| 988633 |
GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority |
RESOLVED |
FIXED |
2017-09-20T01:27:06Z |
| 1017157 |
DigiCert: no subject alternative name in Siemens certs |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1029147 |
[meta] Bug for Tracking BR Compliance Issues |
RESOLVED |
WORKSFORME |
2018-01-18T18:13:04Z |
| 1195115 |
Swisscom: certificates without DNS names in subjectAltName |
RESOLVED |
WONTFIX |
2017-05-02T06:37:04Z |
| 1262610 |
DigiCert: ECCE 001 issuing certificates without subject alternative name extension |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1267049 |
Izenpe: EV certificate with various issues |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1304895 |
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension |
RESOLVED |
FIXED |
2018-06-20T16:23:52Z |
| 1335132 |
DigiCert: Verizon mis-issued test certificates |
RESOLVED |
FIXED |
2017-11-28T10:37:09Z |
| 1339339 |
DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID |
RESOLVED |
FIXED |
2017-04-26T19:23:50Z |
| 1353827 |
DigiCert: DigiCert issued cert with CN too long |
RESOLVED |
FIXED |
2017-09-21T04:55:30Z |
| 1357067 |
Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName |
RESOLVED |
FIXED |
2017-10-13T16:52:00Z |
| 1367842 |
TurkTrust: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-10-09T12:01:43Z |
| 1368171 |
Firmaprofesional: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-10-13T21:42:23Z |
| 1368176 |
DigiCert: Non-audited, non-technically-constrained intermediate certs |
RESOLVED |
FIXED |
2017-09-18T14:26:46Z |
| 1368178 |
Symantec: Non-audited, non-technically-constrained intermediate cert |
RESOLVED |
FIXED |
2017-08-18T21:57:16Z |
| 1369342 |
StartCom: 'un-revoking' intermediate certificates |
RESOLVED |
FIXED |
2017-09-21T14:04:49Z |
| 1369359 |
StartCom: mis-issuance of certs with unvalidated domain names and bogus field values |
RESOLVED |
FIXED |
2017-10-09T12:02:21Z |
| 1374381 |
SwissSign: BRs require full annual audits |
RESOLVED |
FIXED |
2018-08-07T00:59:16Z |
| 1386891 |
Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB |
RESOLVED |
FIXED |
2017-10-24T09:52:02Z |
| 1386894 |
StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL |
RESOLVED |
DUPLICATE |
2017-09-21T23:32:55Z |
| 1389172 |
DigiCert: Certificate Issues Identified on the Mailing List |
RESOLVED |
FIXED |
2017-09-20T05:01:50Z |
| 1390974 |
Actalis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-09-20T05:24:05Z |
| 1390977 |
Camerfirma: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-03-02T21:18:42Z |
| 1390978 |
Certinomis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-29T14:19:25Z |
| 1390979 |
certSIGN: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-10-13T18:10:15Z |
| 1390981 |
Comodo: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-08T11:36:13Z |
| 1390988 |
Consorci AOC: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-08-01T18:33:24Z |
| 1390990 |
D-TRUST: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-04-02T00:52:50Z |
| 1390991 |
Disig: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T22:09:08Z |
| 1390994 |
DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T13:23:51Z |
| 1390996 |
Entrust: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T11:53:40Z |
| 1390997 |
GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields |
RESOLVED |
FIXED |
2017-09-05T19:52:28Z |
| 1390998 |
Kamu SM: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-08-24T19:03:11Z |
| 1391000 |
IdenTrust: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-10-13T16:09:23Z |
| 1391054 |
Izenpe: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-01-15T16:59:19Z |
| 1391055 |
Microsec e-Szigno: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T12:04:56Z |
| 1391056 |
NetLock: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T22:13:50Z |
| 1391058 |
PROCERT: Non-BR-Compliant Certificate Issuance |
RESOLVED |
DUPLICATE |
2017-10-18T13:50:29Z |
| 1391063 |
QuoVadis: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-10-12T18:26:47Z |
| 1391064 |
SECOM: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T21:45:58Z |
| 1391066 |
SwissSign: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-30T16:21:32Z |
| 1391067 |
Symantec: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-02-09T21:52:08Z |
| 1391068 |
Taiwan-CA: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-01-03T21:03:14Z |
| 1391074 |
T-Systems: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2019-01-24T22:24:28Z |
| 1391087 |
Visa: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-10-03T21:19:26Z |
| 1391089 |
WISeKey: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-11-28T11:14:09Z |
| 1391429 |
GoDaddy: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-12-01T10:21:56Z |
| 1391864 |
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-09-01T14:34:07Z |
| 1391867 |
Let's Encrypt: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2017-08-21T19:00:02Z |
| 1393555 |
GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName |
RESOLVED |
FIXED |
2017-12-05T15:44:16Z |
| 1393557 |
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits |
RESOLVED |
FIXED |
2017-11-22T14:44:37Z |
| 1397830 |
EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate |
RESOLVED |
FIXED |
2019-09-17T21:48:45Z |
| 1397832 |
GRCA: Signing SHA-1 OCSP responses with unconstrained certificate |
RESOLVED |
FIXED |
2017-11-28T11:47:07Z |
| 1397951 |
DigiCert / InfoCert: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2017-10-13T21:36:08Z |
| 1397954 |
DigiCert / Siemens: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2017-10-12T12:59:18Z |
| 1397957 |
DigiCert / CTJ: Metadata in OU fields, Reserved IP Address |
RESOLVED |
FIXED |
2019-01-14T22:06:51Z |
| 1397958 |
DigiCert / Terena: Metadata in OU fields |
RESOLVED |
FIXED |
2017-09-20T05:13:05Z |
| 1397960 |
DigiCert / Telecom Italia: Several Problems |
RESOLVED |
FIXED |
2018-08-28T17:49:02Z |
| 1397961 |
DigiCert / Justica: Invalid DNS names |
RESOLVED |
FIXED |
2018-06-25T18:42:27Z |
| 1397963 |
DigiCert / Wells Fargo: Invalid DNS names |
RESOLVED |
FIXED |
2018-02-06T17:24:54Z |
| 1397965 |
DigiCert / Swiss Government: CommonName not in SANs |
RESOLVED |
FIXED |
2017-09-20T05:36:53Z |
| 1397968 |
DigiCert / Verizon: Reserved/Intranet domain name |
RESOLVED |
DUPLICATE |
2017-09-08T12:24:16Z |
| 1397969 |
DigiCert / Inteso San Paulo: Double dot characters |
RESOLVED |
FIXED |
2018-02-05T19:06:40Z |
| 1398233 |
Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-11-28T11:57:11Z |
| 1398240 |
Firmaprofesional: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-04T00:32:43Z |
| 1398242 |
Disig: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-23T21:13:21Z |
| 1398243 |
certSIGN: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-02-07T18:05:33Z |
| 1398246 |
Consorci AOC: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-10-12T17:25:25Z |
| 1398247 |
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2019-01-03T21:15:06Z |
| 1398251 |
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-11-28T12:05:23Z |
| 1398255 |
IdenTrust: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-11T15:33:46Z |
| 1398258 |
Izenpe: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2017-10-11T15:26:13Z |
| 1398259 |
SECOM: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-03-02T15:26:03Z |
| 1398261 |
Visa: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-05-23T21:50:27Z |
| 1398269 |
DigiCert: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-06-21T17:23:31Z |
| 1398427 |
Let's Encrypt: CAA Misissuances |
RESOLVED |
FIXED |
2019-09-17T20:42:22Z |
| 1398428 |
Amazon: CAA Misissuances |
RESOLVED |
FIXED |
2017-11-03T12:10:13Z |
| 1398545 |
Comodo: CAA Misissuance |
RESOLVED |
FIXED |
2017-12-06T16:36:39Z |
| 1401211 |
NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName |
RESOLVED |
FIXED |
2017-10-24T14:14:40Z |
| 1401486 |
T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 |
RESOLVED |
FIXED |
2018-01-18T13:14:56Z |
| 1404403 |
SwissSign: Two certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-12T16:54:04Z |
| 1405815 |
Camerfirma: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-13T08:25:10Z |
| 1405817 |
Actalis: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2018-01-18T15:49:40Z |
| 1405826 |
Trustwave: Certs issued with same issuer and serial number |
RESOLVED |
FIXED |
2017-10-07T08:39:54Z |
| 1409735 |
RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone |
RESOLVED |
FIXED |
2018-02-09T21:58:17Z |
| 1409760 |
StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record |
RESOLVED |
WONTFIX |
2017-11-28T12:14:29Z |
| 1409764 |
Asseco DS / Certum: CAA mis-issuance on critical flag and unknown CAA tag |
RESOLVED |
FIXED |
2019-09-17T20:39:40Z |
| 1409766 |
Asseco DS / Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record |
RESOLVED |
FIXED |
2019-09-17T20:39:27Z |
| 1409859 |
Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone |
RESOLVED |
INVALID |
2017-11-28T12:17:06Z |
| 1410834 |
Comodo: CAA Mis-Issuance on basic test case |
RESOLVED |
FIXED |
2018-05-23T22:19:09Z |
| 1412950 |
Firmaprofesional: Insufficient Audit Statements |
RESOLVED |
FIXED |
2019-07-05T11:51:32Z |
| 1413761 |
Digicert/Symantec: EV JOI Issue |
RESOLVED |
FIXED |
2017-11-28T12:18:04Z |
| 1417771 |
DigiCert: Symantec non-constrained/non-disclosed intermediates |
RESOLVED |
FIXED |
2018-08-27T14:00:16Z |
| 1417777 |
DigiCert: Insufficient entropy in serial numbers |
RESOLVED |
FIXED |
2017-11-28T12:19:34Z |
| 1420766 |
AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
INVALID |
2017-11-29T15:41:06Z |
| 1420858 |
Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
FIXED |
2017-12-06T15:51:14Z |
| 1420860 |
Asseco DS / Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
FIXED |
2019-09-17T20:36:03Z |
| 1420861 |
DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN |
RESOLVED |
INVALID |
2017-11-30T22:14:19Z |
| 1420871 |
Camerfirma: Potential Mis-Issuance based on CAA records |
RESOLVED |
FIXED |
2018-01-17T17:58:16Z |
| 1420873 |
Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) |
RESOLVED |
INVALID |
2017-12-06T17:53:07Z |
| 1423624 |
Comodo: CAA misissuances due to race condition |
RESOLVED |
FIXED |
2017-12-20T14:53:35Z |
| 1425805 |
Consorci AOC: Insufficient Audit Statements |
RESOLVED |
FIXED |
2019-01-03T21:31:17Z |
| 1425998 |
Certinomis/Docapost: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-16T22:37:43Z |
| 1426009 |
T-Systems: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-04T17:58:05Z |
| 1426233 |
Camerfirma: Non-BR-Compliant OCSP Responders |
RESOLVED |
FIXED |
2018-01-04T17:04:02Z |
| 1426238 |
QuoVadis: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-09-24T18:07:08Z |
| 1426247 |
Telia: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-06-27T21:23:24Z |
| 1426249 |
Trustis: Non-Br-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-04-12T18:14:33Z |
| 1428832 |
Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert |
RESOLVED |
FIXED |
2018-01-09T16:46:49Z |
| 1428877 |
SwissSign: Invalid DNSName in SAN |
RESOLVED |
FIXED |
2019-01-14T16:22:58Z |
| 1428891 |
Entrust: Non-BR-Compliant OCSP Responder |
RESOLVED |
FIXED |
2018-01-26T02:43:12Z |
| 1430909 |
Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) |
RESOLVED |
FIXED |
2018-09-24T18:07:08Z |
| 1431164 |
Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field |
RESOLVED |
FIXED |
2018-05-24T16:47:45Z |
| 1435770 |
Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys |
RESOLVED |
FIXED |
2019-09-17T20:39:51Z |
| 1436173 |
Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance |
RESOLVED |
FIXED |
2018-08-22T17:52:32Z |
| 1439123 |
GoDaddy: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-02-26T16:07:07Z |
| 1439126 |
Certinomis/Docapost: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-24T00:15:29Z |
| 1439127 |
TurkTrust: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-24T00:15:58Z |
| 1439128 |
E-Tugra: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-30T23:13:01Z |
| 1439129 |
DSV-Gruppe: Failure to respond to January 2018 survey |
RESOLVED |
FIXED |
2018-05-08T00:00:16Z |
| 1442091 |
DigiCert: Unrevocation of BT Class 2 CA - G2 CA Certificate |
RESOLVED |
FIXED |
2019-09-18T20:25:47Z |
| 1443731 |
SwissSign: Cert issued with a to long validity period |
RESOLVED |
FIXED |
2018-10-19T20:25:29Z |
| 1443857 |
Camerfirma: Non-BR-Compliant Issuance - DNSName is empty |
RESOLVED |
FIXED |
2018-05-17T17:52:09Z |
| 1444455 |
DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates |
RESOLVED |
FIXED |
2019-01-03T21:39:32Z |
| 1445857 |
DigiCert: Mis-issuance of certificate with https in CN/SAN |
RESOLVED |
FIXED |
2019-09-18T20:09:52Z |
| 1446080 |
Let's Encrypt: Improper encoding of wildcard certificates |
RESOLVED |
FIXED |
2018-03-23T00:21:14Z |
| 1446121 |
IdenTrust: Improper encoding of wildcard certificate |
RESOLVED |
FIXED |
2018-08-13T20:35:15Z |
| 1447192 |
DigiCert Onion Certs |
RESOLVED |
FIXED |
2018-06-03T18:53:15Z |
| 1447497 |
DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA |
RESOLVED |
WORKSFORME |
2018-03-23T23:33:01Z |
| 1448986 |
Entrust: IP Address in dNSName form |
RESOLVED |
FIXED |
2019-09-17T20:40:58Z |
| 1449371 |
E-Tugra: Validity period > 825 days |
RESOLVED |
FIXED |
2018-04-20T21:23:08Z |
| 1451228 |
Asseco DS / Certum: EV certificate mis-issue |
RESOLVED |
FIXED |
2019-09-17T20:39:45Z |
| 1451446 |
DigiCert: ABB greater than 825 day cert issuance |
RESOLVED |
FIXED |
2019-02-15T21:24:46Z |
| 1451578 |
Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea |
RESOLVED |
FIXED |
2018-09-07T21:08:26Z |
| 1451949 |
Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB |
RESOLVED |
FIXED |
2018-04-10T16:06:01Z |
| 1451950 |
DigiCert: Intermediate Cert(s) not disclosed in CCADB |
RESOLVED |
FIXED |
2018-10-12T19:24:48Z |
| 1451953 |
TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB |
RESOLVED |
FIXED |
2018-10-12T18:10:43Z |
| 1452671 |
SECOM: TSA Certs Issued from Root |
RESOLVED |
FIXED |
2018-12-14T16:16:09Z |
| 1455119 |
Firmaprofesional: Undisclosed Intermediate certificate |
RESOLVED |
FIXED |
2019-01-03T22:38:48Z |
| 1455128 |
Certicamara: Undisclosed Intermediate certificates |
RESOLVED |
FIXED |
2019-01-04T16:58:08Z |
| 1455132 |
SwissSign: Undisclosed Intermediate Certificates |
RESOLVED |
FIXED |
2018-11-01T16:50:36Z |
| 1455137 |
T-Systems: Undisclosed Intermediate certificate |
RESOLVED |
FIXED |
2019-04-02T00:54:17Z |
| 1455147 |
Camerfirma: Missing audit for Intermediate certificate |
RESOLVED |
FIXED |
2018-08-08T00:29:24Z |
| 1455150 |
DigiCert: Missing audits for Intermediate certificates |
RESOLVED |
FIXED |
2018-08-16T21:53:08Z |
| 1456655 |
DigiCert / ABB: Issues with DN, country code and keyUsage |
RESOLVED |
FIXED |
2019-09-15T22:39:25Z |
| 1458038 |
DocuSign/Keynectis: Missing BR Self Assessment |
RESOLVED |
WONTFIX |
2019-01-04T20:57:58Z |
| 1458042 |
Government of Spain (ACCV): Missing BR Self Assessment |
RESOLVED |
FIXED |
2018-05-23T18:41:53Z |
| 1458064 |
Firmaprofesional: Missing BR Self Assessment |
RESOLVED |
FIXED |
2018-05-23T18:42:58Z |
| 1459557 |
SwissSign: Certificate issue with Signature |
RESOLVED |
FIXED |
2018-10-19T19:29:09Z |
| 1461391 |
Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation |
RESOLVED |
FIXED |
2019-01-04T20:49:48Z |
| 1462423 |
NetLock: CN not in SAN |
RESOLVED |
FIXED |
2019-10-04T18:56:03Z |
| 1462735 |
Let's Encrypt: Case-sensitive CAA tag processing |
RESOLVED |
FIXED |
2018-05-24T23:58:37Z |
| 1462797 |
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString |
RESOLVED |
FIXED |
2019-02-20T16:59:33Z |
| 1462844 |
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString |
RESOLVED |
FIXED |
2019-01-09T23:36:41Z |
| 1464286 |
Swisscom: Missing Audits for Unconstrained Intermediate Certificates |
RESOLVED |
FIXED |
2018-07-18T22:30:38Z |
| 1464335 |
Firmaprofesional: Undisclosed Intermediate certificate SIGNE |
RESOLVED |
FIXED |
2019-09-18T21:20:32Z |
| 1464359 |
Firmaprofesional: Undisclosed Intermediate certificate SDS |
RESOLVED |
FIXED |
2019-09-18T21:20:11Z |
| 1465600 |
DigiCert: Invalid Country Code Issuance |
RESOLVED |
FIXED |
2019-06-28T20:18:33Z |
| 1466252 |
Cybertrust Japan: three test websites not provided |
RESOLVED |
FIXED |
2019-02-20T01:38:01Z |
| 1467110 |
OCSP responding good for non-issued certs by Consorci AOC root already solved |
RESOLVED |
DUPLICATE |
2018-10-03T21:47:26Z |
| 1467414 |
GDCA: Misissuance of certificates with small RSA keys |
RESOLVED |
FIXED |
2019-09-18T21:22:42Z |
| 1468000 |
Invalid country field for Camerfirma root CA certificates |
RESOLVED |
INVALID |
2018-06-14T21:42:26Z |
| 1468477 |
QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage |
RESOLVED |
FIXED |
2019-12-31T20:16:48Z |
| 1472052 |
Quovadis: Certificate containing Debian weak key |
RESOLVED |
FIXED |
2019-01-09T20:16:01Z |
| 1473971 |
SwissSign: Domain validated certificate but with stateOrProvinceName |
RESOLVED |
FIXED |
2018-08-31T20:58:40Z |
| 1475115 |
Telia: Qualified Audit Statements |
RESOLVED |
FIXED |
2019-02-06T20:40:38Z |
| 1475563 |
GDCA: Misissuance of certificates with IP address |
RESOLVED |
INVALID |
2018-07-18T17:09:49Z |
| 1478933 |
Camerfirma: Qualified Audit Statements |
RESOLVED |
FIXED |
2019-09-17T20:36:56Z |
| 1481862 |
Camerfirma: MULTICERT organizationName Too Long |
RESOLVED |
FIXED |
2019-04-16T22:53:44Z |
| 1483715 |
DigiCert: improper domain validation |
RESOLVED |
FIXED |
2018-11-16T22:57:12Z |
| 1484766 |
GoDaddy: Random Value Vulnerability in Domain Validation |
RESOLVED |
FIXED |
2019-01-04T21:39:07Z |
| 1485413 |
Certigna: Issuance without respecting CAA records |
RESOLVED |
FIXED |
2019-01-04T21:45:05Z |
| 1485851 |
Visa: Qualified Audit Statements |
RESOLVED |
FIXED |
2018-10-03T21:18:22Z |
| 1486650 |
Let's Encrypt: OCSP "unauthorized" responses |
RESOLVED |
FIXED |
2018-10-12T18:22:32Z |
| 1492006 |
Sectigo: Failure to revoke within 24 hours |
RESOLVED |
FIXED |
2019-09-16T18:58:11Z |
| 1493760 |
QuoVadis: improper countryName format |
RESOLVED |
FIXED |
2018-10-12T18:25:53Z |
| 1495497 |
KIR S.A.: Certificates issued with multiple BR violations |
RESOLVED |
FIXED |
2019-09-16T00:23:52Z |
| 1495507 |
Government of Spain FNMT: OU exceeds 64 characters |
RESOLVED |
FIXED |
2020-03-17T17:40:20Z |
| 1495518 |
Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) |
RESOLVED |
FIXED |
2019-09-17T20:35:32Z |
| 1495524 |
Certinomis: Unqualified Domain Name in SAN |
RESOLVED |
FIXED |
2019-05-23T19:05:35Z |
| 1496088 |
Certinomis: certificate for test.com, O=Entreprise TEST |
RESOLVED |
FIXED |
2019-05-23T19:08:46Z |
| 1496616 |
Consorci AOC: Qualified audit statements |
RESOLVED |
FIXED |
2020-06-20T20:30:44Z |
| 1497700 |
DocuSign/Keynectis: Undisclosed Intermediate certificate |
RESOLVED |
WONTFIX |
2019-01-04T22:10:37Z |
| 1497703 |
SECOM: Undisclosed intermediate certificates |
RESOLVED |
FIXED |
2018-11-01T16:39:33Z |
| 1498409 |
Certicamara: Failure to respond to September 2018 CA Survey |
RESOLVED |
FIXED |
2019-01-04T21:35:16Z |
| 1498463 |
T-Systems: Improperly encoded QCStatements extension |
RESOLVED |
FIXED |
2019-01-29T18:49:50Z |
| 1499585 |
Digicert: Undisclosed CAs -Federated Trust CA-1 |
RESOLVED |
FIXED |
2018-11-01T17:24:34Z |
| 1500593 |
Identrust: Internal names / failure to report |
RESOLVED |
FIXED |
2019-01-04T22:15:28Z |
| 1500621 |
Digicert: Internal Domain Name cert mis-issuance |
RESOLVED |
FIXED |
2018-11-16T23:02:54Z |
| 1501374 |
Comodo CA issuing EV Certs without Higher Authority checks |
RESOLVED |
INVALID |
2020-01-09T22:59:56Z |
| 1502957 |
Camerfirma: MULTICERT Misissuance and missing audits |
RESOLVED |
FIXED |
2020-05-27T16:21:53Z |
| 1503128 |
Certinomis: email address in DNS SAN |
RESOLVED |
FIXED |
2019-05-23T19:07:55Z |
| 1503638 |
WISeKey: Failure to disclose intermediate in CCADB |
RESOLVED |
FIXED |
2018-11-01T23:17:43Z |
| 1506607 |
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier |
RESOLVED |
FIXED |
2019-05-20T17:43:59Z |
| 1507862 |
Government of Spain (ACCV): Late Audit Statement |
RESOLVED |
FIXED |
2019-01-02T23:09:35Z |
| 1509002 |
Camerfirma: MULTICERT certificates with a validity period greater than 825 days |
RESOLVED |
FIXED |
2019-04-16T22:52:13Z |
| 1509512 |
D-TRUST: syntax error in one tls certificate |
RESOLVED |
FIXED |
2019-02-20T01:22:27Z |
| 1511459 |
Asseco DS / Certum: Corrupted certificates |
RESOLVED |
FIXED |
2019-09-17T20:39:21Z |
| 1512018 |
Entrust: Certificate issued with '-' in ST field |
RESOLVED |
FIXED |
2019-05-15T00:11:12Z |
| 1512270 |
Microsec: Validity period greater than 825 days |
RESOLVED |
FIXED |
2019-02-02T15:12:26Z |
| 1515564 |
DigiCert: Underscore character certificates |
RESOLVED |
DUPLICATE |
2018-12-21T17:59:51Z |
| 1515788 |
DigiCert: Underscores - CVS Pharmacy |
RESOLVED |
FIXED |
2019-02-15T19:24:57Z |
| 1516453 |
DigiCert: Underscores - Discover |
RESOLVED |
FIXED |
2019-02-15T19:25:18Z |
| 1516545 |
DigiCert: Underscores - Verizon |
RESOLVED |
FIXED |
2019-03-03T20:28:38Z |
| 1516561 |
DigiCert: Underscores - Canadian Imperial Bank of Commerce |
RESOLVED |
FIXED |
2019-02-26T22:13:42Z |
| 1516599 |
DigiCert: Underscores - Ericsson |
RESOLVED |
FIXED |
2019-07-31T23:48:08Z |
| 1517617 |
DigiCert: Underscores - Citi |
RESOLVED |
FIXED |
2019-07-31T23:48:03Z |
| 1518553 |
Sectigo: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-09-13T17:13:51Z |
| 1518555 |
DigiCert: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-01-15T18:25:22Z |
| 1518560 |
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm |
RESOLVED |
FIXED |
2019-02-19T17:42:51Z |
| 1519260 |
QuoVadis: Multiple unreported misissuances in 2018 |
RESOLVED |
FIXED |
2019-04-26T21:15:39Z |
| 1519265 |
QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs |
VERIFIED |
FIXED |
2020-06-26T00:33:36Z |
| 1519572 |
DigiCert: Underscores - Intuit |
RESOLVED |
FIXED |
2019-05-01T23:26:22Z |
| 1520299 |
Hongkong Post / Certizen: Failure to report misissuance |
RESOLVED |
FIXED |
2019-12-24T18:01:19Z |
| 1520876 |
Entrust: Late mis-issue certificate revocation |
RESOLVED |
FIXED |
2019-02-20T01:28:10Z |
| 1521520 |
Entrust: Late revocation of underscore certificate |
RESOLVED |
FIXED |
2019-02-01T03:45:24Z |
| 1521623 |
Amazon: Failure to comply with RFC 5280 |
RESOLVED |
INVALID |
2019-02-05T23:01:29Z |
| 1521950 |
QuoVadis: BR Error - san dns name starts with period |
RESOLVED |
FIXED |
2019-04-26T21:14:44Z |
| 1522080 |
T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 |
RESOLVED |
INVALID |
2019-02-04T23:34:01Z |
| 1522975 |
Google Trust Services: Improper OCSP response for intermediate certificate |
RESOLVED |
FIXED |
2019-09-17T20:41:46Z |
| 1523186 |
KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days |
RESOLVED |
FIXED |
2019-09-16T00:19:27Z |
| 1523221 |
GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions |
RESOLVED |
FIXED |
2020-02-05T03:47:39Z |
| 1523676 |
DigiCert: Good OCSP Responses for Revoked Intermediates |
RESOLVED |
FIXED |
2019-04-04T18:12:09Z |
| 1523680 |
Actalis: Non BR Compliant OCSP Responder |
RESOLVED |
FIXED |
2019-02-20T17:33:18Z |
| 1524050 |
Telia: Misissued certificate - invalid dnsName |
RESOLVED |
FIXED |
2019-06-28T23:31:27Z |
| 1524094 |
Certinomis: invalid DNS names in SAN |
RESOLVED |
FIXED |
2019-05-23T19:09:18Z |
| 1524103 |
Certinomis: invalid state and locality fields in subject |
RESOLVED |
FIXED |
2019-08-11T21:22:11Z |
| 1524112 |
Certinomis: O=POUR TEST in subject |
RESOLVED |
FIXED |
2019-05-23T19:06:35Z |
| 1524143 |
CFCA: Internal iPAddress in certificate |
RESOLVED |
FIXED |
2019-04-08T19:26:05Z |
| 1524195 |
Asseco DS / Certum: Invalid dnsNames |
RESOLVED |
FIXED |
2019-07-01T20:30:10Z |
| 1524448 |
Certinomis: misissued "test" certificates |
RESOLVED |
FIXED |
2019-05-23T19:06:56Z |
| 1524449 |
Certinomis: validity period >825 days |
RESOLVED |
FIXED |
2019-05-23T19:07:29Z |
| 1524451 |
Certinomis: invalid CDP extension |
RESOLVED |
FIXED |
2019-05-14T00:00:43Z |
| 1524452 |
SECOM: certificate for .test TLD |
RESOLVED |
FIXED |
2019-03-29T16:05:47Z |
| 1524567 |
Telia: invalid IP value in SAN DNS field |
RESOLVED |
FIXED |
2019-06-28T23:56:57Z |
| 1524730 |
Sectigo: invalid dnsName |
RESOLVED |
FIXED |
2019-08-03T03:40:41Z |
| 1524733 |
CFCA: invalid dnsNames |
RESOLVED |
FIXED |
2020-02-06T02:00:17Z |
| 1524815 |
GoDaddy: failure to revoke underscores |
RESOLVED |
FIXED |
2019-12-24T19:18:40Z |
| 1524816 |
SECOM: failure to revoke underscores |
RESOLVED |
FIXED |
2019-02-21T22:32:27Z |
| 1524871 |
Camerfirma: failure to revoke underscores |
RESOLVED |
FIXED |
2019-09-10T22:27:44Z |
| 1524875 |
DigiCert: IP in dnsName |
RESOLVED |
FIXED |
2019-05-17T22:05:40Z |
| 1524876 |
Entrust: IP in dnsName |
RESOLVED |
FIXED |
2019-03-01T16:09:50Z |
| 1524877 |
GlobalSign: IP in dnsName |
RESOLVED |
FIXED |
2019-02-21T22:38:00Z |
| 1524878 |
Asseco DS / Certum: IP in dnsName |
RESOLVED |
DUPLICATE |
2019-09-17T20:36:08Z |
| 1524879 |
QuoVadis: IP in dnsName |
RESOLVED |
FIXED |
2019-03-07T21:07:14Z |
| 1525710 |
Amazon: Test revoked certificates with invalid validity period |
RESOLVED |
FIXED |
2019-03-04T19:54:07Z |
| 1526099 |
Identrust: Discrepancy in values of address fields within CN of SSL Certificates |
RESOLVED |
FIXED |
2019-07-01T20:22:40Z |
| 1526154 |
DigiCert: Missed Underscore Certificate Revocations |
RESOLVED |
FIXED |
2019-04-25T00:24:49Z |
| 1527423 |
DigiCert: P-384,ecdsa-with-SHA512 Certificates |
RESOLVED |
FIXED |
2019-07-18T00:25:43Z |
| 1528259 |
Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field |
RESOLVED |
FIXED |
2019-08-11T00:31:52Z |
| 1528261 |
Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) |
RESOLVED |
FIXED |
2019-08-11T00:33:27Z |
| 1528263 |
Telia: Misissued certificate - Invalid wildcard format |
RESOLVED |
FIXED |
2019-07-03T23:49:06Z |
| 1528264 |
Telia: Misissued certificate - Invalid OU value "-" |
RESOLVED |
FIXED |
2019-06-28T23:18:30Z |
| 1528290 |
Izenpe: OU > 64 characters |
RESOLVED |
FIXED |
2019-03-04T16:05:12Z |
| 1530623 |
QuoVadis: IPaddress in DNSname SAN |
RESOLVED |
FIXED |
2019-04-26T21:14:01Z |
| 1530718 |
T-Systems: Invalid SAN Entries |
RESOLVED |
FIXED |
2019-08-11T00:39:40Z |
| 1530971 |
Harica: P-384,ecdsa-with-SHA256 Certificates |
RESOLVED |
FIXED |
2019-05-02T08:20:27Z |
| 1531800 |
QuoVadis: DarkMatter Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-26T20:51:51Z |
| 1531817 |
DigiCert: in-addr.arpa Misissuance |
RESOLVED |
FIXED |
2019-07-01T22:43:48Z |
| 1532105 |
SECOM: CrossTrust: OU > 64 characters |
RESOLVED |
FIXED |
2019-08-11T00:28:45Z |
| 1532112 |
KIR S.A.: O > 64 characters |
RESOLVED |
DUPLICATE |
2019-03-04T18:46:30Z |
| 1532313 |
Comodo: Possible CAA Misissuance due against critical record |
RESOLVED |
INVALID |
2019-03-04T19:19:44Z |
| 1532333 |
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate |
RESOLVED |
FIXED |
2020-01-18T00:07:12Z |
| 1532399 |
TrustCor: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-03-15T18:59:10Z |
| 1532429 |
CFCA: Invalid TLD in SAN |
RESOLVED |
FIXED |
2019-06-28T20:27:26Z |
| 1532842 |
Google Trust Services: 63 bit serial numbers in some certificates |
RESOLVED |
FIXED |
2019-07-15T19:03:22Z |
| 1533655 |
DigiCert: Apple: Non-compliant Serial Numbers |
RESOLVED |
FIXED |
2019-07-20T00:56:21Z |
| 1533774 |
GoDaddy: Insufficient serial number entropy |
RESOLVED |
FIXED |
2020-01-24T19:57:36Z |
| 1533899 |
Quovadis: Insufficient Serial Number Entropy |
RESOLVED |
INVALID |
2019-03-15T18:53:58Z |
| 1534145 |
SSL.com: P-384 curve / ecdsa-with-SHA256 certificates |
RESOLVED |
FIXED |
2019-04-18T20:29:58Z |
| 1534147 |
SSL.com: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-11T18:35:49Z |
| 1534295 |
Actalis: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-09T16:41:07Z |
| 1534429 |
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-14T07:30:49Z |
| 1534535 |
QuoVadis / Siemens: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-01T08:49:55Z |
| 1534580 |
DFN-PKI: 40 OV certificates with wrong ST |
RESOLVED |
FIXED |
2019-07-29T16:46:37Z |
| 1535509 |
HARICA: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-03-29T07:03:19Z |
| 1535735 |
Entrust: Issued Certificates to incorrect Organization |
RESOLVED |
FIXED |
2019-09-17T20:41:05Z |
| 1535772 |
HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates |
RESOLVED |
FIXED |
2019-04-19T16:55:13Z |
| 1535869 |
Taiwan-CA: Invalid SAN Entries |
RESOLVED |
FIXED |
2019-06-28T17:45:38Z |
| 1535871 |
PKIoverheid: KPN Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-12-03T04:44:58Z |
| 1535873 |
GlobalSign: AT&T Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-24T20:39:18Z |
| 1536082 |
T-Systems: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-08-11T04:11:20Z |
| 1536213 |
ACCV: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-07-23T15:55:50Z |
| 1536287 |
Entrust: AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue |
RESOLVED |
FIXED |
2019-09-17T20:40:52Z |
| 1536760 |
GlobalSign: Virginia Tech Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-08T19:20:07Z |
| 1536831 |
GDCA: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-29T00:35:52Z |
| 1538638 |
Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy |
RESOLVED |
FIXED |
2020-01-13T19:34:16Z |
| 1538673 |
Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy |
RESOLVED |
FIXED |
2019-04-22T22:09:56Z |
| 1539190 |
Kamu SM: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-05-14T00:32:23Z |
| 1539296 |
Digicert: KPN Outdated Audit |
RESOLVED |
FIXED |
2019-06-29T00:30:54Z |
| 1539307 |
Buypass: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-28T16:36:43Z |
| 1539358 |
SECOM: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-05-17T17:44:06Z |
| 1539531 |
Certinomis: certificates with space in dNSName SAN |
RESOLVED |
FIXED |
2019-05-07T23:09:23Z |
| 1540281 |
WISeKey: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-04-15T17:29:35Z |
| 1540315 |
QuoVadis: LLB insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-07-01T22:27:39Z |
| 1540961 |
Atos: Insufficient Serial Number Entropy |
RESOLVED |
FIXED |
2019-06-29T00:36:27Z |
| 1541064 |
SwissSign: Error in OrganisationIdentifier in signature/seal certificate |
RESOLVED |
FIXED |
2019-04-25T18:50:24Z |
| 1542082 |
Identrust: Failure to disclose Unconstrained intermediate Within 7 Days |
RESOLVED |
FIXED |
2019-08-11T00:36:21Z |
| 1542302 |
E-Tugra: Insufficient serial number entropy |
RESOLVED |
FIXED |
2019-05-01T23:30:32Z |
| 1542328 |
Certinomis: Invalid TLD in SAN |
RESOLVED |
FIXED |
2019-05-23T19:04:05Z |
| 1542793 |
Certinomis: Invalid SAN in a certificate |
RESOLVED |
FIXED |
2019-05-07T23:04:38Z |
| 1544586 |
Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. |
RESOLVED |
FIXED |
2020-03-27T17:54:20Z |
| 1544712 |
SECOM: certificate for which “OU=-” |
RESOLVED |
FIXED |
2019-08-11T03:59:14Z |
| 1544722 |
SECOM: certificate for which “L” and “ST” not set |
RESOLVED |
FIXED |
2019-07-29T04:25:44Z |
| 1544933 |
Certinomis: certificates for an unregistered domain, with unknown OCSP status |
RESOLVED |
FIXED |
2019-05-23T19:04:35Z |
| 1545208 |
Sectigo: Missing Changelog in CPS |
RESOLVED |
FIXED |
2019-09-18T03:36:02Z |
| 1546253 |
GDCA: Authentication of Organization Identity Failure for an OV Certificate |
RESOLVED |
FIXED |
2019-08-11T00:30:23Z |
| 1546776 |
SecureTrust: Unvalidated domain in certificate |
RESOLVED |
FIXED |
2019-08-11T00:35:09Z |
| 1547072 |
Certinomis: Use of Domain Validation Method 3.2.2.4.5 after August 1, 2018 |
RESOLVED |
INVALID |
2019-05-10T00:36:48Z |
| 1547691 |
GlobalSign: AT&T SSL certificates without the AIA extension |
RESOLVED |
FIXED |
2019-09-15T23:08:05Z |
| 1548713 |
Sectigo: "Default City" in Subject:localityName |
RESOLVED |
FIXED |
2019-12-09T16:48:34Z |
| 1548714 |
SECOM: "Default City" in Subject:localityName |
RESOLVED |
FIXED |
2019-08-10T23:54:14Z |
| 1548716 |
DigiCert: Verizon: "Default City" in Subject:localityName |
RESOLVED |
FIXED |
2019-05-20T22:42:46Z |
| 1548719 |
DigiCert: Revoked intermediate certificates not in CRL |
RESOLVED |
FIXED |
2019-08-06T17:44:41Z |
| 1548720 |
SSL.com: CRL not found - SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl |
RESOLVED |
FIXED |
2019-06-28T23:28:47Z |
| 1549308 |
WISeKey: Revocation of multiple intermediate CAs |
RESOLVED |
INVALID |
2019-05-06T22:58:22Z |
| 1549861 |
Camerfirma: Outdated audit statements for intermediate certs |
RESOLVED |
FIXED |
2020-01-21T23:17:59Z |
| 1549862 |
Entrust: Outdated audit statement for intermediate cert |
RESOLVED |
FIXED |
2020-01-21T23:23:33Z |
| 1550547 |
IP certificate issued with Domain Validation |
RESOLVED |
INVALID |
2020-01-09T23:00:12Z |
| 1550575 |
Asseco DS / Certum: commonName not from subjectAltName entries |
RESOLVED |
FIXED |
2019-07-18T21:28:15Z |
| 1550576 |
SSL.com: Expired CRLs |
RESOLVED |
INVALID |
2019-05-13T22:08:57Z |
| 1550645 |
Digicert: CAA Checking Issue |
RESOLVED |
FIXED |
2020-05-22T18:03:15Z |
| 1551357 |
Certinomis: certificates with invalid DNS SAN |
RESOLVED |
FIXED |
2019-05-23T19:03:16Z |
| 1551362 |
Sectigo: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2020-03-23T16:22:15Z |
| 1551363 |
DigiCert: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-09-06T16:43:47Z |
| 1551364 |
SwissSign: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-06-25T23:41:48Z |
| 1551369 |
Kamu SM: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-01T20:14:47Z |
| 1551371 |
T-Systems: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-03T21:10:08Z |
| 1551372 |
Telia: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2020-07-06T20:10:26Z |
| 1551374 |
SecureTrust: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-12-20T13:47:52Z |
| 1551375 |
certSIGN: "Some-State" in stateOrProvinceName |
RESOLVED |
FIXED |
2019-07-24T22:13:19Z |
| 1551390 |
Certinomis: 174 certificates with unknown OCSP status |
RESOLVED |
FIXED |
2019-05-23T19:05:03Z |
| 1552562 |
Entrust: Question marks in certificate O and L fields |
RESOLVED |
FIXED |
2019-06-28T16:25:38Z |
| 1552586 |
GlobalSign: 4 Misissued certificates with invalid CN |
RESOLVED |
FIXED |
2019-08-11T04:15:08Z |
| 1554259 |
GlobalSign: SPKI lacks explicit NULL parameter, |
RESOLVED |
FIXED |
2019-08-10T23:46:27Z |
| 1556806 |
Camerfirma: Inforcert misissued certificates |
RESOLVED |
FIXED |
2019-12-14T00:12:41Z |
| 1556906 |
DigiCert: Apple: Non-compliant Common Name Length |
RESOLVED |
FIXED |
2019-12-24T18:05:07Z |
| 1556948 |
DigiCert Validation Scope Incident |
RESOLVED |
FIXED |
2019-11-26T01:34:23Z |
| 1557085 |
Camerfirma: Intesa Sanpaolo misissued certificates |
RESOLVED |
FIXED |
2019-08-03T03:38:32Z |
| 1559376 |
Entrust: Certificate Issued with Incorrect Country Code |
RESOLVED |
FIXED |
2019-09-05T23:58:08Z |
| 1560234 |
SECOM: Ambiguity on KeyUsage with ECC public key |
RESOLVED |
INVALID |
2019-07-29T04:40:48Z |
| 1561013 |
Entrust: Certificate issued with validity greater than 825-days |
RESOLVED |
FIXED |
2019-12-24T22:26:01Z |
| 1563573 |
DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days |
RESOLVED |
FIXED |
2020-02-01T20:20:19Z |
| 1563574 |
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days |
RESOLVED |
FIXED |
2019-09-15T23:45:29Z |
| 1563575 |
Telia: Failure to disclose Unconstrained Intermediate within 7 Days |
RESOLVED |
FIXED |
2019-07-22T18:47:09Z |
| 1563772 |
D-TRUST: Precertificate OU > 64 Characters |
RESOLVED |
FIXED |
2019-09-17T00:57:27Z |
| 1563917 |
QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) |
RESOLVED |
FIXED |
2019-08-10T23:44:21Z |
| 1565494 |
CFCA: Missed CPS update publication on website in 2018 |
RESOLVED |
FIXED |
2019-08-15T14:06:59Z |
| 1566162 |
DigiCert: Failure to supervise ABB Subordinate CA |
RESOLVED |
FIXED |
2019-09-15T22:55:08Z |
| 1566580 |
LuxTrust: Overdue Audit Statements 2019 |
RESOLVED |
WORKSFORME |
2019-07-31T17:42:02Z |
| 1566586 |
Asseco DS / Certum: Overdue Audit Statements 2019 |
RESOLVED |
FIXED |
2019-09-17T20:36:19Z |
| 1567060 |
Sectigo / Web.com: inconsistent disclosure of externally-operated intermediate |
RESOLVED |
FIXED |
2019-09-16T18:55:06Z |
| 1567061 |
GoDaddy: inconsistent disclosure of externally-operated intermediate |
RESOLVED |
FIXED |
2020-01-23T23:41:23Z |
| 1567062 |
Asseco DS / Certum: inconsistent disclosure of externally-operated intermediate |
RESOLVED |
FIXED |
2019-09-17T20:36:34Z |
| 1567456 |
T-Systems: "Some-State" comparable issues |
RESOLVED |
FIXED |
2019-12-27T22:59:14Z |
| 1567588 |
D-TRUST: incorrectly formatted businessCategory entry |
RESOLVED |
FIXED |
2019-12-03T03:43:35Z |
| 1567659 |
Entrust: SHA-1 Issuance and other misissuance while testing |
RESOLVED |
FIXED |
2019-09-16T18:16:45Z |
| 1568356 |
Trustcor: Incorrect CA-Issuers URI |
RESOLVED |
FIXED |
2019-12-13T23:17:26Z |
| 1569266 |
Amazon: No Space In Private Organization |
RESOLVED |
FIXED |
2019-08-10T23:03:35Z |
| 1569651 |
SwissSign: Misissuance of Leaf Certificates because of incorrect postcode |
RESOLVED |
FIXED |
2020-01-29T10:20:16Z |
| 1572234 |
GoDaddy: cross certificate disclosure to CCADB |
RESOLVED |
FIXED |
2020-01-22T22:47:55Z |
| 1572638 |
Actalis: Failure to revoke certs within the BR required timeframe |
RESOLVED |
FIXED |
2019-11-02T17:02:53Z |
| 1572992 |
Netlock: Failure to provide regular and timely incident updates |
RESOLVED |
FIXED |
2019-10-04T18:58:09Z |
| 1573490 |
PKIoverheid: CIBG insufficient serial number entropy |
RESOLVED |
FIXED |
2019-10-22T04:21:38Z |
| 1573937 |
DigiCert/Verizon: Qualified 2019 Audit Statements |
RESOLVED |
FIXED |
2020-02-02T00:56:06Z |
| 1574594 |
Amazon: Revoked Sample Certs - No SANs |
RESOLVED |
FIXED |
2019-09-17T20:34:58Z |
| 1575125 |
DigiCert: Apple: Unconstrained CAs not included in WTBR report |
RESOLVED |
FIXED |
2019-10-18T18:53:56Z |
| 1576133 |
SECOM: Mis-issued EV Certificates |
RESOLVED |
FIXED |
2019-09-26T08:14:55Z |
| 1576283 |
QuoVadis: N/A in EV serialNumber field |
RESOLVED |
FIXED |
2020-01-17T22:36:55Z |
| 1576789 |
Let’s Encrypt: 2019.08.20 Incident: Incorrect OCSP responses under certain conditions |
RESOLVED |
FIXED |
2020-01-23T17:07:13Z |
| 1577014 |
DigiCert OCSP services returns 1 byte |
RESOLVED |
FIXED |
2019-10-22T17:58:50Z |
| 1577652 |
Let's Encrypt: OCSP Responder Returned "Unauthorized" for Some Precertificates |
RESOLVED |
INVALID |
2019-10-05T00:01:44Z |
| 1577913 |
GoDaddy: Issues with State and Country fields |
RESOLVED |
FIXED |
2020-01-22T23:32:26Z |
| 1578417 |
T-Systems: Issue with Organization field |
RESOLVED |
FIXED |
2020-05-18T17:38:58Z |
| 1578809 |
PKIoverheid: Compliance issues CIBG TLS certificates |
RESOLVED |
FIXED |
2019-09-16T17:31:47Z |
| 1579284 |
TrustCor: Non-audited intermediate certificates |
RESOLVED |
FIXED |
2019-10-08T21:37:46Z |
| 1579299 |
Asseco DS / Certum: non-audited intermediate certificate |
RESOLVED |
INVALID |
2019-12-09T23:40:59Z |
| 1579413 |
GlobalSign: OCSP Responder Returns invalid values for Some Precertificates |
RESOLVED |
INVALID |
2019-10-05T00:04:20Z |
| 1579509 |
SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown" |
RESOLVED |
INVALID |
2019-10-05T00:04:51Z |
| 1579950 |
QuoVadis: OCSP handling of Certificate Transparency Pre-certs |
RESOLVED |
INVALID |
2019-10-09T18:12:23Z |
| 1580393 |
HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates |
RESOLVED |
INVALID |
2019-10-05T00:06:04Z |
| 1581183 |
Google Trust Services: CRL handling of expired certificates not fully compliant with RFC 5280 Section 3.3 |
RESOLVED |
FIXED |
2020-01-22T23:55:09Z |
| 1581234 |
QuoVadis: EV JOI Issue |
RESOLVED |
FIXED |
2019-11-02T16:45:55Z |
| 1582519 |
DigiCert: Apple: Precertificates without corresponding certificates return OCSP value of "unknown" |
RESOLVED |
INVALID |
2019-10-05T00:06:34Z |
| 1582601 |
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit |
RESOLVED |
FIXED |
2019-11-02T17:54:54Z |
| 1583470 |
Camerfirma: audit gap |
RESOLVED |
FIXED |
2020-01-22T23:29:38Z |
| 1586115 |
Firmaprofesional / SIGNE: No BR Audit for subCA technically capable of issuing TLS certs |
RESOLVED |
FIXED |
2019-10-28T18:07:08Z |
| 1586125 |
PKIoverheid: No BR Audit for subCAs technically capable of issuing TLS certs |
RESOLVED |
FIXED |
2020-03-27T03:50:05Z |
| 1586604 |
DigiCert: TERENA: No localityName in EV precert |
RESOLVED |
INVALID |
2019-10-09T00:18:43Z |
| 1586787 |
Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy |
RESOLVED |
FIXED |
2020-01-24T22:41:09Z |
| 1586792 |
QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs |
RESOLVED |
FIXED |
2019-11-02T16:45:36Z |
| 1586847 |
Microsoft: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy |
RESOLVED |
FIXED |
2019-11-25T23:18:11Z |
| 1588001 |
Apple OCSP responders return responses with incorrect issuer |
RESOLVED |
FIXED |
2020-07-03T01:31:08Z |
| 1588213 |
IdenTrust: Missing Thumbprints In Some Annual Audit Reports |
RESOLVED |
FIXED |
2020-06-05T23:27:28Z |
| 1589047 |
QuoVadis: Incorrect EV jurisdiction of incorporation information |
RESOLVED |
FIXED |
2020-04-01T03:50:45Z |
| 1590171 |
QuoVadis: failure to reply in a timely manner |
RESOLVED |
FIXED |
2019-11-07T20:55:17Z |
| 1590723 |
Consorci AOC : Misissued certificates: commonName:organizationIdentifier attribute inclusion not conforming CABForum guidelines 1.6.9 |
RESOLVED |
FIXED |
2019-12-27T15:31:15Z |
| 1590810 |
Sectigo: EV SSL Certificates with incorrect businessCategory |
RESOLVED |
FIXED |
2020-06-29T20:16:03Z |
| 1593357 |
QuoVadis: Incorrect EV businessCategory |
RESOLVED |
FIXED |
2020-01-22T00:05:40Z |
| 1593814 |
DigiCert: & character in a printableString in ICA |
RESOLVED |
FIXED |
2019-12-24T00:08:24Z |
| 1595113 |
Buypass: Intermediate certificates not listed in audit reports |
RESOLVED |
FIXED |
2020-04-01T04:10:26Z |
| 1595921 |
DigiCert: Domain validation skipped |
RESOLVED |
FIXED |
2020-01-24T00:36:19Z |
| 1596744 |
Izenpe: CA certificates not listed in audit report |
RESOLVED |
FIXED |
2019-12-14T00:18:06Z |
| 1596923 |
PKIoverheid: KPN CPS lacks problem reporting instructions |
RESOLVED |
FIXED |
2020-01-22T20:56:10Z |
| 1596931 |
DigiCert: Verizon CPS lacks problem reporting instructions |
RESOLVED |
FIXED |
2019-12-03T03:16:58Z |
| 1596949 |
Government of Spain FNMT: CP/CPS lack CAA processing details |
RESOLVED |
FIXED |
2019-12-17T18:09:07Z |
| 1597135 |
HARICA: 3 EV TLS Certificates without L or ST |
RESOLVED |
FIXED |
2019-12-04T18:07:24Z |
| 1597948 |
Sectigo: CCADB failed ALV - D-TRUST CA 2-1 2015 |
RESOLVED |
FIXED |
2020-07-08T02:18:23Z |
| 1598277 |
Asseco DS / Certum: CA certificates not listed in audit report |
RESOLVED |
FIXED |
2019-12-03T04:23:48Z |
| 1598390 |
Microsoft: Null Character Bug and Microsoft Root CAs |
RESOLVED |
FIXED |
2020-03-25T18:53:43Z |
| 1598829 |
Apple: Patch Management |
RESOLVED |
FIXED |
2020-04-01T03:54:50Z |
| 1599484 |
Entrust: EV Certificates Issued with Business Category "Non-Commercial" when it should have been set to "Private Organization" |
RESOLVED |
FIXED |
2020-02-08T05:21:50Z |
| 1599503 |
TrustCor: Non-mention of Email CAs in WTBR audit reports |
RESOLVED |
FIXED |
2020-04-06T13:58:38Z |
| 1599561 |
D-TRUST: EV certificates with incorrectly used businessCategory entry |
RESOLVED |
FIXED |
2019-12-24T22:29:12Z |
| 1599775 |
GlobalSign - Wrong business category (Non Commercial Entity when should have been Private Organization) |
RESOLVED |
FIXED |
2020-01-22T21:52:19Z |
| 1600114 |
Camerfirma: EV Certificates issued with wrong Business Category |
RESOLVED |
FIXED |
2020-01-21T23:58:14Z |
| 1600301 |
Asseco DS / Certum: EV Certificates issued with wrong Business Category |
RESOLVED |
FIXED |
2019-12-09T21:33:05Z |
| 1600844 |
SecureTrust: Unconstrained ICA not included in WTBR audit report |
RESOLVED |
FIXED |
2020-01-22T22:09:54Z |
| 1602999 |
Microsoft: Loss of Archived Firewall logs from Retention Store |
RESOLVED |
FIXED |
2020-01-21T23:53:31Z |
| 1604124 |
Microsoft: problem reporting e-mail in CPS does not work |
RESOLVED |
FIXED |
2020-03-14T17:09:54Z |
| 1605126 |
PKIoverheid: Missing WTBR audit statements Staat der Nederlanden 2017/2018 |
RESOLVED |
FIXED |
2020-02-05T23:08:51Z |
| 1605372 |
GlobalSign: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request |
RESOLVED |
FIXED |
2020-03-07T01:20:18Z |
| 1605804 |
GoDaddy: Domain Validation Reuse Issue |
RESOLVED |
FIXED |
2020-06-29T04:06:45Z |
| 1606031 |
SecureTrust: BR Audit 2019 - matters to be resolved |
RESOLVED |
FIXED |
2020-03-14T16:48:30Z |
| 1606380 |
Firmaprofesional: 2019 Audit Report Findings |
RESOLVED |
FIXED |
2020-05-22T17:00:41Z |
| 1608333 |
CFCA: Wrong OrganizationName |
RESOLVED |
FIXED |
2020-01-17T22:48:22Z |
| 1609501 |
WISeKey: Typo in Organization field |
RESOLVED |
FIXED |
2020-01-24T20:29:51Z |
| 1609706 |
PKIoverheid: Missing audit statement "UZI-register Medewerker Niet op Naam CA G21" |
RESOLVED |
FIXED |
2020-02-22T21:19:47Z |
| 1610000 |
SSL.com: Intermediate certificate not listed in audit reports |
RESOLVED |
FIXED |
2020-02-22T21:29:09Z |
| 1610448 |
Firmaprofesional: 2019 audit Finding #1 - 6.2 Identification and Authorization |
RESOLVED |
FIXED |
2020-02-07T03:22:39Z |
| 1610507 |
PKIoverheid: TSP CPS lacks problem reporting instructions |
RESOLVED |
DUPLICATE |
2020-01-21T20:34:48Z |
| 1611458 |
Asseco DS / Certum: Invalid value in SAN dNSName |
RESOLVED |
FIXED |
2020-06-02T17:50:38Z |
| 1612332 |
Telia CA: Ambiguity on KeyUsage with ECC public key |
RESOLVED |
FIXED |
2020-05-21T02:26:24Z |
| 1612389 |
google Trust Services: invalid curve-hash combination |
RESOLVED |
FIXED |
2020-04-14T22:03:37Z |
| 1612929 |
Firmaprofesional: 2019 audit Finding #2 - 6.4 Facility, management, and operational controls |
RESOLVED |
FIXED |
2020-02-07T03:23:43Z |
| 1613409 |
CFCA: Repeated unexplained delays in providing timely status updates |
RESOLVED |
FIXED |
2020-04-01T03:52:42Z |
| 1613505 |
DigiCert: WTCA / WTBR Audit 2019 - Matters to be resolved |
RESOLVED |
FIXED |
2020-05-19T20:55:03Z |
| 1614290 |
WISeKey: Unofficial DBA in Organization field |
RESOLVED |
FIXED |
2020-05-21T02:08:15Z |
| 1614311 |
Telia: Two CA certificates not listed in audit report |
RESOLVED |
FIXED |
2020-05-21T01:39:00Z |
| 1614444 |
Chunghwa Telecom: Audit Letter Validation failures on intermediate certificates |
RESOLVED |
FIXED |
2020-02-12T20:50:55Z |
| 1614449 |
SK ID Solutions: Audit Letter Validation failures on intermediate certificates |
RESOLVED |
FIXED |
2020-03-05T22:57:37Z |
| 1614450 |
SwissSign: Audit Letter Validation failures on intermediate certificates |
RESOLVED |
WORKSFORME |
2020-02-27T15:33:43Z |
| 1614821 |
Dhimyotis/Certigna: Unconstrained CAs missing audits |
RESOLVED |
FIXED |
2020-03-12T23:41:29Z |
| 1618256 |
DigiCert: Failure to properly encode Subject name |
RESOLVED |
FIXED |
2020-04-06T13:50:30Z |
| 1620727 |
Microsoft: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request |
RESOLVED |
DUPLICATE |
2020-03-09T17:35:32Z |
| 1620772 |
SSL.com: Issued precertificate with Debian Weak Key |
RESOLVED |
FIXED |
2020-04-08T00:14:21Z |
| 1623472 |
Trustis: Gap between audit periods |
RESOLVED |
FIXED |
2020-05-13T19:58:29Z |
| 1625421 |
Government of Spain FNMT: QC Statement that contains at least one of the ETSI ESI statements |
RESOLVED |
INVALID |
2020-03-30T18:07:53Z |
| 1625715 |
Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours |
RESOLVED |
FIXED |
2020-05-22T18:05:31Z |
| 1626078 |
Buypass: Missing NCA identifier in cabfOrganizationIdentifier in PSD2 QWACs |
RESOLVED |
FIXED |
2020-05-19T16:05:58Z |
| 1626805 |
FNMT: Minor non-conformities in 2020 audit statement |
RESOLVED |
FIXED |
2020-07-09T08:09:13Z |
| 1626868 |
WISeKey: Issuance of certificate with two potentially conflicting policy OIDs |
RESOLVED |
FIXED |
2020-04-06T21:43:04Z |
| 1627152 |
DigiCert: OCSP NextUpdate |
RESOLVED |
FIXED |
2020-05-19T16:02:00Z |
| 1627346 |
Entrust: S/MIME Certificate Issued with Incorrect Policy OID |
RESOLVED |
FIXED |
2020-05-22T19:53:06Z |
| 1627614 |
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours |
RESOLVED |
FIXED |
2020-05-19T15:56:08Z |
| 1629020 |
Taiwan-CA: Misissued certificate: Invalid organizationUnitName |
RESOLVED |
FIXED |
2020-04-19T14:55:54Z |
| 1630040 |
Google Trust Services: OCSP serving issue 2020-04-09 |
RESOLVED |
FIXED |
2020-05-21T03:41:19Z |
| 1630079 |
Google Trust Services: Invalid OCSP responses |
RESOLVED |
FIXED |
2020-04-15T04:39:52Z |
| 1630870 |
GlobalSign: Certificate issued with RSASSA-PSS public key |
RESOLVED |
FIXED |
2020-07-06T20:09:56Z |
| 1636140 |
SwissSign: duplicate serial number |
RESOLVED |
FIXED |
2020-07-07T23:28:11Z |
| 1637854 |
Telia CA: AIA CA Issuer field pointing to PEM encoded cert |
RESOLVED |
FIXED |
2020-06-02T07:00:35Z |
| 1638898 |
T-Systems: "Internet Widgits Pty Ltd" in organizationName |
RESOLVED |
DUPLICATE |
2020-05-18T17:38:58Z |
| 1639518 |
Sectigo: "unauthorized" OCSP responses |
VERIFIED |
INVALID |
2020-05-21T02:13:30Z |
| 1639798 |
GoDaddy: Failure to revoke key-compromised certificates within 24 hours |
RESOLVED |
DUPLICATE |
2020-07-08T17:39:35Z |
| 1639799 |
Globalsign: Failure to revoke key-compromised certificate within 24 hours |
RESOLVED |
FIXED |
2020-06-18T18:09:45Z |
| 1639802 |
Digicert: Failure to revoke key-compromised certificate |
RESOLVED |
FIXED |
2020-07-06T21:46:55Z |
| 1646866 |
DigiCert: Failure to revoke invalid serialNumber EV certificates within 5 days |
RESOLVED |
INVALID |
2020-06-20T20:27:56Z |
| 1648840 |
Let's Encrypt: OCSP responses with no revocationReason |
RESOLVED |
FIXED |
2020-07-06T22:12:28Z |
