07Z |
| Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. | 1544586 | RESOLVED | alain | [ca-compliance] | 2020-03-27T17:54:20Z |
| Government of Spain FNMT: OU exceeds 64 characters | 1495507 | RESOLVED | Rafa Medina | [ca-compliance] Next Update - 1-February 2019 | 2020-03-17T17:40:20Z |
| Government of Spain FNMT: QC Statement that contains at least one of the ETSI ESI statements | 1625421 | RESOLVED | alain | [ca-compliance] | 2020-03-30T18:07:53Z |
| GRCA: Audit Letter Validation failures on intermediate certificates | 1614448 | RESOLVED | National Development Council | [ca-compliance] | 2020-07-29T22:50:35Z |
| GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions | 1523221 | RESOLVED | National Development Council | [ca-compliance] | 2020-02-05T03:47:39Z |
| GRCA: Misissued certificates: Invalid commonName, commonName not in SAN | 1463975 | RESOLVED | National Development Council | [ca-compliance] Next Update 1-October 2020 CKA_NSS_SERVER_DISTRUST_AFTER | 2020-10-05T20:37:45Z |
| GRCA: Signing SHA-1 OCSP responses with unconstrained certificate | 1397832 | RESOLVED | National Development Council | [ca-compliance] | 2017-11-28T11:47:07Z |
| HARICA: 3 EV TLS Certificates without L or ST | 1597135 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2019-12-04T18:07:24Z |
| HARICA: Certificates with invalid policy tree | 1699796 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2021-04-19T15:52:58Z |
| HARICA: Incorrect OCSP Delegated Responder Certificate | 1649945 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] Next update 2020-11-18 | 2020-12-09T18:27:02Z |
| HARICA: Insufficient serial number entropy | 1535509 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2019-03-29T07:03:19Z |
| HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates | 1580393 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2019-10-05T00:06:04Z |
| Harica: P-384,ecdsa-with-SHA256 Certificates | 1530971 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2019-05-02T08:20:27Z |
| HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates | 1535772 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] | 2019-04-19T16:55:13Z |
| Hongkong Post / Certizen: Failure to report misissuance | 1520299 | RESOLVED | Man Ho | [ca-compliance] | 2019-12-24T18:01:19Z |
| IdenTrust / ISRG: Inconsistent Disclosure of Externally-Operated Intermediate | 1671410 | RESOLVED | IdenTrust | [ca-compliance] | 2021-01-22T19:05:22Z |
| Identrust: Discrepancy in values of address fields within CN of SSL Certificates | 1526099 | RESOLVED | IdenTrust | [ca-compliance] | 2019-07-01T20:22:40Z |
| Identrust: Failure to disclose Unconstrained intermediate Within 7 Days | 1542082 | RESOLVED | IdenTrust | [ca-compliance] | 2019-08-11T00:36:21Z |
| IdenTrust: Improper encoding of wildcard certificate | 1446121 | RESOLVED | IdenTrust | [ca-compliance] | 2018-08-13T20:35:15Z |
| Identrust: Incorrect Subject Details for HydrantId | 1635279 | RESOLVED | IdenTrust | [ca-compliance] - Next Update - 1-October 2020 | 2020-10-13T02:58:12Z |
| Identrust: Internal names / failure to report | 1500593 | RESOLVED | IdenTrust | [ca-compliance] | 2019-01-04T22:15:28Z |
| IdenTrust: Invalid OCSP Response Held in Cache | 1678410 | RESOLVED | IdenTrust | [ca-compliance] | 2021-04-19T16:07:43Z |
| IdenTrust: Issuance of certificates greater than 398 days | 1663080 | RESOLVED | IdenTrust | [ca-compliance] | 2021-06-11T18:04:14Z |
| Identrust: Issuance of Subordinate CA’s Without EKU | 1669594 | RESOLVED | IdenTrust | [ca-compliance] | 2021-01-27T19:41:38Z |
| IdenTrust: Missing Thumbprints In Some Annual Audit Reports | 1588213 | RESOLVED | IdenTrust | [ca-compliance] | 2020-06-05T23:27:28Z |
| IdenTrust: Non-BR-Compliant Certificate Issuance | 1391000 | RESOLVED | Vishvas Patel | [ca-compliance] | 2017-10-13T16:09:23Z |
| IdenTrust: Non-BR-Compliant OCSP Responders | 1398255 | RESOLVED | Vishvas Patel | [ca-compliance] | 2018-01-11T15:33:46Z |
| IdenTrust: OCSP Outage | 1636544 | RESOLVED | IdenTrust | [ca-compliance] Next Update - 30-July 2020 | 2020-08-07T15:01:15Z |
| IdenTrust: OCSP Responder missing id-pkix-ocsp-nocheck | 1653680 | RESOLVED | IdenTrust | [ca-compliance] | 2020-11-04T04:56:26Z |
| IdenTrust: Service Degradation | 1677239 | RESOLVED | IdenTrust | [ca-compliance] | 2021-06-11T18:04:50Z |
| Invalid country field for Camerfirma root CA certificates | 1468000 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-06-14T21:42:26Z |
| IP certificate issued with Domain Validation | 1550547 | RESOLVED | Wayne Thayer | [ca-compliance] | 2020-01-09T23:00:12Z |
| Izenpe: CA certificates not listed in audit report | 1596744 | RESOLVED | Oscar Garcia | [ca-compliance] | 2019-12-14T00:18:06Z |
| Izenpe: certificate issued to internal domain | 1651026 | RESOLVED | Oscar Garcia | [ca-compliance] Next Update 2020-12-01 | 2021-01-22T19:05:02Z |
| Izenpe: Certificates not disclosed in CCADB | 1667846 | RESOLVED | Oscar Garcia | [ca-compliance] | 2021-01-22T18:39:07Z |
| Izenpe: EV certificate with various issues | 1267049 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-04-26T19:23:50Z |
| Izenpe: Failure to provide a preliminary report within 24 hours. | 1647121 | RESOLVED | Oscar Garcia | [ca-compliance] | 2020-09-14T12:32:13Z |
| Izenpe: incorrect value in stateOrProvinceName | 1653284 | RESOLVED | Oscar Garcia | [ca-compliance] Next Update 2020-12-01 | 2020-12-09T18:26:47Z |
| Izenpe: Multiple invalid EV certificates issued | 1559765 | RESOLVED | Oscar Garcia | [ca-compliance] - Next Update - 9-October 2020 | 2020-11-09T17:26:02Z |
| Izenpe: Multiple sub CAs with incorrectly encoded SubjectPublicKeyInfo algorithm | 1685767 | RESOLVED | Oscar Garcia | [ca-compliance] | 2021-01-22T18:39:07Z |
| Izenpe: Non-BR-Compliant Certificate Issuance | 1391054 | RESOLVED | Oscar Garcia | [ca-compliance] | 2018-01-15T16:59:19Z |
| Izenpe: Non-BR-Compliant OCSP Responders | 1398258 | RESOLVED | Oscar Garcia | [ca-compliance] | 2017-10-11T15:26:13Z |
| Izenpe: OU > 64 characters | 1528290 | RESOLVED | Oscar Garcia | [ca-compliance] | 2019-03-04T16:05:12Z |
| Kamu SM: "Some-State" in stateOrProvinceName | 1551369 | RESOLVED | Melis Şimşek | [ca-compliance] | 2019-07-01T20:14:47Z |
| Kamu SM: Insufficient Serial Number Entropy | 1539190 | RESOLVED | Melis Şimşek | [ca-compliance] | 2019-05-14T00:32:23Z |
| Kamu SM: Non-BR-Compliant Certificate Issuance | 1390998 | RESOLVED | Tuğba ÖZCAN | [ca-compliance] | 2017-08-24T19:03:11Z |
| KIR S.A.: Certificates issued greater than stated in CPS | 1708965 | RESOLVED | Piotr Grabowski | [ca-compliance] | 2021-06-11T17:41:48Z |
| KIR S.A.: Certificates issued with multiple BR violations | 1495497 | RESOLVED | Piotr Grabowski | [ca-compliance] | 2019-09-16T00:23:52Z |
| KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days | 1523186 | RESOLVED | Piotr Grabowski | [ca-compliance] | 2019-09-16T00:19:27Z |
| KIR S.A.: O > 64 characters | 1532112 | RESOLVED | Piotr Grabowski | [ca-compliance] | 2019-03-04T18:46:30Z |
| Let's Encrypt intent to issue root and intermediate certificates with organizationName and CABF DV OID | 1658437 | RESOLVED | Josh Aas | [ca-compliance] | 2020-11-04T04:54:11Z |
| Let's Encrypt: 302 total OCSP responses available beyond acceptable timelines | 1666047 | RESOLVED | Kiel C | [ca-compliance] | 2020-10-09T17:55:30Z |
| Let's Encrypt: CAA Misissuances | 1398427 | RESOLVED | Josh Aas | [ca-compliance] | 2019-09-17T20:42:22Z |
| Let's Encrypt: CAA Rechecking bug | 1619047 | RESOLVED | Jacob Hoffman-Andrews | [ca-compliance] Next Update - 14-August 2020 | 2020-09-09T14:58:29Z |
| Let's Encrypt: Case-sensitive CAA tag processing | 1462735 | RESOLVED | Josh Aas | [ca-compliance] | 2018-05-24T23:58:37Z |
| Let's Encrypt: Expired ISRG Root OCSP X1 Certificate | 1645276 | RESOLVED | Andrew Gabbitas | [ca-compliance] | 2020-08-13T19:18:09Z |
| Let's Encrypt: Failure to audit log subscriber certificate OCSP updates | 1684112 | RESOLVED | Andrew Gabbitas | [ca-compliance] | 2021-04-07T13:59:38Z |
| Let's Encrypt: Failure to revoke key-compromised certificate within 24 hours | 1639794 | RESOLVED | Jacob Hoffman-Andrews | [ca-compliance] | 2020-07-26T02:49:32Z |
| Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours | 1627614 | RESOLVED | Josh Aas | [ca-compliance] | 2020-05-19T15:56:08Z |
| Let's Encrypt: Improper encoding of wildcard certificates | 1446080 | RESOLVED | Josh Aas | [ca-compliance] | 2018-03-23T00:21:14Z |
| Let's Encrypt: Non-BR-Compliant Certificate Issuance | 1391867 | RESOLVED | Josh Aas | [ca-compliance] | 2017-08-21T19:00:02Z |
| Let's Encrypt: OCSP "unauthorized" responses | 1486650 | RESOLVED | Josh Aas | [ca-compliance] | 2018-10-12T18:22:32Z |
| Let's Encrypt: OCSP Responder Returned "Unauthorized" for Some Precertificates | 1577652 | RESOLVED | Jacob Hoffman-Andrews | [ca-compliance] | 2019-10-05T00:01:44Z |
| Let's Encrypt: OCSP responses with no revocationReason | 1648840 | RESOLVED | Jacob Hoffman-Andrews | [ca-compliance] | 2020-07-06T22:12:28Z |
| Let’s Encrypt: 2019.08.20 Incident: Incorrect OCSP responses under certain conditions | 1576789 | RESOLVED | Josh Aas | [ca-compliance] | 2020-01-23T17:07:13Z |
| LuxTrust: Outdated audit statement for intermediate cert | 1578505 | RESOLVED | ca | [ca-compliance] - Overdue Audit for intermediate cert | 2020-07-29T21:00:34Z |
| LuxTrust: Overdue Audit Statements 2019 | 1566580 | RESOLVED | Yves Nullens | [ca-compliance] Overdue Audits for root certs | 2019-07-31T17:42:02Z |
| Microsec e-Szigno: Certificate validity period greater than 398 days | 1676352 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] Next update 2021-05-01 | 2021-06-11T17:41:15Z |
| Microsec e-Szigno: Non-BR-Compliant Certificate Issuance | 1391055 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] | 2017-12-01T12:04:56Z |
| Microsec: Audit Letter Validation Failures | 1625767 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] - Next Update - 1-June 2020 | 2020-08-07T15:00:33Z |
| Microsec: Incorrect OCSP Delegated Responder Certificate | 1649947 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] | 2020-08-07T14:45:30Z |
| Microsec: Issuance of 2 IVCP precertificates without givenName, surName, localityName fields | 1622539 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] Next Update 15-July 2020 | 2020-07-27T02:25:42Z |
| Microsec: Validity period greater than 825 days | 1512270 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] | 2019-02-02T15:12:26Z |
| Microsoft DSRE PKI: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request | 1620727 | RESOLVED | Dustin Hollenback | [ca-compliance] | 2020-11-25T00:36:44Z |
| Microsoft DSRE PKI: problem reporting e-mail in CPS does not work | 1604124 | RESOLVED | Dustin Hollenback | [ca-compliance] | 2020-11-25T00:21:42Z |
| Microsoft PKI Services: Certificate Mis-Issuance, DNSName is not FQDN, Preferred Name Syntax | 1706860 | RESOLVED | John Mason | [ca-compliance] | 2021-06-07T16:26:37Z |
| Microsoft PKI Services: Certificate Mis-Issuance, DNSNames must have a valid TLD | 1670337 | RESOLVED | John Mason | [ca-compliance] Next Update 2021-04-19 | 2021-06-07T16:26:51Z |
| Microsoft PKI Services: DV certificate issued with OV fields | 1674561 | RESOLVED | Dustin Hollenback | [ca-compliance] Next update 2021-05-01 | 2021-06-11T18:06:25Z |
| Microsoft PKI Services: Policy Documentation, Failure to update Domain Validation Method | 1693932 | RESOLVED | John Mason | [ca-compliance] | 2021-04-07T14:06:02Z |
| Microsoft: Certificate Mis-Issuance, Locality Missing | 1644936 | RESOLVED | John Mason | [ca-compliance] | 2020-09-04T19:38:04Z |
| Microsoft: Firewall log data retention | 1658995 | RESOLVED | Dustin Hollenback | [ca-compliance] Next Update - 21-Sept-2020 | 2021-01-05T20:13:38Z |
| Microsoft: Incomplete Logical Access Review Audit Evidence | 1652827 | RESOLVED | Dustin Hollenback | [ca-compliance] Next Update - 21-September 2020 | 2021-01-05T20:12:59Z |
| Microsoft: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy | 1586847 | RESOLVED | Jason Cooper | [ca-compliance] | 2020-09-04T19:39:03Z |
| Microsoft: Loss of Archived Firewall logs from Retention Store | 1602999 | RESOLVED | mohanr | [ca-compliance] | 2020-09-04T19:37:00Z |
| Microsoft: Null Character Bug and Microsoft Root CAs | 1598390 | RESOLVED | Julio Montano | [ca-compliance] | 2020-09-04T19:37:55Z |
| Multicert: AIA CA Issuer field pointing to PEM encoded cert | 1637093 | RESOLVED | ca.forum | [ca-compliance] | 2020-07-26T20:40:56Z |
| NetLock: CN not in SAN | 1462423 | RESOLVED | Varga Viktor | [ca-compliance] | 2019-10-04T18:56:03Z |
| Netlock: Cumulative report connected to EV verification | 1676440 | RESOLVED | Varga Viktor | [ca-compliance] | 2021-01-27T19:43:45Z |
| Netlock: Failure to provide regular and timely incident updates | 1572992 | RESOLVED | Varga Viktor | [ca-compliance] | 2019-10-04T18:58:09Z |
| NetLock: Issuance of >398-day precertificates after 2020-09-01 | 1676367 | RESOLVED | Varga Viktor | [ca-compliance] | 2021-04-07T13:59:57Z |
| NetLock: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy | 1586795 | RESOLVED | Varga Viktor | [ca-compliance] Next Update 2020-12-01 | 2020-11-19T05:11:12Z |
| NetLock: Non-BR-Compliant Certificate Issuance | 1391056 | RESOLVED | Varga Viktor | [ca-compliance] | 2018-02-09T22:13:50Z |
| NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName | 1401211 | RESOLVED | Varga Viktor | [ca-compliance] | 2017-10-24T14:14:40Z |
| Network Solutions: Audit report delay | 1649507 | RESOLVED | Roy Dykes | [ca-compliance] [audit-delay] | 2020-07-27T02:44:41Z |
| OCSP responding good for non-issued certs by Consorci AOC root already solved | 1467110 | RESOLVED | Wayne Thayer | [ca-compliance] | 2018-10-03T21:47:26Z |
| PKIOverheid / QuoVadis: CPS inconsistencies | 1650234 | RESOLVED | Stephen Davidson | [ca-compliance] Next update 7-Aug 2020 | 2020-08-31T22:43:22Z |
| PKIoverheid: CIBG insufficient serial number entropy | 1573490 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2019-10-22T04:21:38Z |
| PKIoverheid: Compliance issues CIBG TLS certificates | 1578809 | RESOLVED | Jochem van den Berge | [ca-compliance] | 2019-09-16T17:31:47Z |
| PKIoverheid: Incorrect OCSP Delegated Responder Certificate | 1649964 | RESOLVED | Jorik van 't Hof | [ca-compliance] Next Update 2021-01-25 | 2021-03-31T21:54:14Z |
| PKIoverheid: KPN CPS lacks problem reporting instructions | 1596923 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2020-01-22T20:56:10Z |
| PKIoverheid: KPN Insufficient Serial Number Entropy | 1535871 | RESOLVED | Jochem van den Berge | [ca-compliance] | 2019-12-03T04:44:58Z |
| PKIoverheid: Missing audit statement "UZI-register Medewerker Niet op Naam CA G21" | 1609706 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2020-02-22T21:19:47Z |
| PKIoverheid: Missing WTBR audit statements Staat der Nederlanden 2017/2018 | 1605126 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2020-02-05T23:08:51Z |
| PKIoverheid: No BR Audit for subCAs technically capable of issuing TLS certs | 1586125 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2020-03-27T03:50:05Z |
| PKIoverheid: Overdue audit statements for intermediate certificates | 1669518 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2021-04-08T15:19:23Z |
| PKIoverheid: TSP CPS lacks problem reporting instructions | 1610507 | RESOLVED | Jorik van 't Hof | [ca-compliance] | 2020-01-21T20:34:48Z |
| PROCERT: Non-BR-Compliant Certificate Issuance | 1391058 | RESOLVED | Procert | [ca-compliance] | 2017-10-18T13:50:29Z |
| QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage | 1468477 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-12-31T20:16:48Z |
| QuoVadis / Siemens: Insufficient serial number entropy | 1534535 | RESOLVED | Rufus Buschart | [ca-compliance] | 2019-04-01T08:49:55Z |
| QuoVadis: BR Error - san dns name starts with period | 1521950 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-04-26T21:14:44Z |
| QuoVadis: EV serialNumber with "none" | 1645708 | RESOLVED | Stephen Davidson | [ca-compliance] | 2020-07-26T03:07:18Z |
| QuoVadis: Incorrect EV businessCategory | 1593357 | RESOLVED | Stephen Davidson | [ca-compliance] | 2020-01-22T00:05:40Z |
| QuoVadis: IPaddress in DNSname SAN | 1530623 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-04-26T21:14:01Z |
| QuoVadis: LLB insufficient Serial Number Entropy | 1540315 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-07-01T22:27:39Z |
| QuoVadis: N/A in EV serialNumber field | 1576283 | RESOLVED | Stephen Davidson | [ca-compliance] | 2020-01-17T22:36:55Z |
| QuoVadis: OCSP handling of Certificate Transparency Pre-certs | 1579950 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-10-09T18:12:23Z |
| Quovadis: Certificate containing Debian weak key | 1472052 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-01-09T20:16:01Z |
| QuoVadis: DarkMatter Insufficient Serial Number Entropy | 1531800 | RESOLVED | Scott Rea | [ca-compliance] | 2019-04-26T20:51:51Z |
| QuoVadis: EV JOI Issue | 1581234 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-11-02T16:45:55Z |
| QuoVadis: Failure to provide a preliminary report within 24 hours. | 1649880 | RESOLVED | Stephen Davidson | [ca-compliance] Next Update 1-October 2020 | 2020-11-10T23:13:16Z |
| QuoVadis: failure to reply in a timely manner | 1590171 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-11-07T20:55:17Z |
| QuoVadis: improper countryName format | 1493760 | RESOLVED | Stephen Davidson | [ca-compliance] | 2018-10-12T18:25:53Z |
| QuoVadis: Incorrect EV jurisdiction of incorporation information | 1589047 | RESOLVED | Stephen Davidson | [ca-compliance] | 2020-04-01T03:50:45Z |
| QuoVadis: Incorrect keyUsage for ECC certificate | 1667518 | RESOLVED | Stephen Davidson | [ca-compliance] | 2020-11-13T18:45:33Z |
| QuoVadis: Incorrect OCSP Delegated Responder Certificate | 1649938 | RESOLVED | Stephen Davidson | [ca-compliance] Next Update 2021-01-07 | 2021-04-07T14:06:18Z |
| Quovadis: Insufficient Serial Number Entropy | 1533899 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2019-03-15T18:53:58Z |
| QuoVadis: IP in dnsName | 1524879 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-03-07T21:07:14Z |
| QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs | 1586792 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-11-02T16:45:36Z |
| QuoVadis: Multiple unreported misissuances in 2018 | 1519260 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-04-26T21:15:39Z |
| QuoVadis: Non-BR-Compliant Certificate Issuance | 1391063 | RESOLVED | Stephen Davidson | [ca-compliance] [remediation-accepted] Next Update - 2018-06-30 | 2018-10-12T18:26:47Z |
| Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) | 1430909 | RESOLVED | Stephen Davidson | [ca-compliance] - Next Update - mid-Feb 2018 | 2018-09-24T18:07:08Z |
| QuoVadis: Non-BR-Compliant OCSP Responder | 1426238 | RESOLVED | Stephen Davidson | [ca-compliance] | 2018-09-24T18:07:08Z |
| QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs | 1519265 | VERIFIED | Wayne Thayer | [ca-compliance] | 2020-06-26T00:33:36Z |
| QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) | 1563917 | RESOLVED | Stephen Davidson | [ca-compliance] | 2019-08-10T23:44:21Z |
| RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone | 1409735 | RESOLVED | Steven Medin | [ca-compliance] | 2018-02-09T21:58:17Z |
| SECOM: "Default City" in Subject:localityName | 1548714 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-08-10T23:54:14Z |
| SECOM: Ambiguity on KeyUsage with ECC public key | 1560234 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-07-29T04:40:48Z |
| SECOM: certificate for .test TLD | 1524452 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-03-29T16:05:47Z |
| SECOM: certificate for which “L” and “ST” not set | 1544722 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-07-29T04:25:44Z |
| SECOM: certificate for which “OU=-” | 1544712 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-08-11T03:59:14Z |
| SECOM: CrossTrust: OU > 64 characters | 1532105 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-08-11T00:28:45Z |
| SECOM: Failure to disclose Unconstrained Intermediate within 7 Days | 1563574 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-09-15T23:45:29Z |
| SECOM: failure to revoke underscores | 1524816 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-02-21T22:32:27Z |
| SECOM: Incorrect OCSP Delegated Responder Certificate | 1649962 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2020-08-07T14:41:24Z |
| SECOM: Insufficient Serial Number Entropy | 1539358 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2019-05-17T17:44:06Z |
| SECOM: Mis-issued EV Certificates | 1576133 | RESOLVED | Yuu Hidaka | [ca-compliance] | 2019-09-26T08:14:55Z |
| SECOM: Non-BR-Compliant Certificate Issuance | 1391064 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2018-02-09T21:45:58Z |
| SECOM: Non-BR-Compliant OCSP Responders | 1398259 | RESOLVED | Hisashi Kamo | [ca-compliance] [remediation-accepted] Next Update - 5-Mar 2018 | 2018-03-02T15:26:03Z |
| SECOM: Outdated audit statements for intermediate certs | 1695993 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2021-04-19T15:56:27Z |
| SECOM: TSA Certs Issued from Root | 1452671 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2018-12-14T16:16:09Z |
| SECOM: Undisclosed intermediate certificates | 1497703 | RESOLVED | Hisashi Kamo | [ca-compliance] | 2018-11-01T16:39:33Z |
| Sectigo / Web.com: inconsistent disclosure of externally-operated intermediate | 1567060 | RESOLVED | Robin Alden | [ca-compliance] | 2019-09-16T18:55:06Z |
| Sectigo: "Default City" in Subject:localityName | 1548713 | RESOLVED | Robin Alden | [ca-compliance] | 2019-12-09T16:48:34Z |
| Sectigo: "Some-State" in stateOrProvinceName | 1551362 | RESOLVED | Robin Alden | [ca-compliance] | 2020-03-23T16:22:15Z |
| Sectigo: "unauthorized" OCSP responses | 1639518 | VERIFIED | Robin Alden | [ca-compliance] | 2020-05-21T02:13:30Z |
| Sectigo: CCADB failed ALV - D-TRUST CA 2-1 2015 | 1597948 | RESOLVED | Robin Alden | [ca-compliance] | 2020-07-08T02:18:23Z |
| Sectigo: CCADB failed ALV - Ensured Root CA | 1597950 | RESOLVED | Robin Alden | [ca-compliance] | 2020-07-28T20:39:30Z |
| Sectigo: CCADB failed ALV - Network Solutions Certificate Authority | 1597947 | RESOLVED | Rob Stradling | [ca-compliance] | 2020-10-31T16:57:38Z |
| Sectigo: Certificate Problem Report response issues | 1650845 | RESOLVED | Nick France | [ca-compliance] Updates in Bug #1648717 | 2021-04-07T14:09:06Z |
| Sectigo: Certificates with RSA keys where modulus is not divisible by 8 | 1653504 | RESOLVED | Nick France | [ca-compliance] | 2020-08-10T22:09:36Z |
| Sectigo: EV SSL Certificates with incorrect businessCategory | 1590810 | RESOLVED | Robin Alden | [ca-compliance] - Next Update - 1-June 2020 | 2020-06-29T20:16:03Z |
| Sectigo: EV SSL Certificates with incorrect subject details. | 1575022 | RESOLVED | Robin Alden | [ca-compliance] - Next Update - 15-Aug 2020 | 2020-09-09T14:50:22Z |
| Sectigo: Failure to provide a preliminary report within 24 hours | 1619359 | RESOLVED | Robin Alden | [ca-compliance] | 2020-08-11T16:49:32Z |
| Sectigo: Failure to provide a preliminary report within 24 hours. | 1648717 | RESOLVED | Rich Smith | [ca-compliance] | 2021-03-31T21:54:53Z |
| Sectigo: Failure to provide timely incident reports | 1563579 | RESOLVED | Rob Stradling | [ca-compliance] | 2021-06-14T23:00:15Z |
| Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours | 1625715 | RESOLVED | Robin Alden | [ca-compliance] | 2020-05-22T18:05:31Z |
| Sectigo: Failure to revoke key-compromised certificate within 24 hours | 1639804 | RESOLVED | Robin Alden | [ca-compliance] Next update 15-Aug-2020 | 2020-08-13T19:17:48Z |
| Sectigo: Failure to revoke key-compromised certificates | 1639805 | RESOLVED | Rich Smith | [ca-compliance] | 2020-09-09T22:50:31Z |
| Sectigo: Failure to revoke within 24 hours | 1492006 | RESOLVED | Robin Alden | [ca-compliance] | 2019-09-16T18:58:11Z |
| Sectigo: Inadequate DCV | 1694233 | RESOLVED | Tim Callan | [ca-compliance] | 2021-06-14T21:01:55Z |
| Sectigo: invalid dnsName | 1524730 | RESOLVED | Robin Alden | [ca-compliance] | 2019-08-03T03:40:41Z |
| Sectigo: invalid subject:organizationalUnitName on DV certificates | 1593776 | RESOLVED | Robin Alden | [ca-compliance] | 2020-09-21T15:53:44Z |
| Sectigo: Lack of input validation in stateOrProvinceName | 1645686 | RESOLVED | Rich Smith | [ca-compliance] | 2021-05-11T21:14:53Z |
| Sectigo: Missing Changelog in CPS | 1545208 | RESOLVED | Robin Alden | [ca-compliance] | 2019-09-18T03:36:02Z |
| Sectigo: Potential audit report delay | 1648593 | RESOLVED | Nick France | [ca-compliance] [audit-delay] | 2020-10-31T16:57:13Z |
| Sectigo: Reseller ZeroSSL and Private Key Generation | 1699756 | RESOLVED | Ben Wilson | [ca-compliance] | 2021-03-31T14:29:01Z |
| Sectigo: Use of forbidden subjectPublicKeyInfo algorithm | 1518553 | RESOLVED | Robin Alden | [ca-compliance] | 2019-09-13T17:13:51Z |
| Sectigo: ZeroSSL: failure to revoke within 24 hours | 1698936 | RESOLVED | Tim Callan | [ca-compliance] | 2021-04-19T15:57:36Z |
| SecureTrust: Unvalidated domain in certificate | 1546776 | RESOLVED | fcorday | [ca-compliance] | 2019-08-11T00:35:09Z |
| SecureTrust: "Some-State" in stateOrProvinceName | 1551374 | RESOLVED | fcorday | [ca-compliance] | 2019-12-20T13:47:52Z |
| SecureTrust: BR Audit 2019 - matters to be resolved | 1606031 | RESOLVED | Corey Bonnell | [ca-compliance] | 2020-03-14T16:48:30Z |
| SecureTrust: CPS section 6.1.1.1 number 3 non-compliance event | 1671037 | RESOLVED | Andrea Holland | [ca-compliance] | 2021-02-12T17:42:36Z |
| SecureTrust: Failure to provide a preliminary report within 24 hours. | 1667799 | RESOLVED | Andrea Holland | [ca-compliance] | 2021-03-11T17:46:07Z |
| SecureTrust: Inaccurate value in stateOrProvinceName | 1667842 | RESOLVED | Andrea Holland | [ca-compliance] | 2021-04-07T14:12:01Z |
| SecureTrust: Metadata-only field values in 2 certificates | 1646711 | RESOLVED | Corey Bonnell | [ca-compliance] | 2020-08-03T18:49:13Z |
| SecureTrust: Unconstrained ICA not included in WTBR audit report | 1600844 | RESOLVED | Corey Bonnell | [ca-compliance] | 2020-01-22T22:09:54Z |
| Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders | 1398233 | RESOLVED | Mihkel Tammsalu | [ca-compliance] | 2017-11-28T11:57:11Z |
| SK ID Solutions: Audit Letter Validation failures on intermediate certificates | 1614449 | RESOLVED | Kristel Rünnimeri | [ca-compliance] | 2020-03-05T22:57:37Z |
| SK ID Solutions: Incorrect OCSP Delegated Responder Certificate | 1649942 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2020-09-09T17:43:00Z |
| SSL.com: CRL not found - SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl | 1548720 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2019-06-28T23:28:47Z |
| SSL.com: Expired CRLs | 1550576 | RESOLVED | Chris Kemmerer | [ca-compliance] Expired CRLs | 2019-05-13T22:08:57Z |
| SSL.com: Insufficient serial number entropy | 1534147 | RESOLVED | Fotis Loukos | [ca-compliance] | 2019-04-11T18:35:49Z |
| SSL.com: Insufficient validation evidence for the localityName attribute of an OV certificate | 1666872 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2020-10-31T16:58:42Z |
| SSL.com: Intermediate certificate not listed in audit reports | 1610000 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2020-02-22T21:29:09Z |
| SSL.com: Issued precertificate with Debian Weak Key | 1620772 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2020-04-08T00:14:21Z |
| SSL.com: P-384 curve / ecdsa-with-SHA256 certificates | 1534145 | RESOLVED | Fotis Loukos | [ca-compliance] | 2019-04-18T20:29:58Z |
| SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown" | 1579509 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2019-10-05T00:04:51Z |
| SSL.com: Wildcard DV certificate issued with a non-validated domain name | 1678720 | RESOLVED | Chris Kemmerer | [ca-compliance] | 2021-01-15T16:53:01Z |
| Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance | 1391864 | RESOLVED | Mark Janssen | [ca-compliance] | 2017-09-01T14:34:07Z |
| Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders | 1398251 | RESOLVED | Mark Janssen | [ca-compliance] | 2017-11-28T12:05:23Z |
| Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone | 1409859 | RESOLVED | Iñigo | [ca-compliance] | 2017-11-28T12:17:06Z |
| StartCom: 'un-revoking' intermediate certificates | 1369342 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-09-21T14:04:49Z |
| StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record | 1409760 | RESOLVED | Iñigo | [ca-compliance] | 2017-11-28T12:14:29Z |
| StartCom: mis-issuance of certs with unvalidated domain names and bogus field values | 1369359 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-10-09T12:02:21Z |
| StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL | 1386894 | RESOLVED | Kathleen Wilson | [ca-compliance] | 2017-09-21T23:32:55Z |
| Swisscom: certificates without DNS names in subjectAltName | 1195115 | RESOLVED | H-P Waldegger | [ca-compliance] | 2017-05-02T06:37:04Z |
| Swisscom: Missing Audits for Unconstrained Intermediate Certificates | 1464286 | RESOLVED | H-P Waldegger | [ca-compliance] | 2018-07-18T22:30:38Z |
| SwissSign: "Some-State" in stateOrProvinceName | 1551364 | RESOLVED | Timo Schmitt | [ca-compliance] | 2021-01-13T09:27:29Z |
| SwissSign: Audit Letter Validation failures on intermediate certificates | 1614450 | RESOLVED | Nathalie Weiler | [ca-compliance] | 2020-02-27T15:33:43Z |
| SwissSign: BRs require full annual audits | 1374381 | RESOLVED | Reinhard Dietrich | [ca-compliance] | 2018-08-07T00:59:16Z |
| SwissSign: Cert issued with a to long validity period | 1443731 | RESOLVED | Juerg.Eiholzer | [ca-compliance] - Next Update - 01-August 2018 | 2018-10-19T20:25:29Z |
| SwissSign: Certificate issue with Signature | 1459557 | RESOLVED | Juerg.Eiholzer | [ca-compliance] - Next Update - 01-August 2018 | 2018-10-19T19:29:09Z |
| SwissSign: Certificate with key length 4098 bit | 1691704 | RESOLVED | Mike Guenther | [ca-compliance] | 2021-03-11T17:45:50Z |
| SwissSign: Domain validated certificate but with stateOrProvinceName | 1473971 | RESOLVED | Reinhard Dietrich | [ca-compliance] | 2018-08-31T20:58:40Z |
| SwissSign: duplicate serial number | 1636140 | RESOLVED | Mike Guenther | [ca-compliance] | 2020-07-07T23:28:11Z |
| SwissSign: duplicate serial number | 1677737 | RESOLVED | Mike Guenther | [ca-compliance] | 2021-06-01T19:50:01Z |
| SwissSign: Error in OrganisationIdentifier in signature/seal certificate | 1541064 | RESOLVED | Mike Guenther | [ca-compliance] | 2019-04-25T18:50:24Z |
| SwissSign: failure to provide a preliminary report within 24 hours | 1636141 | RESOLVED | Mike Guenther | [ca-compliance] | 2020-07-26T23:19:59Z |
| SwissSign: Failure to provide a preliminary report within 24 hours. | 1671113 | RESOLVED | Mike Guenther | [ca-compliance] | 2021-02-12T17:45:34Z |
| SwissSign: Invalid DNSName in SAN | 1428877 | RESOLVED | Mike Guenther | [ca-compliance] | 2019-01-14T16:22:58Z |
| SwissSign: Invalid stateOrProvinceName field | 1670894 | RESOLVED | Mike Guenther | [ca-compliance] | 2021-02-08T17:31:34Z |
| SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier | 1506607 | RESOLVED | Mike Guenther | [ca-compliance] | 2019-05-20T17:43:59Z |
| SwissSign: Misissuance of Leaf Certificates because of incorrect postcode | 1569651 | RESOLVED | Timo Schmitt | [ca-compliance] | 2020-01-29T10:20:16Z |
| SwissSign: Misissuance with mispellings in Location for a number of Certificates | 1613334 | RESOLVED | Mike Guenther | [ca-compliance] Next Update 31-July 2020 | 2020-10-14T05:01:40Z |
| SwissSign: Non-BR-Compliant Certificate Issuance | 1391066 | RESOLVED | Corneia Enke | [ca-compliance] [remediation-accepted] Next Update - 2017-11-04 | 2017-11-30T16:21:32Z |
| SwissSign: OCSP responder unreachable | 1662137 | RESOLVED | Mike Guenther | [ca-compliance] | 2020-09-14T12:33:15Z |
| SwissSign: Two certs issued with same issuer and serial number | 1404403 | RESOLVED | Corneia Enke | [ca-compliance] | 2017-10-12T16:54:04Z |
| SwissSign: Undisclosed Intermediate Certificates | 1455132 | RESOLVED | Juerg.Eiholzer | [ca-compliance] - Next Update - 16-October 2018 | 2018-11-01T16:50:36Z |
| Symantec: Non-audited, non-technically-constrained intermediate cert | 1368178 | RESOLVED | Steven Medin | [ca-compliance] | 2017-08-18T21:57:16Z |
| Symantec: Non-BR-Compliant Certificate Issuance | 1391067 | RESOLVED | Steven Medin | [ca-compliance] | 2018-02-09T21:52:08Z |
| T-Systems / DFN-PKI: 40 OV certificates with wrong ST | 1534580 | RESOLVED | Jürgen Brauckmann | [ca-compliance] | 2020-07-22T17:35:48Z |
| T-Systems / DFN-PKI: 42 certificates with RSA modulus size in bits not divisable by 8 | 1651132 | RESOLVED | Jürgen Brauckmann | [ca-compliance] - Next Update - 2-Oct-2020 | 2020-11-13T18:45:50Z |
| T-Systems: "Internet Widgits Pty Ltd" in organizationName | 1638898 | RESOLVED | Arnold Essing | [ca-compliance] | 2020-05-18T17:38:58Z |
| T-Systems: "Some-State" comparable issues | 1567456 | RESOLVED | Arnold Essing | [ca-compliance] | 2019-12-27T22:59:14Z |
| T-Systems: "Some-State" in stateOrProvinceName | 1551371 | RESOLVED | Arnold Essing | [ca-compliance] | 2019-07-03T21:10:08Z |
| T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 | 1522080 | RESOLVED | Jürgen Brauckmann | [ca-compliance] | 2019-02-04T23:34:01Z |
| T-Systems: Improperly encoded QCStatements extension | 1498463 | RESOLVED | Bernd | [ca-compliance] | 2019-01-29T18:49:50Z |
| T-Systems: Incorrect OCSP Delegated Responder Certificate | 1649941 | RESOLVED | Arnold Essing | [ca-compliance] | 2020-08-07T14:35:15Z |
| T-Systems: Insufficient serial number entropy | 1536082 | RESOLVED | Arnold Essing | [ca-compliance] | 2019-08-11T04:11:20Z |
| T-Systems: Invalid SAN Entries | 1530718 | RESOLVED | Arnold Essing | [ca-compliance] | 2019-08-11T00:39:40Z |
| T-Systems: Issue with Organization field | 1578417 | RESOLVED | Arnold Essing | [ca-compliance] | 2020-05-18T17:38:58Z |
| T-Systems: Non-BR-Compliant Certificate Issuance | 1391074 | RESOLVED | Lothar Eickholt | [ca-compliance] Next Update - 28-January 2019 | 2019-01-24T22:24:28Z |
| T-Systems: Non-BR-Compliant OCSP Responders | 1426009 | RESOLVED | Lothar Eickholt | [ca-compliance] | 2018-01-04T17:58:05Z |
| T-Systems: Undisclosed Intermediate certificate | 1455137 | RESOLVED | Bernd | [ca-compliance] | 2019-04-02T00:54:17Z |
| T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 | 1401486 | RESOLVED | Lothar Eickholt | [ca-compliance] | 2018-01-18T13:14:56Z |
| Taiwan-CA: Invalid SAN Entries | 1535869 | RESOLVED | Hao-Chun Li | [ca-compliance] | 2019-06-28T17:45:38Z |
| Taiwan-CA: Misissued certificate: Invalid organizationUnitName | 1629020 | RESOLVED | Hao-Chun Li | [ca-compliance] | 2020-04-19T14:55:54Z |
| Taiwan-CA: Non-BR-Compliant Certificate Issuance | 1391068 | RESOLVED | Robin Lin | [ca-compliance] | 2019-01-03T21:03:14Z |
| Telekom Security: Certificate with invalid FQDN | 1711432 | RESOLVED | Arnold Essing | [ca-compliance] | 2021-06-11T17:42:38Z |
| Telekom Security: CRL also contained unrevoked certificates | 1655698 | RESOLVED | Arnold Essing | [ca-compliance] | 2021-02-08T17:32:33Z |
| Telekom Security: Finding in 2020 ETSI-Audit regarding weekly review of changes to configurations | 1651611 | RESOLVED | Arnold Essing | [ca-compliance] | 2021-01-27T19:41:57Z |
| Telekom Security: Multiple commonName in certificates | 1705791 | RESOLVED | Arnold Essing | [ca-compliance] | 2021-06-07T19:01:54Z |
| Telekom Security: Wrong jurisdiction entries in certificates | 1675314 | RESOLVED | Arnold Essing | [ca-compliance] | 2021-04-07T14:01:37Z |
| Telia CA: AIA CA Issuer field pointing to PEM encoded cert | 1637854 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2020-09-09T22:39:44Z |
| Telia CA: Ambiguity on KeyUsage with ECC public key | 1612332 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2020-05-21T02:26:24Z |
| Telia CA: Certificates with RSA keys where modulus is not divisible by 8 | 1674536 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2021-02-01T10:54:26Z |
| Telia: "Some-State" in stateOrProvinceName | 1551372 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2020-07-06T20:10:26Z |
| Telia: Disallowed curve (P-521) in leaf certificate | 1689589 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2021-06-11T18:08:43Z |
| Telia: Failure to disclose Unconstrained Intermediate within 7 Days | 1563575 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-07-22T18:47:09Z |
| Telia: invalid IP value in SAN DNS field | 1524567 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-06-28T23:56:57Z |
| Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field | 1528259 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-08-11T00:31:52Z |
| Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) | 1528261 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-08-11T00:33:27Z |
| Telia: Misissued certificate - invalid dnsName | 1524050 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-06-28T23:31:27Z |
| Telia: Misissued certificate - Invalid OU value "-" | 1528264 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-06-28T23:18:30Z |
| Telia: Misissued certificate - Invalid wildcard format | 1528263 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-07-03T23:49:06Z |
| Telia: Non-BR-Compliant OCSP Responder | 1426247 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2018-06-27T21:23:24Z |
| Telia: Qualified Audit Statements | 1475115 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2019-02-06T20:40:38Z |
| Telia: Qualified BR Audit Statement | 1565270 | RESOLVED | pekka.lahtiharju | [ca-compliance] Next Update 2021-03-01 | 2021-03-07T05:38:57Z |
| Telia: Qualified BR Audit Statement 2020 | 1649683 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2020-07-29T20:14:41Z |
| Telia: Two CA certificates not listed in audit report | 1614311 | RESOLVED | pekka.lahtiharju | [ca-compliance] | 2020-05-21T01:39:00Z |
| TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB | 1451953 | RESOLVED | Wayne Thayer | [ca-compliance] - Next Update - 01-May 2018 | 2018-10-12T18:10:43Z |
| TERENA: Insufficient validation of organizationalUnitName | 1675923 | RESOLVED | Jeremy Rowley | [ca-compliance] | 2020-11-10T10:35:51Z |
| Trustcor: Incorrect CA-Issuers URI | 1568356 | RESOLVED | Neil Dunbar | [ca-compliance] | 2019-12-13T23:17:26Z |
| TrustCor: Insufficient Serial Number Entropy | 1532399 | RESOLVED | Neil Dunbar | [ca-compliance] | 2019-03-15T18:59:10Z |
| TrustCor: Non-audited intermediate certificates | 1579284 | RESOLVED | Neil Dunbar | [ca-compliance] | 2019-10-08T21:37:46Z |
| TrustCor: Non-mention of Email CAs in WTBR audit reports | 1599503 | RESOLVED | Neil Dunbar | [ca-compliance] | 2020-04-06T13:58:38Z |
| Trustis: Gap between audit periods | 1623472 | RESOLVED | Blake Morgan | [ca-compliance] Audit Gap | 2020-05-13T19:58:29Z |
| Trustis: Non-Br-Compliant OCSP Responder | 1426249 | RESOLVED | Blake Morgan | [ca-compliance] | 2018-04-12T18:14:33Z |
| Trustwave: Certs issued with same issuer and serial number | 1405826 | RESOLVED | fcorday | [ca-compliance] | 2017-10-07T08:39:54Z |
| TurkTrust: Failure to respond to January 2018 survey | 1439127 | RESOLVED | Atilla Biler | [ca-compliance] | 2018-05-24T00:15:58Z |
| TurkTrust: Non-audited, non-technically-constrained intermediate certs | 1367842 | RESOLVED | Atilla Biler | [ca-compliance] | 2017-10-09T12:01:43Z |
| Visa: Non-BR-Compliant Certificate Issuance | 1391087 | RESOLVED | Marcelo B. Silva | [ca-compliance] | 2018-10-03T21:19:26Z |
| Visa: Non-BR-Compliant OCSP Responders | 1398261 | RESOLVED | Marcelo B. Silva | [ca-compliance] | 2018-05-23T21:50:27Z |
| Visa: Qualified Audit Statements | 1485851 | RESOLVED | PKI Policy | [ca-compliance] | 2018-10-03T21:18:22Z |
| WISeKey: Failure to disclose intermediate in CCADB | 1503638 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2018-11-01T23:17:43Z |
| WISeKey: Incorrect OCSP Delegated Responder Certificate | 1649939 | RESOLVED | Pedro Fuentes | [ca-compliance] [covid-19] Next Update - 25 October, 2020 | 2020-08-10T20:33:37Z |
| WISeKey: Insufficient Serial Number Entropy | 1540281 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2019-04-15T17:29:35Z |
| WISeKey: Issuance of certificate with two potentially conflicting policy OIDs | 1626868 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2020-04-06T21:43:04Z |
| WISeKey: Non-BR-Compliant Certificate Issuance | 1391089 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2017-11-28T11:14:09Z |
| WISeKey: Revocation of multiple intermediate CAs | 1549308 | RESOLVED | Wayne Thayer | [ca-compliance] | 2019-05-06T22:58:22Z |
| WISeKey: Typo in Organization field | 1609501 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2020-01-24T20:29:51Z |
| WISeKey: Unofficial DBA in Organization field | 1614290 | RESOLVED | Pedro Fuentes | [ca-compliance] | 2020-05-21T02:08:15Z |
660 Total; 0 Open (0%); 658 Resolved (99.7%); 2 Verified (0.3%);
Delayed Revocation
| Summary | ID | Status | Assigned to | Whiteboard | Last change time |
|---|---|---|---|---|---|
| Actalis: delayed revocation related to inaccurate value in stateOrProvinceName | 1670861 | RESOLVED | Adriano Santoni | [ca-compliance] [delayed-revocation-leaf] | 2021-01-27T19:44:39Z |
| Actalis: Failure to revoke certs within the BR required timeframe | 1572638 | RESOLVED | Giorgio Girelli | [ca-compliance] [delayed-revocation-leaf] | 2021-06-07T18:09:57Z |
| Actalis: Failure to revoke within 7 days: OCSP EKU issue | 1651651 | RESOLVED | Adriano Santoni | [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 | 2020-12-29T15:41:55Z |
| Asseco DS / Certum: Failure to revoke intermediate certificates within the BR time period | 1600158 | RESOLVED | Wojciech Trapczyński | [ca-compliance] [delayed-revocation-ca] | 2019-12-03T04:58:45Z |
| Asseco DS/Certum: Failure to revoke within 5 days | 1668523 | RESOLVED | Aleksandra Kurosz | [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-15 | 2021-01-27T19:42:38Z |
| Buypass: Failure to revoke PSD2 QWACs within mandated 5 days | 1628292 | RESOLVED | Mads Henriksveen | [ca-compliance] [delayed-revocation-leaf] Next update 2020-12-01 | 2020-11-20T21:49:34Z |
| Buypass: intermediate certificates not revoked within BR time period | 1598319 | RESOLVED | Mads Henriksveen | [ca-compliance] [delayed-revocation-ca] | 2020-05-19T15:58:04Z |
| Camerfirma: BR revocation period exceeded | 1624658 | RESOLVED | Ana Lopes | [ca-compliance] [delayed-revocation-leaf] [covid-19] | 2020-04-23T05:08:00Z |
| Camerfirma: Decision not to revoke certificates with authorityKeyIdentifier that violates Mozilla Policy | 1609828 | RESOLVED | Juan Angel Martin | [ca-compliance] [delayed-revocation-leaf] | 2020-02-01T20:23:20Z |
| Camerfirma: Delayed revocations related to certificates without CABForum OV Reserved Policy Identifier | 1686966 | RESOLVED | Ana Lopes | [ca-compliance] [delayed-revocation-leaf] | 2021-03-19T18:12:10Z |
| Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident | 1647099 | RESOLVED | Ana Lopes | [ca-compliance] [delayed-revocation-leaf] [covid-19] | 2020-11-13T18:55:50Z |
| Camerfirma: Delayed revocations related to Invalid stateOrProvinceName field | 1668331 | RESOLVED | Juan Angel Martin | [ca-compliance] [delayed-revocation-leaf] | 2021-01-27T19:43:26Z |
| Camerfirma: Failure to revoke within 7 days: OCSP EKU issue | 1652603 | RESOLVED | Eusebio Herrera | [ca-compliance] [delayed-revocation-ca] 2020-12-01 | 2021-04-19T16:08:31Z |
| Camerfirma: Govern d'Andorra audits | 1575530 | RESOLVED | Juan Angel Martin | [ca-compliance] [delayed-revocation-ca] | 2020-10-20T22:57:37Z |
| Camerfirma: Invalid authorityKeyIdentifier, violating Mozilla Policy and RFC 5280 | 1586860 | RESOLVED | Juan Angel Martin | [ca-compliance] [delayed-revocation-ca] | 2020-03-20T07:05:24Z |
| CFCA: O > 64 characters | 1532113 | RESOLVED | Oliver Bi | [ca-compliance] [delayed-revocation-leaf] | 2020-05-21T02:23:13Z |
| D-TRUST: Delayed revocation of EV certificates | 1580525 | RESOLVED | Enrico Entschew | [ca-compliance] [delayed-revocation-leaf] | 2020-05-08T17:26:18Z |
| Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days | 1674082 | RESOLVED | r.delval | [ca-compliance] [delayed-revocation-leaf] | 2021-03-07T05:37:50Z |
| Dhimyotis/Certigna: Failure to revoke in the timeline specified by the BRs | 1685142 | RESOLVED | r.delval | [ca-compliance] [delayed-revocation-leaf] | 2021-01-05T19:23:18Z |
| DigiCert: Delay of revocation for EV audit inconsistency incident | 1651828 | RESOLVED | Brenda Bernal | [ca-compliance] [delayed-revocation-leaf] [covid-19] | 2020-08-13T19:17:14Z |
| DigiCert: Failure to revoke within 7 days: OCSP EKU issue | 1651461 | RESOLVED | Brenda Bernal | [ca-compliance] [delayed-revocation-ca] | 2021-03-11T17:44:32Z |
| E-Tugra: The failure to revoke a certificate | 1687608 | RESOLVED | Davut Tokgöz | [ca-compliance] [delayed-revocation-leaf] | 2021-04-07T14:12:33Z |
| Entrust: Compromised Private Key was not Revoked in Less than 24 Hours | 1611241 | RESOLVED | Dathan Demone | [ca-compliance] [delayed-revocation-leaf] | 2020-02-07T03:21:24Z |
| Entrust: Failure to revoke a certificate | 1636339 | RESOLVED | Bruce Morton | [ca-compliance] [delayed-revocation-leaf] | 2020-08-07T15:02:43Z |
| Entrust: Late Revocation due to SHA-256 hash algorithm | 1651481 | RESOLVED | Bruce Morton | [ca-compliance] [delayed-revocation-leaf] | 2020-11-02T19:18:38Z |
| Entrust: Late Revocation for Invalid State/Province Issue | 1658794 | RESOLVED | Dathan Demone | [ca-compliance][delayed-revocation-leaf] | 2020-10-09T17:54:48Z |
| Entrust: SHA-256 hash algorithm used with ECC P-384 key | 1648472 | RESOLVED | Bruce Morton | [ca-compliance] [delayed-revocation-leaf] Next Update - 21-Sept. 2020 | 2020-09-21T15:54:40Z |
| Firmaprofesional: Failure to revoke ICAs within 7 days: OCSP EKU | 1651637 | RESOLVED | Maria Jose Prieto | [ca-compliance] [delayed-revocation-ca] Next update 2021-04-23 | 2021-05-13T19:50:19Z |
| GlobalSign: Failure to revoke 2 noncompliant QWACs within 5 days | 1625445 | RESOLVED | Paul Brown | [ca-compliance] [delayed-revocation-leaf] | 2020-04-06T13:54:09Z |
| GlobalSign: Failure to revoke noncompliant certificates within 5 days | 1654545 | RESOLVED | Arvid Vermote | [ca-compliance] [delayed-revocation-leaf] | 2020-09-21T15:53:12Z |
| GlobalSign: Failure to revoke noncompliant ICA within 7 days | 1651447 | RESOLVED | Arvid Vermote | [ca-compliance] [delayed-revocation-ca] | 2021-04-30T15:40:24Z |
| GlobalSign: Failure to revoke noncompliant ICA within 7 days | 1599788 | RESOLVED | Arvid Vermote | [ca-compliance] [delayed-revocation-ca] | 2020-05-19T15:33:36Z |
| GlobalSign: ICAs in CCADB, without EKU extension are listed in WTCA report but not in WTBR report | 1591005 | RESOLVED | Arvid Vermote | [ca-compliance] [delayed-revocation-ca] Next Update 2021-03-15 | 2021-03-31T21:53:40Z |
| GlobalSign: Untimely revocation of TLS certificate after submission of private key compromise | 1620922 | RESOLVED | Arvid Vermote | [ca-compliance] [delayed-revocation-leaf] | 2020-03-14T16:56:10Z |
| HARICA: Delayed revocation for non-BR-compliant CA Certificates within 7 days | 1651465 | RESOLVED | Dimitris Zacharopoulos | [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 | 2020-12-09T18:25:23Z |
| IdenTrust: Undisclosed Unrevoked ICAs | 1598807 | RESOLVED | IdenTrust | [ca-compliance] [delayed-revocation-ca] [covid-19] - Next Update - 7-Aug 2020 | 2020-09-09T14:58:48Z |
| Izenpe: Failure to revoke within 5 days | 1656487 | RESOLVED | Oscar Garcia | [ca-compliance][delayed-revocation-leaf] | 2020-11-13T18:48:33Z |
| Izenpe: intermediate certificates not revoked within BR time period | 1598608 | RESOLVED | Oscar Garcia | [ca-compliance] [delayed-revocation-ca] | 2020-02-07T03:13:19Z |
| Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours | 1625322 | RESOLVED | Josh Aas | [ca-compliance] [delayed-revocation-leaf] | 2020-05-29T18:38:51Z |
| Let's Encrypt: Incomplete revocation for CAA rechecking bug | 1619179 | RESOLVED | Josh Aas | [ca-compliance] [delayed-revocation-leaf] | 2020-05-29T18:43:23Z |
| Microsec: Failure to revoke noncompliant ICA within 7 days | 1651632 | RESOLVED | dr. Sándor SZŐKE | [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 | 2020-12-09T18:24:55Z |
| Netlock - Failure to revoke noncompliant ICA within 7 days | 1656882 | RESOLVED | Varga Viktor | [ca-compliance] [delayed-revocation-ca] | 2020-11-13T18:49:06Z |
| Netlock: Delayed revocation report connected to ticket 1680378 | 1688844 | RESOLVED | Varga Viktor | [ca-compliance] [delayed-revocation-leaf] | 2021-04-19T15:52:15Z |
| PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue | 1652604 | RESOLVED | Jorik van 't Hof | [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 | 2021-03-31T21:54:27Z |
| PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue | 1652922 | RESOLVED | Ben Wilson | [ca-compliance] [delayed-revocation-ca] | 2020-07-15T19:11:10Z |
| QuoVadis: Failure to revoke certificates with compromised private keys | 1624504 | RESOLVED | Stephen Davidson | [ca-compliance] [delayed-revocation-leaf] - Next update 31-July 2020 | 2020-07-29T20:24:44Z |
| QuoVadis: Unconstrained CAs missing audits | 1581597 | RESOLVED | Stephen Davidson | [ca-compliance] [delayed-revocation-ca] [covid-19] | 2020-08-16T23:16:22Z |
| QuoVadis: Failure to revoke within 7 days: OCSP EKU issue | 1651553 | RESOLVED | Stephen Davidson | [ca-compliance] [delayed-revocation-ca] Next update 2021-01-22 | 2021-03-31T21:55:05Z |
| QuoVadis: Unconstrained CAs revocation | 1599916 | RESOLVED | Stephen Davidson | [ca-compliance] [delayed-revocation-ca] | 2020-09-10T01:37:22Z |
| SECOM: Delayed Revocation of CA Certificate with OCSP EKU Issue | 1652610 | RESOLVED | Hisashi Kamo | [ca-compliance] [delayed-revocation-ca] | 2021-04-19T15:52:43Z |
| Sectigo: Failure to properly respond to a report of subscriber key compromise | 1635840 | RESOLVED | Robin Alden | [ca-compliance] [delayed-revocation-leaf] | 2020-07-09T01:23:15Z |
| Sectigo: Failure to revoke within 5 days | 1665763 | RESOLVED | Rich Smith | [ca-compliance] [delayed-revocation-leaf] | 2020-11-13T18:42:16Z |
| Sectigo: Non-revocation of certificates with subject:organizationalUnitName in DV certificates | 1620561 | RESOLVED | Nick France | [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-05 | 2021-01-27T19:44:10Z |
| SwissSign: CP/CPS certificate profile issue | 1558552 | RESOLVED | Mike Guenther | [ca-compliance] [delayed-revocation-leaf] | 2020-02-01T23:58:13Z |
| SwissSign: Delayed revocation for mispellings in Location for a number of Certificates | 1613406 | RESOLVED | Mike Guenther | [ca-compliance] [delayed-revocation-leaf] Next Update 31-Aug 2020 | 2020-09-09T14:58:07Z |
| Telekom Security: Delayed Revocations of Sub-CA certificates | 1651487 | RESOLVED | Arnold Essing | [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 | 2020-12-09T18:27:15Z |
| TrustCor: Non-revocation of CA certificates within 7 days | 1599571 | RESOLVED | Neil Dunbar | [ca-compliance] [delayed-revocation-ca] | 2020-04-07T23:59:15Z |
| WISeKey: Failure to meet revocation deadline | 1610767 | RESOLVED | Pedro Fuentes | [ca-compliance] [delayed-revocation-leaf] | 2020-07-06T20:17:55Z |
| WISeKey: Failure to revoke ICA Certificates within 7 days (OCSP EKU) | 1651730 | RESOLVED | Pedro Fuentes | [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 | 2020-12-09T18:26:32Z |
59 Total; 0 Open (0%); 59 Resolved (100%); 0 Verified (0%);
