| 988633 |
GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority |
RESOLVED |
FIXED |
2017-09-20T01:27:06Z |
| 1017157 |
DigiCert: no subject alternative name in Siemens certs |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1029147 |
[meta] Bug for Tracking BR Compliance Issues |
RESOLVED |
WORKSFORME |
2018-01-18T18:13:04Z |
| 1195115 |
Swisscom: certificates without DNS names in subjectAltName |
RESOLVED |
WONTFIX |
2017-05-02T06:37:04Z |
| 1262610 |
DigiCert: ECCE 001 issuing certificates without subject alternative name extension |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1267049 |
Izenpe: EV certificate with various issues |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1304895 |
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension |
RESOLVED |
FIXED |
2018-06-20T16:23:52Z |
| 1335132 |
DigiCert: Verizon mis-issued test certificates |
RESOLVED |
FIXED |
2017-11-28T10:37:09Z |
| 1339339 |
DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1353827 |
DigiCert: DigiCert issued cert with CN too long |
RESOLVED |
FIXED |
2017-09-21T04:55:30Z |
| 1357067 |
Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName |
RESOLVED |
FIXED |
2017-10-13T16:52:00Z |
| 1367842 |
TurkTrust: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-10-09T12:01:43Z |
| 1368171 |
Firmaprofesional: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-10-13T21:42:23Z |
| 1368176 |
DigiCert: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-09-18T14:26:46Z |
| 1368178 |
Symantec: Non-audited, non-technically-constrained intermediate cert |
RESOLVED |
FIXED |
2017-08-18T21:57:16Z |
| 1369342 |
StartCom: 'un-revoking' intermediate certificates |
RESOLVED |
FIXED |
2017-09-21T14:04:49Z |
| 1369359 |
StartCom: mis-issuance of certs with unvalidated domain names and bogus field values |
RESOLVED |
FIXED |
2017-10-09T12:02:21Z |
| 1374381 |
SwissSign: BRs require full annual audits |
RESOLVED |
FIXED |
2018-08-07T00:59:16Z |
| 1386891 |
Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB |
RESOLVED |
FIXED |
2017-10-24T09:52:02Z |
| 1386894 |
StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL |
RESOLVED |
DUPLICATE |
2017-09-21T23:32:55Z |
| 1389172 |
DigiCert: Certificate Issues Identified on the Mailing List |
RESOLVED |
FIXED |
2017-09-20T05:01:50Z |
| 1390974 |
Actalis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-09-20T05:24:05Z |
| 1390977 |
Camerfirma: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-03-02T21:18:42Z |
| 1390978 |
Certinomis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-29T14:19:25Z |
| 1390979 |
certSIGN: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-10-13T18:10:15Z |
| 1390981 |
Comodo: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-08T11:36:13Z |
| 1390988 |
Consorci AOC: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-08-01T18:33:24Z |
| 1390990 |
D-TRUST: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-04-02T00:52:50Z |
| 1390991 |
Disig: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T22:09:08Z |
| 1390994 |
DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T13:23:51Z |
| 1390996 |
Entrust: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T11:53:40Z |
| 1390997 |
GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields |
RESOLVED |
FIXED |
2017-09-05T19:52:28Z |
| 1390998 |
Kamu SM: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-08-24T19:03:11Z |
| 1391000 |
IdenTrust: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-10-13T16:09:23Z |
| 1391054 |
Izenpe: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-01-15T16:59:19Z |
| 1391055 |
Microsec e-Szigno: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T12:04:56Z |
| 1391056 |
NetLock: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T22:13:50Z |
| 1391058 |
PROCERT: Non-BR-Compliant Certificate Issuance |
RESOLVED |
DUPLICATE |
2017-10-18T13:50:29Z |
| 1391063 |
QuoVadis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-10-12T18:26:47Z |
| 1391064 |
SECOM: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T21:45:58Z |
| 1391066 |
SwissSign: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-30T16:21:32Z |
| 1391067 |
Symantec: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T21:52:08Z |
| 1391068 |
Taiwan-CA: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-01-03T21:03:14Z |
| 1391074 |
T-Systems: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-01-24T22:24:28Z |
| 1391087 |
Visa: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-10-03T21:19:26Z |
| 1391089 |
WISeKey: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-28T11:14:09Z |
| 1391429 |
GoDaddy: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T10:21:56Z |
| 1391864 |
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-09-01T14:34:07Z |
| 1391867 |
Let's Encrypt: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-08-21T19:00:02Z |
| 1393555 |
GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName |
RESOLVED |
FIXED |
2017-12-05T15:44:16Z |
| 1393557 |
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits |
RESOLVED |
FIXED |
2017-11-22T14:44:37Z |
| 1397832 |
GRCA: Signing SHA-1 OCSP responses with unconstrained certificate |
RESOLVED |
FIXED |
2017-11-28T11:47:07Z |
| 1397951 |
DigiCert / InfoCert: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2017-10-13T21:36:08Z |
| 1397954 |
DigiCert / Siemens: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2017-10-12T12:59:18Z |
| 1397957 |
DigiCert / CTJ: Metadata in OU fields, Reserved IP Address |
RESOLVED |
FIXED |
2019-01-14T22:06:51Z |
| 1397958 |
DigiCert / Terena: Metadata in OU fields |
RESOLVED |
FIXED |
2017-09-20T05:13:05Z |
| 1397960 |
DigiCert / Telecom Italia: Several Problems |
RESOLVED |
FIXED |
2018-08-28T17:49:02Z |
| 1397961 |
DigiCert / Justica: Invalid DNS names |
RESOLVED |
FIXED |
2018-06-25T18:42:27Z |
| 1397963 |
DigiCert / Wells Fargo: Invalid DNS names |
RESOLVED |
FIXED |
2018-02-06T17:24:54Z |
| 1397965 |
DigiCert / Swiss Government: CommonName not in SANs |
RESOLVED |
FIXED |
2017-09-20T05:36:53Z |
| 1397968 |
DigiCert / Verizon: Reserved/Intranet domain name |
RESOLVED |
DUPLICATE |
2017-09-08T12:24:16Z |
| 1397969 |
DigiCert / Inteso San Paulo: Double dot characters |
RESOLVED |
FIXED |
2018-02-05T19:06:40Z |
| 1398233 |
Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-11-28T11:57:11Z |
| 1398240 |
Firmaprofesional: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-04T00:32:43Z |
| 1398242 |
Disig: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-23T21:13:21Z |
| 1398243 |
certSIGN: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-02-07T18:05:33Z |
| 1398246 |
Consorci AOC: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-10-12T17:25:25Z |
| 1398247 |
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2019-01-03T21:15:06Z |
| 1398251 |
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-11-28T12:05:23Z |
| 1398255 |
IdenTrust: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-11T15:33:46Z |
| 1398258 |
Izenpe: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-10-11T15:26:13Z |
| 1398259 |
SECOM: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-03-02T15:26:03Z |
| 1398261 |
Visa: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-23T21:50:27Z |
| 1398269 |
DigiCert: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-06-21T17:23:31Z |
| 1398427 |
ISRG / Let's Encrypt: CAA Misissuances |
RESOLVED |
FIXED |
2017-09-21T16:48:03Z |
| 1398428 |
Amazon: CAA Misissuances |
RESOLVED |
FIXED |
2017-11-03T12:10:13Z |
| 1398545 |
Comodo: CAA Misissuance |
RESOLVED |
FIXED |
2017-12-06T16:36:39Z |
| 1401211 |
NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName |
RESOLVED |
FIXED |
2017-10-24T14:14:40Z |
| 1401486 |
T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 |
RESOLVED |
FIXED |
2018-01-18T13:14:56Z |
| 1404403 |
SwissSign: Two certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-12T16:54:04Z |
| 1405815 |
Camerfirma: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-13T08:25:10Z |
| 1405817 |
Actalis: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2018-01-18T15:49:40Z |
| 1405826 |
Trustwave: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-07T08:39:54Z |
| 1409735 |
RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone |
RESOLVED |
FIXED |
2018-02-09T21:58:17Z |
| 1409760 |
StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record |
RESOLVED |
WONTFIX |
2017-11-28T12:14:29Z |
| 1409764 |
Certum: CAA mis-issuance on critical flag and unknown CAA tag |
RESOLVED |
FIXED |
2017-11-28T16:43:00Z |
| 1409766 |
Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record |
RESOLVED |
FIXED |
2019-01-03T00:02:13Z |
| 1409859 |
Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone |
RESOLVED |
INVALID |
2017-11-28T12:17:06Z |
| 1410834 |
Comodo: CAA Mis-Issuance on basic test case |
RESOLVED |
FIXED |
2018-05-23T22:19:09Z |
| 1412950 |
Firmaprofesional: Insufficient Audit Statements |
RESOLVED |
FIXED |
2019-07-05T11:51:32Z |
| 1413761 |
Digicert/Symantec: EV JOI Issue |
RESOLVED |
FIXED |
2017-11-28T12:18:04Z |
| 1417771 |
DigiCert: Symantec non-constrained/non-disclosed intermediates |
RESOLVED |
FIXED |
2018-08-27T14:00:16Z |
| 1417777 |
DigiCert: Insufficient entropy in serial numbers |
RESOLVED |
FIXED |
2017-11-28T12:19:34Z |
| 1420766 |
AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
INVALID |
2017-11-29T15:41:06Z |
| 1420858 |
Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
FIXED |
2017-12-06T15:51:14Z |
| 1420860 |
Asseco/Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
FIXED |
2018-07-18T21:38:55Z |
| 1420861 |
DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
INVALID |
2017-11-30T22:14:19Z |
| 1420871 |
Camerfirma: Potential Mis-Issuance based on CAA records |
RESOLVED |
FIXED |
2018-01-17T17:58:16Z |
| 1420873 |
Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) |
RESOLVED |
INVALID |
2017-12-06T17:53:07Z |
| 1423624 |
Comodo: CAA misissuances due to race condition |
RESOLVED |
FIXED |
2017-12-20T14:53:35Z |
| 1425805 |
Consorci AOC: Insufficient Audit Statements |
RESOLVED |
FIXED |
2019-01-03T21:31:17Z |
| 1425998 |
Certinomis/Docapost: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-16T22:37:43Z |
| 1426009 |
T-Systems: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-04T17:58:05Z |
| 1426233 |
Camerfirma: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-04T17:04:02Z |
| 1426238 |
QuoVadis: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-09-24T18:07:08Z |
| 1426247 |
Telia: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-06-27T21:23:24Z |
| 1426249 |
Trustis: Non-Br-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-04-12T18:14:33Z |
| 1428832 |
Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert |
RESOLVED |
FIXED |
2018-01-09T16:46:49Z |
| 1428877 |
SwissSign: Invalid DNSName in SAN |
RESOLVED |
FIXED |
2019-01-14T16:22:58Z |
| 1428891 |
Entrust: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-01-26T02:43:12Z |
| 1430909 |
Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) |
RESOLVED |
FIXED |
2018-09-24T18:07:08Z |
| 1431164 |
Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field |
RESOLVED |
FIXED |
2018-05-24T16:47:45Z |
| 1435770 |
Certum: Non-BR-Compliant Issuance - Debian Weak Keys |
RESOLVED |
FIXED |
2018-02-20T23:39:58Z |
| 1436173 |
Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-08-22T17:52:32Z |
| 1439123 |
GoDaddy: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-02-26T16:07:07Z |
| 1439126 |
Certinomis/Docapost: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-24T00:15:29Z |
| 1439127 |
TurkTrust: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-24T00:15:58Z |
| 1439128 |
E-Tugra: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-30T23:13:01Z |
| 1439129 |
DSV-Gruppe: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-08T00:00:16Z |
| 1442091 |
Unrevocation of BT Class 2 CA - G2 CA Certificate |
RESOLVED |
FIXED |
2019-02-20T17:14:17Z |
| 1443731 |
SwissSign: Cert issued with a to long validity period |
RESOLVED |
FIXED |
2018-10-19T20:25:29Z |
| 1443857 |
Camerfirma: Non-BR-Compliant Issuance - DNSName is empty |
RESOLVED |
FIXED |
2018-05-17T17:52:09Z |
| 1444455 |
DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates |
RESOLVED |
FIXED |
2019-01-03T21:39:32Z |
| 1445857 |
Mis-issuance of certificate with https in CN/SAN |
RESOLVED |
FIXED |
2018-03-30T16:56:44Z |
| 1446080 |
Let's Encrypt: Improper encoding of wildcard certificates |
RESOLVED |
FIXED |
2018-03-23T00:21:14Z |
| 1446121 |
IdenTrust: Improper encoding of wildcard certificate |
RESOLVED |
FIXED |
2018-08-13T20:35:15Z |
| 1447192 |
DigiCert Onion Certs |
RESOLVED |
FIXED |
2018-06-03T18:53:15Z |
| 1447497 |
DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA |
RESOLVED |
WORKSFORME |
2018-03-23T23:33:01Z |
| 1448986 |
Entrust - IP Address in dNSName form |
RESOLVED |
FIXED |
2019-05-15T00:13:50Z |
| 1449371 |
E-Tugra: Validity period > 825 days |
RESOLVED |
FIXED |
2018-04-20T21:23:08Z |
| 1451228 |
Certum: EV certificate mis-issue |
RESOLVED |
FIXED |
2018-07-02T11:37:53Z |
| 1451446 |
DigiCert: ABB greater than 825 day cert issuance |
RESOLVED |
FIXED |
2019-02-15T21:24:46Z |
| 1451578 |
Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea |
RESOLVED |
FIXED |
2018-09-07T21:08:26Z |
| 1451949 |
Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB |
RESOLVED |
FIXED |
2018-04-10T16:06:01Z |
| 1451950 |
DigiCert: Intermediate Cert(s) not disclosed in CCADB |
RESOLVED |
FIXED |
2018-10-12T19:24:48Z |
| 1451953 |
TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB |
RESOLVED |
FIXED |
2018-10-12T18:10:43Z |
| 1452671 |
SECOM: TSA Certs Issued from Root |
RESOLVED |
FIXED |
2018-12-14T16:16:09Z |
| 1455119 |
Firmaprofesional: Undisclosed Intermediate certificate |
RESOLVED |
FIXED |
2019-01-03T22:38:48Z |
| 1455128 |
Certicamara: Undisclosed Intermediate certificates |
RESOLVED |
FIXED |
2019-01-04T16:58:08Z |
| 1455132 |
SwissSign: Undisclosed Intermediate Certificates |
RESOLVED |
FIXED |
2018-11-01T16:50:36Z |
| 1455137 |
T-Systems: Undisclosed Intermediate certificate |
RESOLVED |
FIXED |
2019-04-02T00:54:17Z |
| 1455147 |
Camerfirma: Missing audit for Intermediate certificate |
RESOLVED |
FIXED |
2018-08-08T00:29:24Z |
| 1455150 |
DigiCert: Missing audits for Intermediate certificates |
RESOLVED |
FIXED |
2018-08-16T21:53:08Z |
| 1458038 |
DocuSign/Keynectis: Missing BR Self Assessment |
RESOLVED |
WONTFIX |
2019-01-04T20:57:58Z |
| 1458042 |
Government of Spain (ACCV): Missing BR Self Assessment |
RESOLVED |
FIXED |
2018-05-23T18:41:53Z |
| 1458064 |
Firmaprofesional: Missing BR Self Assessment |
RESOLVED |
FIXED |
2018-05-23T18:42:58Z |
| 1459557 |
SwissSign: Certificate issue with Signature |
RESOLVED |
FIXED |
2018-10-19T19:29:09Z |
| 1461391 |
Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation |
RESOLVED |
FIXED |
2019-01-04T20:49:48Z |
| 1462735 |
Let's Encrypt: Case-sensitive CAA tag processing |
RESOLVED |
FIXED |
2018-05-24T23:58:37Z |
| 1462797 |
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString |
RESOLVED |
FIXED |
2019-02-20T16:59:33Z |
| 1462844 |
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString |
RESOLVED |
FIXED |
2019-01-09T23:36:41Z |
| 1464286 |
Swisscom: Missing Audits for Unconstrained Intermediate Certificates |
RESOLVED |
FIXED |
2018-07-18T22:30:38Z |
| 1464335 |
Incident Report: Firmaprofesional: Undisclosed Intermediate certificate SIGNE |
RESOLVED |
FIXED |
2018-05-31T19:00:50Z |
| 1464359 |
Incident Report: Firmaprofesional: Undisclosed Intermediate certificate SDS |
RESOLVED |
FIXED |
2018-11-09T20:04:10Z |
| 1465600 |
DigiCert: Invalid Country Code Issuance |
RESOLVED |
FIXED |
2019-06-28T20:18:33Z |
| 1466252 |
Cybertrust Japan: three test websites not provided |
RESOLVED |
FIXED |
2019-02-20T01:38:01Z |
| 1467110 |
OCSP responding good for non-issued certs by Consorci AOC root already solved |
RESOLVED |
DUPLICATE |
2018-10-03T21:47:26Z |
| 1467414 |
(GDCA) Misissuance of certificates with small RSA keys |
RESOLVED |
FIXED |
2018-06-27T15:49:22Z |
| 1468000 |
Invalid country field for Camerfirma root CA certificates |
RESOLVED |
INVALID |
2018-06-14T21:42:26Z |
| 1472052 |
Quovadis: Certificate containing Debian weak key |
RESOLVED |
FIXED |
2019-01-09T20:16:01Z |
| 1473971 |
SwissSign: Domain validated certificate but with stateOrProvinceName |
RESOLVED |
FIXED |
2018-08-31T20:58:40Z |
| 1475115 |
Telia: Qualified Audit Statements |
RESOLVED |
FIXED |
2019-02-06T20:40:38Z |
| 1475563 |
GDCA: Misissuance of certificates with IP address |
RESOLVED |
INVALID |
2018-07-18T17:09:49Z |
| 1478933 |
Camerfirma, Qualified Audit Statements |
RESOLVED |
FIXED |
2019-01-04T21:32:02Z |
| 1481862 |
Camerfirma: MULTICERT organizationName Too Long |
RESOLVED |
FIXED |
2019-04-16T22:53:44Z |
| 1483715 |
DigiCert: improper domain validation |
RESOLVED |
FIXED |
2018-11-16T22:57:12Z |
| 1484766 |
GoDaddy: Random Value Vulnerability in Domain Validation |
RESOLVED |
FIXED |
2019-01-04T21:39:07Z |
| 1485413 |
Certigna: Issuance without respecting CAA records |
RESOLVED |
FIXED |
2019-01-04T21:45:05Z |
| 1485851 |
Visa: Qualified Audit Statements |
RESOLVED |
FIXED |
2018-10-03T21:18:22Z |
| 1486650 |
Let's Encrypt: OCSP "unauthorized" responses |
RESOLVED |
FIXED |
2018-10-12T18:22:32Z |
| 1493760 |
QuoVadis: improper countryName format |
RESOLVED |
FIXED |
2018-10-12T18:25:53Z |
| 1495507 |
Government of Spain FNMT: OU exceeds 64 characters |
RESOLVED |
FIXED |
2019-02-02T01:18:43Z |
| 1495518 |
Assecco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) |
RESOLVED |
FIXED |
2019-07-18T21:36:35Z |
| 1495524 |
Certinomis: Unqualified Domain Name in SAN |
RESOLVED |
FIXED |
2019-05-23T19:05:35Z |
| 1496088 |
Certinomis: certificate for test.com, O=Entreprise TEST |
RESOLVED |
FIXED |
2019-05-23T19:08:46Z |
| 1497700 |
DocuSign/Keynectis: Undisclosed Intermediate certificate |
RESOLVED |
WONTFIX |
2019-01-04T22:10:37Z |
| 1497703 |
SECOM: Undisclosed intermediate certificates |
RESOLVED |
FIXED |
2018-11-01T16:39:33Z |
| 1498409 |
Certicamara: Failure to respond to September 2018 CA Survey |
RESOLVED |
FIXED |
2019-01-04T21:35:16Z |
| 1498463 |
T-Systems: Improperly encoded QCStatements extension |
RESOLVED |
FIXED |
2019-01-29T18:49:50Z |
| 1499585 |
Digicert: Undisclosed CAs -Federated Trust CA-1 |
RESOLVED |
FIXED |
2018-11-01T17:24:34Z |
| 1500593 |
Identrust: Internal names / failure to report |
RESOLVED |
FIXED |
2019-01-04T22:15:28Z |
| 1500621 |
Digicert: Internal Domain Name cert mis-issuance |
RESOLVED |
FIXED |
2018-11-16T23:02:54Z |
| 1503128 |
Certinomis: email address in DNS SAN |
RESOLVED |
FIXED |
2019-05-23T19:07:55Z |
| 1503638 |
WISeKey: Failure to disclose intermediate in CCADB |
RESOLVED |
FIXED |
2018-11-01T23:17:43Z |
| 1506607 |
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier |
RESOLVED |
FIXED |
2019-05-20T17:43:59Z |
| 1507862 |
Government of Spain (ACCV): Late Audit Statement |
RESOLVED |
FIXED |
2019-01-02T23:09:35Z |
| 1509002 |
Camerfirma: MULTICERT certificates with a validity period greater than 825 days |
RESOLVED |
FIXED |
2019-04-16T22:52:13Z |
| 1509512 |
D-TRUST: syntax error in one tls certificate |
RESOLVED |
FIXED |
2019-02-20T01:22:27Z |
| 1511459 |
Certum CA: Corrupted certificates |
RESOLVED |
FIXED |
2018-12-19T00:39:14Z |
| 1512018 |
Entrust: Certificate issued with '-' in ST field |
RESOLVED |
FIXED |
2019-05-15T00:11:12Z |
| 1512270 |
Microsec: Validity period greater than 825 days |
RESOLVED |
FIXED |
2019-02-02T15:12:26Z |
| 1515564 |
DigiCert: Underscore character certificates |
RESOLVED |
DUPLICATE |
2018-12-21T17:59:51Z |
| 1515788 |
DigiCert: Underscores - CVS Pharmacy |
RESOLVED |
FIXED |
2019-02-15T19:24:57Z |
| 1516453 |
DigiCert: Underscores - Discover |
RESOLVED |
FIXED |
2019-02-15T19:25:18Z |
| 1516545 |
DigiCert: Underscores - Verizon |
RESOLVED |
FIXED |
2019-03-03T20:28:38Z |
| 1516561 |
DigiCert: Underscores - Canadian Imperial Bank of Commerce |
RESOLVED |
FIXED |
2019-02-26T22:13:42Z |
| 1516599 |
DigiCert: Underscores - Ericsson |
RESOLVED |
FIXED |
2019-07-31T23:48:08Z |
| 1517617 |
DigiCert: Underscores - Citi |
RESOLVED |
FIXED |
2019-07-31T23:48:03Z |
| 1518553 |
Sectigo: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-08-10T23:01:04Z |
| 1518555 |
DigiCert: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-01-15T18:25:22Z |
| 1518560 |
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-02-19T17:42:51Z |
| 1519260 |
QuoVadis: Multiple unreported misissuances in 2018 |
RESOLVED |
FIXED |
2019-04-26T21:15:39Z |
| 1519265 |
QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs |
RESOLVED |
FIXED |
2019-02-20T01:35:24Z |
| 1519572 |
DigiCert: Underscores - Intuit |
RESOLVED |
FIXED |
2019-05-01T23:26:22Z |
| 1520876 |
Entrust: Late mis-issue certificate revocation |
RESOLVED |
FIXED |
2019-02-20T01:28:10Z |
| 1521520 |
Entrust: Late revocation of underscore certificate |
RESOLVED |
FIXED |
2019-02-01T03:45:24Z |
| 1521623 |
Amazon: Failure to comply with RFC 5280 |
RESOLVED |
INVALID |
2019-02-05T23:01:29Z |
| 1521950 |
QuoVadis: BR Error - san dns name starts with period |
RESOLVED |
FIXED |
2019-04-26T21:14:44Z |
| 1522080 |
T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 |
RESOLVED |
INVALID |
2019-02-04T23:34:01Z |
| 1522975 |
Google: Improper OCSP response for intermediate certificate |
RESOLVED |
FIXED |
2019-06-29T00:38:06Z |
| 1523676 |
DigiCert: Good OCSP Responses for Revoked Intermediates |
RESOLVED |
FIXED |
2019-04-04T18:12:09Z |
| 1523680 |
Actalis: Non BR Compliant OCSP Responder |
RESOLVED |
FIXED |
2019-02-20T17:33:18Z |
| 1524050 |
Telia: Misissued certificate - invalid dnsName |
RESOLVED |
FIXED |
2019-06-28T23:31:27Z |
| 1524094 |
Certinomis: invalid DNS names in SAN |
RESOLVED |
FIXED |
2019-05-23T19:09:18Z |
| 1524103 |
Certinomis: invalid state and locality fields in subject |
RESOLVED |
FIXED |
2019-08-11T21:22:11Z |
| 1524112 |
Certinomis: O=POUR TEST in subject |
RESOLVED |
FIXED |
2019-05-23T19:06:35Z |
| 1524143 |
CFCA: Internal iPAddress in certificate |
RESOLVED |
FIXED |
2019-04-08T19:26:05Z |
| 1524195 |
Asseco DS / Certum: Invalid dnsNames |
RESOLVED |
FIXED |
2019-07-01T20:30:10Z |
| 1524448 |
Certinomis: misissued "test" certificates |
RESOLVED |
FIXED |
2019-05-23T19:06:56Z |
| 1524449 |
Certinomis: validity period >825 days |
RESOLVED |
FIXED |
2019-05-23T19:07:29Z |
| 1524451 |
Certinomis: invalid CDP extension |
RESOLVED |
FIXED |
2019-05-14T00:00:43Z |
| 1524452 |
SECOM: certificate for .test TLD |
RESOLVED |
FIXED |
2019-03-29T16:05:47Z |
| 1524567 |
Telia: invalid IP value in SAN DNS field |
RESOLVED |
FIXED |
2019-06-28T23:56:57Z |
| 1524730 |
Sectigo: invalid dnsName |
RESOLVED |
FIXED |
2019-08-03T03:40:41Z |
| 1524816 |
SECOM: failure to revoke underscores |
RESOLVED |
FIXED |
2019-02-21T22:32:27Z |
| 1524875 |
DigiCert: IP in dnsName |
RESOLVED |
FIXED |
2019-05-17T22:05:40Z |
| 1524876 |
Entrust: IP in dnsName |
RESOLVED |
FIXED |
2019-03-01T16:09:50Z |
| 1524877 |
GlobalSign: IP in dnsName |
RESOLVED |
FIXED |
2019-02-21T22:38:00Z |
| 1524878 |
Asseco/Certum: IP in dnsName |
RESOLVED |
DUPLICATE |
2019-02-04T18:36:02Z |
| 1524879 |
QuoVadis: IP in dnsName |
RESOLVED |
FIXED |
2019-03-07T21:07:14Z |
| 1525710 |
Amazon: Test revoked certificates with invalid validity period |
RESOLVED |
FIXED |
2019-03-04T19:54:07Z |
| 1526099 |
Identrust: Discrepancy in values of address fields within CN of SSL Certificates |
RESOLVED |
FIXED |
2019-07-01T20:22:40Z |
| 1526154 |
DigiCert: Missed Underscore Certificate Revocations |
RESOLVED |
FIXED |
2019-04-25T00:24:49Z |
| 1527423 |
DigiCert: P-384,ecdsa-with-SHA512 Certificates |
RESOLVED |
FIXED |
2019-07-18T00:25:43Z |
| 1528259 |
Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field |
RESOLVED |
FIXED |
2019-08-11T00:31:52Z |
| 1528261 |
Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) |
RESOLVED |
FIXED |
2019-08-11T00:33:27Z |
| 1528263 |
Telia: Misissued certificate - Invalid wildcard format |
RESOLVED |
FIXED |
2019-07-03T23:49:06Z |
| 1528264 |
Telia: Misissued certificate - Invalid OU value "-" |
RESOLVED |
FIXED |
2019-06-28T23:18:30Z |
| 1528290 |
Izenpe: OU > 64 characters |
RESOLVED |
FIXED |
2019-03-04T16:05:12Z |
| 1530623 |
QuoVadis: IPaddress in DNSname SAN |
RESOLVED |
FIXED |
2019-04-26T21:14:01Z |
| 1530718 |
T-Systems: Invalid SAN Entries |
RESOLVED |
FIXED |
2019-08-11T00:39:40Z |
| 1530971 |
Harica: P-384,ecdsa-with-SHA256 Certificates |
RESOLVED |
FIXED |
2019-05-02T08:20:27Z |
| 1531800 |
QuoVadis: DarkMatter Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-26T20:51:51Z |
| 1531817 |
DigiCert: in-addr.arpa Misissuance |
RESOLVED |
FIXED |
2019-07-01T22:43:48Z |
| 1532105 |
SECOM: CrossTrust: OU > 64 characters |
RESOLVED |
FIXED |
2019-08-11T00:28:45Z |
| 1532112 |
KIR S.A.: O > 64 characters |
RESOLVED |
DUPLICATE |
2019-03-04T18:46:30Z |
| 1532313 |
Comodo: Possible CAA Misissuance due against critical record |
RESOLVED |
INVALID |
2019-03-04T19:19:44Z |
| 1532399 |
TrustCor: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-03-15T18:59:10Z |
| 1532429 |
CFCA: Invalid TLD in SAN |
RESOLVED |
FIXED |
2019-06-28T20:27:26Z |
| 1532842 |
Google Trust Services: 63 bit serial numbers in some certificates |
RESOLVED |
FIXED |
2019-07-15T19:03:22Z |
| 1533655 |
DigiCert: Apple: Non-compliant Serial Numbers |
RESOLVED |
FIXED |
2019-07-20T00:56:21Z |
| 1533899 |
Quovadis: Insufficient Serial Number Entropy |
RESOLVED |
INVALID |
2019-03-15T18:53:58Z |
| 1534145 |
SSL.com: P-384 curve / ecdsa-with-SHA256 certificates |
RESOLVED |
FIXED |
2019-04-18T20:29:58Z |
| 1534147 |
SSL.com: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-11T18:35:49Z |
| 1534295 |
Actalis: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-09T16:41:07Z |
| 1534429 |
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-14T07:30:49Z |
| 1534535 |
QuoVadis / Siemens: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-01T08:49:55Z |
| 1534580 |
DFN-PKI: 40 OV certificates with wrong ST |
RESOLVED |
FIXED |
2019-07-29T16:46:37Z |
| 1535509 |
HARICA: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-03-29T07:03:19Z |
| 1535735 |
Entrust - Issued Certificates to incorrect Organization |
RESOLVED |
FIXED |
2019-06-27T18:28:34Z |
| 1535772 |
HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates |
RESOLVED |
FIXED |
2019-04-19T16:55:13Z |
| 1535869 |
Taiwan-CA: Invalid SAN Entries |
RESOLVED |
FIXED |
2019-06-28T17:45:38Z |
| 1535873 |
GlobalSign: AT&T Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-24T20:39:18Z |
| 1536082 |
T-Systems: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-11T04:11:20Z |
| 1536213 |
ACCV: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-07-23T15:55:50Z |
| 1536287 |
Entrust - AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue |
RESOLVED |
FIXED |
2019-03-29T21:15:02Z |
| 1536760 |
GlobalSign: Virginia Tech Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-08T19:20:07Z |
| 1536831 |
GDCA: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-29T00:35:52Z |
| 1538673 |
Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-22T22:09:56Z |
| 1539190 |
Kamu SM: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-05-14T00:32:23Z |
| 1539296 |
Digicert: KPN Outdated Audit |
RESOLVED |
FIXED |
2019-06-29T00:30:54Z |
| 1539307 |
Buypass: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-28T16:36:43Z |
| 1539358 |
SECOM: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-05-17T17:44:06Z |
| 1539531 |
Certinomis: certificates with space in dNSName SAN |
RESOLVED |
FIXED |
2019-05-07T23:09:23Z |
| 1540281 |
WISeKey: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-15T17:29:35Z |
| 1540315 |
QuoVadis: LLB insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-07-01T22:27:39Z |
| 1540961 |
Atos: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-29T00:36:27Z |
| 1541064 |
SwissSign: Error in OrganisationIdentifier in signature/seal certificate |
RESOLVED |
FIXED |
2019-04-25T18:50:24Z |
| 1542082 |
Identrust: Failure to disclose Unconstrained intermediate Within 7 Days |
RESOLVED |
FIXED |
2019-08-11T00:36:21Z |
| 1542302 |
E-Tugra: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-05-01T23:30:32Z |
| 1542328 |
Certinomis: Invalid TLD in SAN |
RESOLVED |
FIXED |
2019-05-23T19:04:05Z |
| 1542793 |
Certinomis: Invalid SAN in a certificate |
RESOLVED |
FIXED |
2019-05-07T23:04:38Z |
| 1544586 |
Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. |
RESOLVED |
FIXED |
2019-08-11T00:41:10Z |
| 1544712 |
SECOM: certificate for which “OU=-” |
RESOLVED |
FIXED |
2019-08-11T03:59:14Z |
| 1544722 |
SECOM: certificate for which “L” and “ST” not set |
RESOLVED |
FIXED |
2019-07-29T04:25:44Z |
| 1544933 |
Certinomis: certificates for an unregistered domain, with unknown OCSP status |
RESOLVED |
FIXED |
2019-05-23T19:04:35Z |
| 1546253 |
GDCA: Authentication of Organization Identity Failure for an OV Certificate |
RESOLVED |
FIXED |
2019-08-11T00:30:23Z |
| 1546776 |
SecureTrust: Unvalidated domain in certificate |
RESOLVED |
FIXED |
2019-08-11T00:35:09Z |
| 1547072 |
Certinomis: Use of Domain Validation Method 3.2.2.4.5 after August 1, 2018 |
RESOLVED |
INVALID |
2019-05-10T00:36:48Z |
| 1548714 |
SECOM: "Default City" in Subject:localityName |
RESOLVED |
FIXED |
2019-08-10T23:54:14Z |
| 1548716 |
DigiCert: Verizon: "Default City" in Subject:localityName |
RESOLVED |
FIXED |
2019-05-20T22:42:46Z |
| 1548719 |
DigiCert: Revoked intermediate certificates not in CRL |
RESOLVED |
FIXED |
2019-08-06T17:44:41Z |
| 1548720 |
SSL.com: CRL not found - SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl |
RESOLVED |
FIXED |
2019-06-28T23:28:47Z |
| 1549308 |
WISeKey: Revocation of multiple intermediate CAs |
RESOLVED |
INVALID |
2019-05-06T22:58:22Z |
| 1550575 |
Asseco DS / Certum: commonName not from subjectAltName entries |
RESOLVED |
FIXED |
2019-07-18T21:28:15Z |
| 1550576 |
SSL.com: Expired CRLs |
RESOLVED |
INVALID |
2019-05-13T22:08:57Z |
| 1551357 |
Certinomis: certificates with invalid DNS SAN |
RESOLVED |
FIXED |
2019-05-23T19:03:16Z |
| 1551364 |
SwissSign: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-06-25T23:41:48Z |
| 1551369 |
Kamu SM: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-01T20:14:47Z |
| 1551371 |
T-Systems: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-03T21:10:08Z |
| 1551374 |
SecureTrust: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-24T17:56:25Z |
| 1551375 |
certSIGN: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-24T22:13:19Z |
| 1551390 |
Certinomis: 174 certificates with unknown OCSP status |
RESOLVED |
FIXED |
2019-05-23T19:05:03Z |
| 1552562 |
Entrust: Question marks in certificate O and L fields |
RESOLVED |
FIXED |
2019-06-28T16:25:38Z |
| 1552586 |
GlobalSign: 4 Misissued certificates with invalid CN |
RESOLVED |
FIXED |
2019-08-11T04:15:08Z |
| 1554259 |
GlobalSign: SPKI lacks explicit NULL parameter, |
RESOLVED |
FIXED |
2019-08-10T23:46:27Z |
| 1557085 |
Camerfirma: Intesa Sanpaolo misissued certificates |
RESOLVED |
FIXED |
2019-08-03T03:38:32Z |
| 1560234 |
SECOM: Ambiguity on KeyUsage with ECC public key |
RESOLVED |
INVALID |
2019-07-29T04:40:48Z |
| 1563575 |
Telia: Failure to disclose Unconstrained Intermediate within 7 Days |
RESOLVED |
FIXED |
2019-07-22T18:47:09Z |
| 1563917 |
QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) |
RESOLVED |
FIXED |
2019-08-10T23:44:21Z |
| 1565494 |
CFCA: Missed CPS update publication on website in 2018 |
RESOLVED |
FIXED |
2019-08-15T14:06:59Z |
| 1566580 |
LuxTrust: Overdue Audit Statements 2019 |
RESOLVED |
WORKSFORME |
2019-07-31T17:42:02Z |
| 1567062 |
Asseco: inconsistent disclosure of externally-operated intermediate |
RESOLVED |
FIXED |
2019-08-09T16:27:08Z |
| 1569266 |
Amazon: No Space In Private Organization |
RESOLVED |
FIXED |
2019-08-10T23:03:35Z |
