CA/Closed Incidents

From MozillaWiki
< CA
Jump to: navigation, search

Closed CA Compliance Bugs

A historical view of past overdue audit statements may be found here.
Below is a historical view of past CA compliance bugs. These bugs may have been valid and remedied by the CA, or may have been deemed invalid and closed as unnecessary.

All Other Issues

Full Query
Summary ID Status Assigned to Whiteboard Last change time
[meta] Bug for Tracking BR Compliance Issues 1029147 RESOLVED Kathleen Wilson [ca-compliance] -- tracking bug for BR Compliance issues 2018-01-18T18:13:04Z
ACCV: Insufficient serial number entropy 1536213 RESOLVED Jose Amador [ca-compliance] 2019-07-23T15:55:50Z
Actalis: Certs issued with same issuer and serial number 1405817 RESOLVED Adriano Santoni [ca-compliance] 2018-01-18T15:49:40Z
Actalis: inaccurate value in stateOrProvinceName 1648997 RESOLVED Adriano Santoni [ca-compliance] - Next Update - 1-October 2020 2020-12-09T18:27:44Z
Actalis: Incorrect OCSP Delegated Responder Certificate 1649961 RESOLVED Adriano Santoni [ca-compliance] 2020-08-07T14:37:12Z
Actalis: Insufficient serial number entropy 1534295 RESOLVED Adriano Santoni [ca-compliance] 2019-08-09T16:41:07Z
Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586787 RESOLVED Giorgio Girelli [ca-compliance] 2021-06-20T17:07:17Z
Actalis: Issuance of intermediates after 2020-08-20 that do not comply with Mozilla Policy and the Baseline Requirements 1717357 RESOLVED Adriano Santoni [ca-compliance] Next update 2021-09-22 2021-10-03T18:31:04Z
Actalis: Non BR Compliant OCSP Responder 1523680 RESOLVED Adriano Santoni [ca-compliance] 2019-02-20T17:33:18Z
Actalis: Non-BR-Compliant Certificate Issuance 1390974 RESOLVED Adriano Santoni [ca-compliance] 2017-09-20T05:24:05Z
AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420766 RESOLVED Linus Hallberg [ca-compliance] 2017-11-29T15:41:06Z
Amazon Trust Services: ALV Errors 1713668 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] Next update 2021-07-01 2021-07-30T12:07:15Z
Amazon Trust Services: CP/CPS does not specify key compromise methods 1713976 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2021-09-07T14:23:55Z
Amazon Trust Services: Forbidden Domain Validation Method 1713978 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] Next update 2021-08-01 2021-07-30T12:05:51Z
Amazon Trust Services: Misissuance of Subordinate Per CPS 1743935 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2022-02-14T21:09:44Z
Amazon Trust Services: Missing CAA Check For Test Website Certificates 1746945 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2022-02-14T21:09:58Z
Amazon Trust Services: Overdue audit statements for intermediate certificates 1757615 RESOLVED Ben Wilson [ca-compliance] [audit-delay] 2022-03-25T16:33:32Z
Amazon: CAA Misissuances 1398428 RESOLVED Peter Bowen [ca-compliance] 2017-11-03T12:10:13Z
Amazon: Failure to comply with RFC 5280 1521623 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2019-02-05T23:01:29Z
Amazon: No Space In Private Organization 1569266 RESOLVED Dave Blunt [ca-compliance] 2019-08-10T23:03:35Z
Amazon: Revoked Sample Certs - No SANs 1574594 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2019-09-17T20:34:58Z
Amazon: Test revoked certificates with invalid validity period 1525710 RESOLVED Trevoli (Amazon Trust Services) [ca-compliance] 2019-03-04T19:54:07Z
Apple: CAs omitted from audit statement 1724528 RESOLVED certification_authority [ca-compliance] 2021-09-02T17:11:03Z
Apple: Empty SingleExtension in OCSP responses 1669618 RESOLVED certification_authority [ca-compliance] 2020-12-29T15:41:31Z
Apple: EV Certificate Approver Authorization 1659316 RESOLVED certification_authority [ca-compliance] 2020-10-05T16:58:56Z
Apple: OCSP availability 2020-11-12 1677234 RESOLVED certification_authority [ca-compliance] Next Update 2021-01-31 2021-02-08T17:33:05Z
Apple: OCSP responders return responses with incorrect issuer 1588001 RESOLVED certification_authority [ca-compliance] - Next Update - 30-June 2020 2021-06-07T18:12:24Z
Apple: Patch Management 1598829 RESOLVED certification_authority [ca-compliance] 2020-04-01T03:54:50Z
Apple: Test web page certificates expired 1730291 RESOLVED certification_authority [ca-compliance] 2021-09-29T13:40:55Z
Asseco DS / Certum: CA certificates not listed in audit report 1598277 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-12-03T04:23:48Z
Asseco DS / Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record 1409766 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-09-17T20:39:27Z
Asseco DS / Certum: CAA mis-issuance on critical flag and unknown CAA tag 1409764 RESOLVED Arkadiusz Ławniczak [ca-compliance] 2019-09-17T20:39:40Z
Asseco DS / Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420860 RESOLVED Arkadiusz Ławniczak [ca-compliance] 2019-09-17T20:36:03Z
Asseco DS / Certum: commonName not from subjectAltName entries 1550575 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-07-18T21:28:15Z
Asseco DS / Certum: Corrupted certificates 1511459 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-09-17T20:39:21Z
Asseco DS / Certum: CPS does not refer to BR domain validation methods 1717034 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-07-30T12:04:40Z
Asseco DS / Certum: EV certificate mis-issue 1451228 RESOLVED Arkadiusz Ławniczak [ca-compliance] 2019-09-17T20:39:45Z
Asseco DS / Certum: EV Certificates issued with wrong Business Category 1600301 RESOLVED Aleksandra Kapinos [ca-compliance] 2019-12-09T21:33:05Z
Asseco DS / Certum: Failure to provide a preliminary report within 24 hours. 1667684 RESOLVED Wojciech Trapczyński [ca-compliance] 2020-11-19T05:11:27Z
Asseco DS / Certum: Forward dating certificates (notBefore in the future) 1718680 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-09-10T17:48:51Z
Asseco DS / Certum: inconsistent disclosure of externally-operated intermediate 1567062 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-09-17T20:36:34Z
Asseco DS / Certum: Incorrect localityName 1710206 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-05-08T20:51:17Z
Asseco DS / Certum: Incorrect localityName 1711208 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-07-16T05:32:24Z
Asseco DS / Certum: Incorrect OCSP response encoding 1639502 RESOLVED Wojciech Trapczyński [ca-compliance] 2020-08-31T22:44:44Z
Asseco DS / Certum: Invalid dnsNames 1524195 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-07-01T20:30:10Z
Asseco DS / Certum: Invalid stateOrProvinceName field 1667986 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-05-04T21:46:38Z
Asseco DS / Certum: Invalid stateOrProvinceName field (recurrent incident) 1709392 RESOLVED Aleksandra Kurosz [ca-compliance] 2021-07-08T22:10:22Z
Asseco DS / Certum: Invalid value in SAN dNSName 1611458 RESOLVED Wojciech Trapczyński [ca-compliance] 2020-06-02T17:50:38Z
Asseco DS / Certum: IP in dnsName 1524878 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-09-17T20:36:08Z
Asseco DS / Certum: non-audited intermediate certificate 1579299 RESOLVED Aleksandra Kapinos [ca-compliance] 2019-12-09T23:40:59Z
Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys 1435770 RESOLVED Arkadiusz Ławniczak [ca-compliance] 2019-09-17T20:39:51Z
Asseco DS / Certum: Overdue Audit Statements 2019 1566586 RESOLVED Wojciech Trapczyński [ca-compliance] Overdue Audits for root certs 2019-09-17T20:36:19Z
Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) 1495518 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-09-17T20:35:32Z
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm 1518560 RESOLVED Wojciech Trapczyński [ca-compliance] 2019-02-19T17:42:51Z
ATOS: Incorrect OCSP Delegated Responder Certificate 1649963 RESOLVED u636358 [ca-compliance] 2020-07-26T03:07:46Z
Atos: Insufficient Serial Number Entropy 1540961 RESOLVED u636358 [ca-compliance] 2019-06-29T00:36:27Z
Atos: Tracking bug for possible audit delays 1626355 RESOLVED u636358 [ca-compliance][audit-delay][covid-19] Next Update 1-Oct-2020 2020-10-31T16:58:05Z
Buypass: Illegal Business Category in a PSD2 QWAC 1632632 RESOLVED Mads Henriksveen [ca-compliance] 2021-07-04T19:48:16Z
Buypass: Insufficient Serial Number Entropy 1539307 RESOLVED Mads Henriksveen [ca-compliance] 2019-06-28T16:36:43Z
Buypass: Intermediate certificates not listed in audit reports 1595113 RESOLVED Mads Henriksveen [ca-compliance] 2020-04-01T04:10:26Z
Buypass: Missing NCA identifier in cabfOrganizationIdentifier in PSD2 QWACs 1626078 RESOLVED Mads Henriksveen [ca-compliance] 2020-05-19T16:05:58Z
Buypass: PSD2 QWAC with RSA modulus not divisible by 8 1654216 RESOLVED Mads Henriksveen [ca-compliance] Next Update 30-Sept-2020 2020-10-05T16:59:24Z
Camerfirma: audit gap 1583470 RESOLVED Ana Lopes [ca-compliance] 2020-01-22T23:29:38Z
Camerfirma: certificate for unregistered domain 1672423 RESOLVED Ana Lopes [ca-compliance] 2021-01-22T18:40:48Z
Camerfirma: Certificate issued with 3-year lifespan, unknown policy 1686524 RESOLVED Eusebio Herrera [ca-compliance] 2021-03-19T18:12:54Z
Camerfirma: certificate with an incorrect OrganizationName 1680083 RESOLVED Eusebio Herrera [ca-compliance] 2021-02-12T17:41:59Z
Camerfirma: Certificates without CABForum OV Reserved Policy Identifier 1685557 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:12:23Z
Camerfirma: Certs issued with same issuer and serial number 1405815 RESOLVED Ramiro Muñoz Muñoz [ca-compliance] 2017-10-13T08:25:10Z
Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName 1357067 RESOLVED Kathleen Wilson [ca-compliance] 2017-10-13T16:52:00Z
Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant 1688215 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:14:22Z
Camerfirma: EV Certificates issued with wrong Business Category 1600114 RESOLVED Ana Lopes [ca-compliance] 2020-01-21T23:58:14Z
Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA 1672029 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:14:46Z
Camerfirma: failure to revoke underscores 1524871 RESOLVED Eusebio Herrera [ca-compliance] 2019-09-10T22:27:44Z
Camerfirma: Govern d'Andorra Audit Delay 1704140 RESOLVED Ana Lopes [ca-compliance] [audit-delay] 2021-07-12T02:58:03Z
Camerfirma: Incorrect disclosure of Intesa Sanpaolo sub-CA 1672562 RESOLVED Ana Lopes [ca-compliance] 2021-01-22T18:40:28Z
Camerfirma: Incorrect OCSP Delegated Responder Certificate 1649944 RESOLVED Eusebio Herrera [ca-compliance] 2020-08-07T14:43:47Z
Camerfirma: Infocert misissued certificates 1556806 RESOLVED Eusebio Herrera [ca-compliance] 2022-03-02T14:38:37Z
Camerfirma: Intesa Sanpaolo misissued certificates 1557085 RESOLVED Eusebio Herrera [ca-compliance] 2019-08-03T03:38:32Z
Camerfirma: Invalid authorityKeyIdentifier - recurrent incident 1623384 RESOLVED Ana Lopes [ca-compliance] 2020-08-07T15:01:41Z
Camerfirma: Invalid stateOrProvinceName field 1667430 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:15:18Z
Camerfirma: Missing audit for Intermediate certificate 1455147 RESOLVED Juan Angel Martin [ca-compliance] 2018-08-08T00:29:24Z
Camerfirma: MULTICERT certificates with a validity period greater than 825 days 1509002 RESOLVED Eusebio Herrera [ca-compliance] 2019-04-16T22:52:13Z
Camerfirma: MULTICERT Misissuance and missing audits 1502957 RESOLVED Juan Angel Martin [ca-compliance] 2020-05-27T16:21:53Z
Camerfirma: MULTICERT organizationName Too Long 1481862 RESOLVED Juan Angel Martin [ca-compliance] 2019-04-16T22:53:44Z
Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy 1534429 RESOLVED [ca-compliance] 2019-08-14T07:30:49Z
CamerFirma: No disclosure of verification sources 1688382 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:02:21Z
Camerfirma: Non-BR-Compliant Certificate Issuance 1390977 RESOLVED Ramiro Muñoz Muñoz [ca-compliance] 2018-03-02T21:18:42Z
Camerfirma: Non-BR-Compliant Issuance - DNSName is empty 1443857 RESOLVED Juan Angel Martin [ca-compliance] 2018-05-17T17:52:09Z
Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field 1431164 RESOLVED Juan Angel Martin [ca-compliance] 2018-05-24T16:47:45Z
Camerfirma: Non-BR-Compliant OCSP Responders 1426233 RESOLVED Ramiro Muñoz Muñoz [ca-compliance] 2018-01-04T17:04:02Z
Camerfirma: Old CAs with an RSA modulus size of 2047 bits 1692533 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:16:09Z
Camerfirma: Outdated audit statements for intermediate certs 1549861 RESOLVED Eusebio Herrera [ca-compliance] 2020-01-21T23:17:59Z
Camerfirma: Potential Mis-Issuance based on CAA records 1420871 RESOLVED Ramiro Muñoz Muñoz [ca-compliance] 2018-01-17T17:58:16Z
Camerfirma: Qualified Audit Statements 1478933 RESOLVED Juan Angel Martin [ca-compliance] 2019-09-17T20:36:56Z
Camerfirma: suspicious certificate for 1672409 RESOLVED Ana Lopes [ca-compliance] 2021-03-19T18:12:39Z
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate 1532333 RESOLVED Eusebio Herrera [ca-compliance] 2020-01-18T00:07:12Z
Certainly: Root CRL validity period exceeds maximum by one second 1732745 RESOLVED Wayne Thayer [ca-compliance] 2021-11-04T18:45:55Z
Certainly: TLS Using ALPN TLS Version and OID 1752452 RESOLVED Wayne Thayer [ca-compliance] 2022-02-17T17:16:34Z
Certicamara: Failure to respond to September 2018 CA Survey 1498409 RESOLVED Leonardo Maldonado [ca-compliance] 2019-01-04T21:35:16Z
Certicamara: Undisclosed Intermediate certificates 1455128 RESOLVED Leonardo Maldonado [ca-compliance] 2019-01-04T16:58:08Z
Certigna : certificates issued with 2 SCT 1709896 RESOLVED Josselin Allemandou [ca-compliance] 2021-05-10T19:45:42Z
Certigna: Issuance without respecting CAA records 1485413 RESOLVED Josselin Allemandou [ca-compliance] 2019-01-04T21:45:05Z
Certinomis: 174 certificates with unknown OCSP status 1551390 RESOLVED François CHASSERY [ca-compliance] 2019-05-23T19:05:03Z
Certinomis: certificate for, O=Entreprise TEST 1496088 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:08:46Z
Certinomis: certificates for an unregistered domain, with unknown OCSP status 1544933 RESOLVED François CHASSERY [ca-compliance] 2019-05-23T19:04:35Z
Certinomis: certificates with invalid DNS SAN 1551357 RESOLVED François CHASSERY [ca-compliance] 2019-05-23T19:03:16Z
Certinomis: certificates with space in dNSName SAN 1539531 RESOLVED Marc MAITRE [ca-compliance] 2019-05-07T23:09:23Z
Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB 1386891 RESOLVED Franck Leroy [ca-compliance] 2017-10-24T09:52:02Z
Certinomis: email address in DNS SAN 1503128 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:07:55Z
Certinomis: invalid CDP extension 1524451 RESOLVED Marc MAITRE [ca-compliance] 2019-05-14T00:00:43Z
Certinomis: invalid DNS names in SAN 1524094 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:09:18Z
Certinomis: Invalid SAN in a certificate 1542793 RESOLVED François CHASSERY [ca-compliance] 2019-05-07T23:04:38Z
Certinomis: invalid state and locality fields in subject 1524103 RESOLVED Marc MAITRE [ca-compliance] 2019-08-11T21:22:11Z
Certinomis: Invalid TLD in SAN 1542328 RESOLVED François CHASSERY [ca-compliance] 2019-05-23T19:04:05Z
Certinomis: misissued "test" certificates 1524448 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:06:56Z
Certinomis: Non-BR-Compliant Certificate Issuance 1390978 RESOLVED Franck Leroy [ca-compliance] 2017-11-29T14:19:25Z
Certinomis: O=POUR TEST in subject 1524112 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:06:35Z
Certinomis: Unqualified Domain Name in SAN 1495524 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:05:35Z
Certinomis: Use of Domain Validation Method after August 1, 2018 1547072 RESOLVED François CHASSERY [ca-compliance] 2019-05-10T00:36:48Z
Certinomis: validity period >825 days 1524449 RESOLVED Marc MAITRE [ca-compliance] 2019-05-23T19:07:29Z
Certinomis/Docapost: Failure to respond to January 2018 survey 1439126 RESOLVED Franck Leroy [ca-compliance] 2018-05-24T00:15:29Z
Certinomis/Docapost: Non-BR-Compliant OCSP Responders 1425998 RESOLVED Franck Leroy [ca-compliance] 2018-01-16T22:37:43Z
certSIGN: "Some-State" in stateOrProvinceName 1551375 RESOLVED Cristian Garabet [ca-compliance] 2019-07-24T22:13:19Z
certSIGN: CPS specifies md5 and sha1WithRSAEncryption as useable signature types 1718675 RESOLVED Gabriel PETCU [ca-compliance] 2021-07-14T14:48:42Z
certSIGN: misissued an OV SSL certificate with no organizationName and localityName, instead of a DV SSL as requested by client 1674886 RESOLVED Gabriel PETCU [ca-compliance] 2021-06-11T18:02:39Z
certSIGN: Non-BR-Compliant Certificate Issuance 1390979 RESOLVED Cristian Garabet [ca-compliance] [remediation-accepted] Next Update: 2017-10-01 2017-10-13T18:10:15Z
certSIGN: Non-BR-Compliant OCSP Responders 1398243 RESOLVED Cristian Garabet [ca-compliance] 2018-02-07T18:05:33Z
CFCA: Internal iPAddress in certificate 1524143 RESOLVED Jonathan Sun [ca-compliance] 2019-04-08T19:26:05Z
CFCA: invalid dnsNames 1524733 RESOLVED Jonathan Sun [ca-compliance] 2020-02-06T02:00:17Z
CFCA: Invalid TLD in SAN 1532429 RESOLVED Jonathan Sun [ca-compliance] 2019-06-28T20:27:26Z
CFCA: Missed CPS update publication on website in 2018 1565494 RESOLVED Oliver Bi [ca-compliance] 2019-08-15T14:06:59Z
CFCA: Repeated unexplained delays in providing timely status updates 1613409 RESOLVED Oliver Bi [ca-compliance] 2020-04-01T03:52:42Z
CFCA: Wrong OrganizationName 1608333 RESOLVED Oliver Bi [ca-compliance] 2020-01-17T22:48:22Z
CFCA: Wrong SerialNumber encoding 1532559 RESOLVED Jonathan Sun [ca-compliance] 2020-08-07T15:02:25Z
Chunghwa Telecom: Audit Letter Validation failures on intermediate certificates 1614444 RESOLVED Li-Chun CHEN [ca-compliance] 2020-02-12T20:50:55Z
Chunghwa Telecom: Test certificate with unregistered domain name 1532436 RESOLVED Li-Chun CHEN [ca-compliance] 2020-11-11T05:11:23Z
Comodo CA issuing EV Certs without Higher Authority checks 1501374 RESOLVED Robin Alden [ca-compliance] 2020-01-09T22:59:56Z
Comodo: CAA Mis-Issuance on basic test case 1410834 RESOLVED Robin Alden [ca-compliance] 2018-05-23T22:19:09Z
Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420858 RESOLVED Rob Stradling [ca-compliance] 2017-12-06T15:51:14Z
Comodo: CAA Misissuance 1398545 RESOLVED Rob Stradling [ca-compliance] 2017-12-06T16:36:39Z
Comodo: CAA misissuances due to race condition 1423624 RESOLVED Rob Stradling [ca-compliance] 2017-12-20T14:53:35Z
Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation 1461391 RESOLVED Robin Alden [ca-compliance] 2019-01-04T20:49:48Z
Comodo: Non-BR-Compliant Certificate Issuance 1390981 RESOLVED Rob Stradling [ca-compliance] 2017-12-08T11:36:13Z
Comodo: Possible CAA Misissuance due against critical record 1532313 RESOLVED Wayne Thayer [ca-compliance] 2019-03-04T19:19:44Z
Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) 1420873 RESOLVED Rob Stradling [ca-compliance] 2017-12-06T17:53:07Z
Consorci AOC : Misissued certificates: commonName:organizationIdentifier attribute inclusion not conforming CABForum guidelines 1.6.9 1590723 RESOLVED Francesc Ferrer [ca-compliance] 2019-12-27T15:31:15Z
Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy 1538673 RESOLVED Francesc Ferrer [ca-compliance] 2019-04-22T22:09:56Z
Consorci AOC: Insufficient Audit Statements 1425805 RESOLVED Francesc Ferrer [ca-compliance] 2019-01-03T21:31:17Z
Consorci AOC: Non-BR-Compliant Certificate Issuance 1390988 RESOLVED Francesc Ferrer [ca-compliance] - Next Update - 01-July 2018 2018-08-01T18:33:24Z
Consorci AOC: Non-BR-Compliant OCSP Responders 1398246 RESOLVED Francesc Ferrer [ca-compliance] 2018-10-12T17:25:25Z
Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert 1428832 RESOLVED Francesc Ferrer [ca-compliance] 2018-01-09T16:46:49Z
Consorci AOC: Qualified audit statements 1496616 RESOLVED Francesc Ferrer [ca-compliance] CKA_NSS_SERVER_DISTRUST_AFTER 2020-06-20T20:30:44Z
Cybertrust Japan: Root CRLs exceed maximum validity period by one second 1737242 RESOLVED Masaru Sakamoto [ca-compliance] 2021-11-10T22:52:28Z
Cybertrust Japan: three test websites not provided 1466252 RESOLVED masahiro.shikutani [ca-compliance] - Next update 19-Oct-2018 2019-02-20T01:38:01Z
D-TRUST: Certificate with RSA key where modulus is not divisible by 8 1691117 RESOLVED Enrico Entschew [ca-compliance] 2021-03-11T17:46:23Z
D-TRUST: EV certificates with incorrectly used businessCategory entry 1599561 RESOLVED Enrico Entschew [ca-compliance] 2019-12-24T22:29:12Z
D-TRUST: incorrectly formatted businessCategory entry 1567588 RESOLVED Enrico Entschew [ca-compliance] 2019-12-03T03:43:35Z
D-TRUST: Issuance of non-conformant SSL certificate 1610303 RESOLVED Enrico Entschew [ca-compliance] - Next Update - 2-Oct-2020 2020-10-13T02:59:25Z
D-TRUST: Non-BR-Compliant Certificate Issuance 1390990 RESOLVED Arno Fiedler [ca-compliance] 2019-04-02T00:52:50Z
D-TRUST: Precertificate OU > 64 Characters 1563772 RESOLVED Enrico Entschew [ca-compliance] 2019-09-17T00:57:27Z
D-TRUST: Private Key Disclosed by Customer as Part of CSR 1682270 RESOLVED Enrico Entschew [ca-compliance] 2021-02-26T18:02:39Z
D-TRUST: syntax error in one tls certificate 1509512 RESOLVED Enrico Entschew [ca-compliance] 2019-02-20T01:22:27Z
D-TRUST: Wrong key usage (Key Encipherment) 1647468 RESOLVED Enrico Entschew [ca-compliance] 2021-04-30T15:36:48Z
DFN-PKI: Finding in 2020 ETSI audit 1672208 RESOLVED Jürgen Brauckmann [ca-compliance] 2020-12-09T18:25:56Z
Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days 1667744 RESOLVED Josselin Allemandou [ca-compliance] 2021-03-31T21:53:57Z
Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB 1451949 RESOLVED Josselin Allemandou [ca-compliance] 2018-04-10T16:06:01Z
Dhimyotis/Certigna: Unconstrained CAs missing audits 1614821 RESOLVED Josselin Allemandou [ca-compliance] 2020-03-12T23:41:29Z
DigiCert / ABB: Issues with DN, country code and keyUsage 1456655 RESOLVED Brenda Bernal [ca-compliance] 2019-09-15T22:39:25Z
DigiCert / CTJ: Metadata in OU fields, Reserved IP Address 1397957 RESOLVED Jeremy Rowley [ca-compliance] 2019-01-14T22:06:51Z
DigiCert / InfoCert: Insufficient Serial Number Entropy 1397951 RESOLVED Jeremy Rowley [ca-compliance] 2017-10-13T21:36:08Z
DigiCert / Inteso San Paulo: Double dot characters 1397969 RESOLVED Jeremy Rowley [ca-compliance] 2018-02-05T19:06:40Z
DigiCert / Justica: Invalid DNS names 1397961 RESOLVED Jeremy Rowley [ca-compliance] - Need updated audit statements for the subCA 2018-06-25T18:42:27Z
DigiCert / Microsoft: inconsistent disclosure of externally-operated intermediate 1647084 RESOLVED Jeremy Rowley [ca-compliance] 2020-09-04T19:38:17Z
DigiCert / Siemens: Insufficient Serial Number Entropy 1397954 RESOLVED Jeremy Rowley [ca-compliance] 2017-10-12T12:59:18Z
DigiCert / Swiss Government: CommonName not in SANs 1397965 RESOLVED Jeremy Rowley [ca-compliance] 2017-09-20T05:36:53Z
DigiCert / Telecom Italia: Several Problems 1397960 RESOLVED Jeremy Rowley [ca-compliance] 2018-08-28T17:49:02Z
DigiCert / Terena: Metadata in OU fields 1397958 RESOLVED Jeremy Rowley [ca-compliance] 2017-09-20T05:13:05Z
DigiCert / Verizon: Reserved/Intranet domain name 1397968 RESOLVED Jeremy Rowley [ca-compliance] 2017-09-08T12:24:16Z
DigiCert / Wells Fargo: Invalid DNS names 1397963 RESOLVED Jeremy Rowley [ca-compliance] 2018-02-06T17:24:54Z
DigiCert OCSP services returns 1 byte 1577014 RESOLVED Jeremy Rowley [ca-compliance] 2019-10-22T17:58:50Z
DigiCert Onion Certs 1447192 RESOLVED Jeremy Rowley [ca-compliance] 2018-06-03T18:53:15Z
DigiCert Validation Scope Incident 1556948 RESOLVED Jeremy Rowley [ca-compliance] 2019-11-26T01:34:23Z
DigiCert: "Internet Widgits Pty Ltd" in organizationalUnitName 1639032 RESOLVED Brenda Bernal [ca-compliance] 2020-08-02T21:05:31Z
DigiCert: "Some-State" in stateOrProvinceName 1551363 RESOLVED Brenda Bernal [ca-compliance] 2019-09-06T16:43:47Z
DigiCert: & character in a printableString in ICA 1593814 RESOLVED Jeremy Rowley [ca-compliance] 2019-12-24T00:08:24Z
DigiCert: ABB greater than 825 day cert issuance 1451446 RESOLVED Brenda Bernal [ca-compliance] 2019-02-15T21:24:46Z
DigiCert: Apple: Non-compliant Common Name Length 1556906 RESOLVED certification_authority [ca-compliance] 2019-12-24T18:05:07Z
DigiCert: Apple: Non-compliant Serial Numbers 1533655 RESOLVED certification_authority [ca-compliance] 2019-07-20T00:56:21Z
DigiCert: Apple: Precertificates without corresponding certificates return OCSP value of "unknown" 1582519 RESOLVED certification_authority [ca-compliance] 2019-10-05T00:06:34Z
DigiCert: Apple: Unconstrained CAs not included in WTBR report 1575125 RESOLVED Wayne Thayer [ca-compliance] 2019-10-18T18:53:56Z
Digicert: CAA Checking Issue 1550645 RESOLVED Brenda Bernal [ca-compliance] 2020-05-22T18:03:15Z
DigiCert: Certificate Issues Identified on the Mailing List 1389172 RESOLVED Kathleen Wilson [ca-compliance] 2017-09-20T05:01:50Z
Digicert: delayed publication of revocation information 1640805 RESOLVED Jeremy Rowley [ca-compliance] 2020-08-05T20:53:27Z
DigiCert: DigiCert issued cert with CN too long 1353827 RESOLVED Kathleen Wilson [ca-compliance] 2017-09-21T04:55:30Z
DigiCert: Domain validation skipped 1595921 RESOLVED Jeremy Rowley [ca-compliance] 2020-01-24T00:36:19Z
DigiCert: ECCE 001 issuing certificates without subject alternative name extension 1262610 RESOLVED Jeremy Rowley [ca-compliance] 2017-04-26T19:23:50Z
DigiCert: Entity not verified in organizationalUnitName 1676003 RESOLVED Jeremy Rowley [ca-compliance] 2020-11-30T04:05:07Z
DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days 1563573 RESOLVED Brenda Bernal [ca-compliance] 2020-02-01T20:20:19Z
DigiCert: Failure to find and revoke key-compromised certificates within 24 hours 1693343 RESOLVED Jeremy Rowley [ca-compliance] 2021-03-19T18:02:46Z
DigiCert: Failure to properly encode Subject name 1618256 RESOLVED Brenda Bernal [ca-compliance] 2020-04-06T13:50:30Z
DigiCert: Failure to provide a preliminary report within 24 hours. 1649277 RESOLVED Brenda Bernal [ca-compliance] Next Update 1-October-2020 2020-10-31T16:55:39Z
DigiCert: Failure to revoke invalid serialNumber EV certificates within 5 days 1646866 RESOLVED Brenda Bernal [ca-compliance] 2020-06-20T20:27:56Z
Digicert: Failure to revoke key-compromised certificate 1639802 RESOLVED Brenda Bernal [ca-compliance] 2020-07-06T21:46:55Z
Digicert: Failure to revoke key-compromised certificates within 24 hours 1639801 RESOLVED Brenda Bernal [ca-compliance] 2020-11-19T18:14:55Z
DigiCert: Failure to supervise ABB Subordinate CA 1566162 RESOLVED Jeremy Rowley [ca-compliance] 2019-09-15T22:55:08Z
DigiCert: Good OCSP Responses for Revoked Intermediates 1523676 RESOLVED Ben Wilson [ca-compliance] 2019-04-04T18:12:09Z
DigiCert: improper domain validation 1483715 RESOLVED Jeremy Rowley [ca-compliance] 2018-11-16T22:57:12Z
DigiCert: Misissuance 1531817 RESOLVED Jeremy Rowley [ca-compliance] 2019-07-01T22:43:48Z
DigiCert: Inconsistent EV audits 1650910 RESOLVED Brenda Bernal [ca-compliance] - Next Update - 21-Sept-2020 2020-10-07T15:37:03Z
DigiCert: Incorrect OCSP Delegated Responder Certificate 1649951 RESOLVED Martin Sullivan [ca-compliance] 2021-03-11T17:45:11Z
DigiCert: Incorrect RegNumber-Org Type combination 1714439 RESOLVED Brenda Bernal [ca-compliance] 2021-06-23T15:39:17Z
DigiCert: Insufficient entropy in serial numbers 1417777 RESOLVED Jeremy Rowley [ca-compliance] 2017-11-28T12:19:34Z
DigiCert: Intermediate Cert(s) not disclosed in CCADB 1451950 RESOLVED Ben Wilson [ca-compliance] 2018-10-12T19:24:48Z
Digicert: Internal Domain Name cert mis-issuance 1500621 RESOLVED Brenda Bernal [ca-compliance] 2018-11-16T23:02:54Z
DigiCert: Invalid Country Code Issuance 1465600 RESOLVED Brenda Bernal [ca-compliance] 2019-06-28T20:18:33Z
DigiCert: Invalid localityName 1710856 RESOLVED Brenda Bernal [ca-compliance] 2021-06-03T01:12:56Z
DigiCert: Invalid stateOrProvinceName 1710444 RESOLVED Brenda Bernal [ca-compliance] 2021-06-03T01:12:41Z
DigiCert: IP in dnsName 1524875 RESOLVED Brenda Bernal [ca-compliance] 2019-05-17T22:05:40Z
DigiCert: Issuance of Cert with Compromised Key 1624527 RESOLVED Jeremy Rowley [ca-compliance] Next Update - 1-June 2020 2020-07-20T20:40:17Z
DigiCert: Issuance of certs with weak keys (ROCA) 1744795 RESOLVED Jeremy Rowley [ca-compliance] 2022-01-14T17:26:53Z
DigiCert: JOI Issue 1576013 RESOLVED Jeremy Rowley [ca-compliance] Next Update - 1-Oct-2020 2020-11-13T18:43:00Z
Digicert: Key Size Not Divisible By 8 1653475 RESOLVED Jeremy Rowley [ca-compliance] 2020-08-02T21:08:14Z
Digicert: KPN Outdated Audit 1539296 RESOLVED Brenda Bernal [ca-compliance] 2019-06-29T00:30:54Z
DigiCert: Malformed ICA 1654967 RESOLVED Martin Sullivan [ca-compliance] 2020-12-15T17:23:43Z
DigiCert: Mis-issuance of certificate with https in CN/SAN 1445857 RESOLVED Ben Wilson [ca-compliance] 2019-09-18T20:09:52Z
DigiCert: Missed Underscore Certificate Revocations 1526154 RESOLVED Brenda Bernal [ca-compliance] 2019-04-25T00:24:49Z
DigiCert: Missing audits for Intermediate certificates 1455150 RESOLVED Ben Wilson [ca-compliance] 2018-08-16T21:53:08Z
DigiCert: no subject alternative name in Siemens certs 1017157 RESOLVED Kathleen Wilson [ca-compliance] 2017-04-26T19:23:50Z
DigiCert: Non-audited, non-technically-constrained intermediate certs 1368176 RESOLVED Jeremy Rowley [ca-compliance] 2017-09-18T14:26:46Z
DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID 1339339 RESOLVED Jeremy Rowley [ca-compliance] 2017-04-26T19:23:50Z
DigiCert: Non-BR-Compliant OCSP Responders 1398269 RESOLVED Jeremy Rowley [ca-compliance] - Next Update - 30-April 2018 2018-06-21T17:23:31Z
DigiCert: OCSP NextUpdate 1627152 RESOLVED Brenda Bernal [ca-compliance] 2020-05-19T16:02:00Z
DigiCert: OCSP responder returning invalid responses 1662346 RESOLVED Martin Sullivan [ca-compliance] Next Update - 15-Oct 2020 2020-10-21T16:20:52Z
DigiCert: P-384,ecdsa-with-SHA512 Certificates 1527423 RESOLVED Brenda Bernal [ca-compliance] 2019-07-18T00:25:43Z
DigiCert: Private Keys Disclosed by Customers as Part of CSR 1675684 RESOLVED Jeremy Rowley [ca-compliance] 2020-12-15T17:24:08Z
DigiCert: Revoked intermediate certificates not in CRL 1548719 RESOLVED Stephen Davidson [ca-compliance] 2019-08-06T17:44:41Z
Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance 1436173 RESOLVED Ben Wilson [ca-compliance] 2018-08-22T17:52:32Z
DigiCert: SHA-1 intermediate issued after 2016-01-01 1684442 RESOLVED Jeremy Rowley [ca-compliance] 2021-03-07T05:37:20Z
DigiCert: SHA-256 hash algorithm used with ECC P-384 key 1664325 RESOLVED Brenda Bernal [ca-compliance] 2020-09-16T10:25:55Z
DigiCert: Symantec non-constrained/non-disclosed intermediates 1417771 RESOLVED Jeremy Rowley [ca-compliance] 2018-08-27T14:00:16Z
DigiCert: TERENA: No localityName in EV precert 1586604 RESOLVED Jeremy Rowley [ca-compliance] 2019-10-09T00:18:43Z
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension 1304895 RESOLVED Wayne Thayer [ca-compliance] 2018-06-20T16:23:52Z
DigiCert: Truncation of Registration Number 1727963 RESOLVED Jeremy Rowley [ca-compliance] 2021-09-20T16:02:22Z
DigiCert: Underscore character certificates 1515564 RESOLVED Jeremy Rowley [ca-compliance] 2018-12-21T17:59:51Z
DigiCert: Underscores - Canadian Imperial Bank of Commerce 1516561 RESOLVED Brenda Bernal [ca-compliance] 2019-02-26T22:13:42Z
DigiCert: Underscores - Citi 1517617 RESOLVED Brenda Bernal [ca-compliance] 2019-07-31T23:48:03Z
DigiCert: Underscores - CVS Pharmacy 1515788 RESOLVED Brenda Bernal [ca-compliance] Next Update - 8-February 2019 2019-02-15T19:24:57Z
DigiCert: Underscores - Discover 1516453 RESOLVED Brenda Bernal [ca-compliance] 2019-02-15T19:25:18Z
DigiCert: Underscores - Ericsson 1516599 RESOLVED Brenda Bernal [ca-compliance] 2019-07-31T23:48:08Z
DigiCert: Underscores - Intuit 1519572 RESOLVED Brenda Bernal [ca-compliance] 2019-05-01T23:26:22Z
DigiCert: Underscores - Verizon 1516545 RESOLVED Brenda Bernal [ca-compliance] 2019-03-03T20:28:38Z
Digicert: Undisclosed CAs -Federated Trust CA-1 1499585 RESOLVED Wayne Thayer [ca-compliance] 2018-11-01T17:24:34Z
DigiCert: Unrevocation of BT Class 2 CA - G2 CA Certificate 1442091 RESOLVED Ben Wilson [ca-compliance] 2019-09-18T20:25:47Z
DigiCert: Use of forbidden subjectPublicKeyInfo algorithm 1518555 RESOLVED Jeremy Rowley [ca-compliance] 2019-01-15T18:25:22Z
DigiCert: Verizon CPS lacks problem reporting instructions 1596931 RESOLVED Jeremy Rowley [ca-compliance] 2019-12-03T03:16:58Z
DigiCert: Verizon mis-issued test certificates 1335132 RESOLVED Jeremy Rowley [ca-compliance] 2017-11-28T10:37:09Z
DigiCert: Verizon: "Default City" in Subject:localityName 1548716 RESOLVED Brenda Bernal [ca-compliance] 2019-05-20T22:42:46Z
DigiCert: WTCA / WTBR Audit 2019 - Matters to be resolved 1613505 RESOLVED Brenda Bernal [ca-compliance] 2020-05-19T20:55:03Z
Digicert/Symantec: EV JOI Issue 1413761 RESOLVED Jeremy Rowley [ca-compliance] 2017-11-28T12:18:04Z
DigiCert/Verizon: Qualified 2019 Audit Statements 1573937 RESOLVED Brenda Bernal [ca-compliance] 2020-02-02T00:56:06Z
DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN 1420861 RESOLVED Jeremy Rowley [ca-compliance] 2017-11-30T22:14:19Z
Disig: CPS does not refer to BR domain validation methods 1717001 RESOLVED Peter Miskovic [ca-compliance] 2021-06-21T22:24:30Z
Disig: Failure to provide a preliminary report within 24 hours. 1670458 RESOLVED Peter Miskovic [ca-compliance] 2021-01-22T19:06:22Z
Disig: Non-BR-Compliant Certificate Issuance 1390991 RESOLVED Peter Miskovic [ca-compliance] [remediation-accepted] Next Update - 2017-10 2018-02-09T22:09:08Z
Disig: Non-BR-Compliant OCSP Responders 1398242 RESOLVED Peter Miskovic [ca-compliance] 2018-05-23T21:13:21Z
Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea 1451578 RESOLVED Wayne Thayer [ca-compliance] - Government of Korea GPKI 2018-09-07T21:08:26Z
DocuSign/Keynectis: Missing BR Self Assessment 1458038 RESOLVED Erwann Abalea [ca-compliance] 2019-01-04T20:57:58Z
DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance 1390994 RESOLVED Erwann Abalea [ca-compliance] 2017-12-01T13:23:51Z
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders 1398247 RESOLVED Erwann Abalea [ca-compliance] 2019-01-03T21:15:06Z
DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates 1444455 RESOLVED Erwann Abalea [ca-compliance] 2019-01-03T21:39:32Z
DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA 1447497 RESOLVED Wayne Thayer [ca-compliance] 2018-03-23T23:33:01Z
DocuSign/Keynectis: Undisclosed Intermediate certificate 1497700 RESOLVED Erwann Abalea [ca-compliance] 2019-01-04T22:10:37Z
DSV-Gruppe: Failure to respond to January 2018 survey 1439129 RESOLVED Wayne Thayer [ca-compliance] 2018-05-08T00:00:16Z
E-Tugra: audit delay because of an environmental disaster/pandemic 1659426 RESOLVED Davut Tokgöz [ca-compliance][audit-delay][covid-19] 2020-11-04T05:01:41Z
E-Tugra: CA Certificate Missing from Audit Reports 1716843 RESOLVED Davut Tokgöz [ca-compliance] Next update 2022-02-16 2022-02-17T17:17:38Z
E-Tugra: commonName not in SAN 1687139 RESOLVED Davut Tokgöz [ca-compliance] Next Update 2021-03-05 2021-04-07T14:03:03Z
E-Tugra: Delayed Response of Revocation Request 1687513 RESOLVED Davut Tokgöz [ca-compliance] 2021-04-07T14:01:54Z
E-Tugra: Failure to respond to January 2018 survey 1439128 RESOLVED Davut Tokgöz [ca-compliance] 2018-05-30T23:13:01Z
E-Tugra: Forbidden Domain Validation Method 1716902 RESOLVED Davut Tokgöz [ca-compliance] 2021-12-02T17:56:51Z
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString 1462797 RESOLVED Davut Tokgöz [ca-compliance] 2019-02-20T16:59:33Z
E-Tugra: Insufficient serial number entropy 1542302 RESOLVED Davut Tokgöz [ca-compliance] - Next Update 2019-05-01T23:30:32Z
E-Tugra: Intermittent OCSP response with status 'Unknown' 1687330 RESOLVED Davut Tokgöz [ca-compliance] 2021-04-07T14:02:49Z
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit 1582601 RESOLVED Davut Tokgöz [ca-compliance] 2019-11-02T17:54:54Z
E-Tugra: Validity period > 825 days 1449371 RESOLVED Davut Tokgöz [ca-compliance] 2018-04-20T21:23:08Z
EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate 1397830 RESOLVED Raúl Santisteban [ca-compliance] 2019-09-17T21:48:45Z
emSign: Audit Delay 1728790 RESOLVED Vijay Kumar [ca-compliance][audit-delay][covid-19] 2022-01-11T17:37:52Z
eMudhra: emSign CA ECC Test Certificate Misissuance 1665688 RESOLVED Vijay Kumar [ca-compliance] 2020-10-16T19:20:11Z
Entrust: AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue 1536287 RESOLVED Dathan Demone [ca-compliance] 2019-09-17T20:40:52Z
Entrust: Certificate issued with '-' in ST field 1512018 RESOLVED Bruce Morton [ca-compliance] 2019-05-15T00:11:12Z
Entrust: Certificate Issued with Incorrect Country Code 1559376 RESOLVED Dathan Demone [ca-compliance] 2019-09-05T23:58:08Z
Entrust: Certificate issued with validity greater than 825-days 1561013 RESOLVED Bruce Morton [ca-compliance] 2019-12-24T22:26:01Z
Entrust: CRLs and OCSP responses not issued as specified in the CPS 1737057 RESOLVED Bruce Morton [ca-compliance] 2022-03-08T22:42:50Z
Entrust: EV Certificates Issued with Business Category "Non-Commercial" when it should have been set to "Private Organization" 1599484 RESOLVED Dathan Demone [ca-compliance] 2020-02-08T05:21:50Z
Entrust: Failure to provide a preliminary report within 24 hours. 1667690 RESOLVED Dathan Demone [ca-compliance] 2021-01-27T19:45:01Z
Entrust: Incorrect Business Category Value Discovered in an EV SSL Certificate 1685370 RESOLVED Dathan Demone [ca-compliance] 2021-07-16T05:28:45Z
Entrust: Incorrect Jurisdiction Country Value in an EV Certificate 1696227 RESOLVED Dathan Demone [ca-compliance] Next update 2021-06-01 2021-07-16T05:29:01Z
Entrust: Incorrect keyUsage for ECC certificate 1667448 RESOLVED Bruce Morton [ca-compliance] 2020-10-31T16:58:21Z
Entrust: Incorrect value in Business Category field for Government Entities 1728796 RESOLVED Paul van Brouwershaven [ca-compliance] Next update 2021-12-15 2021-12-13T15:29:03Z
Entrust: Invalid data in commonName fields 1675295 RESOLVED Bruce Morton [ca-compliance] 2020-11-04T17:30:34Z
Entrust: Invalid data in State/Province Field 1658792 RESOLVED Dathan Demone [ca-compliance] Next Update 2021-04-01 2021-06-07T16:27:16Z
Entrust: Invalid localityName 1712106 RESOLVED Dathan Demone [ca-compliance] Next update 2021-12-15 2021-12-13T15:28:48Z
Entrust: IP Address in dNSName form 1448986 RESOLVED Bruce Morton [ca-compliance] 2019-09-17T20:40:58Z
Entrust: IP in dnsName 1524876 RESOLVED Bruce Morton [ca-compliance] 2019-03-01T16:09:50Z
Entrust: Issued Certificates to incorrect Organization 1535735 RESOLVED Dathan Demone [ca-compliance] 2019-09-17T20:41:05Z
Entrust: Late mis-issue certificate revocation 1520876 RESOLVED Bruce Morton [ca-compliance] 2019-02-20T01:28:10Z
Entrust: Late revocation of underscore certificate 1521520 RESOLVED Bruce Morton [ca-compliance] 2019-02-01T03:45:24Z
Entrust: Non-BR-Compliant Certificate Issuance 1390996 RESOLVED Kirk Hall [ca-compliance] [remediation-accepted] Next Update - 2017-11 2017-12-01T11:53:40Z
Entrust: Non-BR-Compliant OCSP Responder 1428891 RESOLVED Bruce Morton [ca-compliance] 2018-01-26T02:43:12Z
Entrust: Outdated audit statement for intermediate cert 1549862 RESOLVED Bruce Morton [ca-compliance] 2020-01-21T23:23:33Z
Entrust: Printable String Constraint Failure 1635096 RESOLVED Bruce Morton [ca-compliance] Next Update 21-Sept-2020 2020-10-05T20:41:09Z
Entrust: Question marks in certificate O and L fields 1552562 RESOLVED Bruce Morton [ca-compliance] 2019-06-28T16:25:38Z
Entrust: S/MIME Certificate Issued with Incorrect Policy OID 1627346 RESOLVED Bruce Morton [ca-compliance] - Next Update - 1-June 2020 2020-05-22T19:53:06Z
Entrust: SHA-1 Issuance and other misissuance while testing 1567659 RESOLVED Bruce Morton [ca-compliance] 2019-09-16T18:16:45Z
Entrust: SSL Certificates issued with Un-verified IP Addresses 1744827 RESOLVED Bruce Morton [ca-compliance] Next update 2022-01-17 2022-01-14T17:27:05Z
Entrust: Subscriber provides private key with CSR 1673119 RESOLVED Bruce Morton [ca-compliance] 2020-12-11T17:39:47Z
Entrust: Test Website Certificates Expired 1731887 RESOLVED Bruce Morton [ca-compliance] 2021-10-20T16:17:31Z
Firmaprofesional / SIGNE: No BR Audit for subCA technically capable of issuing TLS certs 1586115 RESOLVED chemalogo [ca-compliance] - Missing BR Audit 2019-10-28T18:07:08Z
Firmaprofesional: 2019 audit Finding #1 - 6.2 Identification and Authorization 1610448 RESOLVED chemalogo [ca-compliance] 2020-02-07T03:22:39Z
Firmaprofesional: 2019 audit Finding #2 - 6.4 Facility, management, and operational controls 1612929 RESOLVED chemalogo [ca-compliance] 2020-02-07T03:23:43Z
Firmaprofesional: 2019 Audit Report Findings 1606380 RESOLVED chemalogo [ca-compliance] 2020-05-22T17:00:41Z
Firmaprofesional: 2020 Audit Report Finding 1 out of 4 1649502 RESOLVED chemalogo [ca-compliance] 2020-09-21T15:52:44Z
Firmaprofesional: 2020 Audit Report Finding 2 out of 4 1649679 RESOLVED Maria Jose Prieto [ca-compliance] 2020-11-09T17:26:20Z
Firmaprofesional: 2020 Audit Report Finding 3 out of 4 1649724 RESOLVED Maria Jose Prieto [ca-compliance] 2020-09-21T15:51:51Z
Firmaprofesional: 2020 Audit Report Finding 4 out of 4 1649726 RESOLVED Maria Jose Prieto [ca-compliance] 2021-02-08T17:31:56Z
Firmaprofesional: 2021 Audit Report Finding 1 out of 3 1717790 RESOLVED Maria Jose Prieto [ca-compliance] 2021-08-13T22:29:08Z
Firmaprofesional: 2021 Audit Report Finding 2 out of 3 1717791 RESOLVED Maria Jose Prieto [ca-compliance] Next update 2021-10-01 2021-10-20T16:17:04Z
Firmaprofesional: 2021 Audit Report Finding 3 out of 3 1717795 RESOLVED Maria Jose Prieto [ca-compliance] 2021-07-28T16:52:29Z
Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy 1538638 RESOLVED chemalogo [ca-compliance] 2020-01-13T19:34:16Z
Firmaprofesional: Incorrect OCSP Delegated Responder Certificate 1649943 RESOLVED chemalogo [ca-compliance] 2020-08-07T14:39:07Z
Firmaprofesional: incorrect reserved CA/B Forum OIDs in certificates 1700145 RESOLVED chemalogo [ca-compliance] 2021-06-11T17:42:13Z
Firmaprofesional: Insufficient Audit Statements 1412950 RESOLVED Oscar Conesa [ca-compliance] 2019-07-05T11:51:32Z
Firmaprofesional: Missing BR Self Assessment 1458064 RESOLVED chemalogo [ca-compliance] 2018-05-23T18:42:58Z
Firmaprofesional: Non-audited, non-technically-constrained intermediate certs 1368171 RESOLVED Oscar Conesa [ca-compliance] 2017-10-13T21:42:23Z
Firmaprofesional: Non-BR-Compliant OCSP Responders 1398240 RESOLVED chemalogo [ca-compliance] 2018-05-04T00:32:43Z
Firmaprofesional: Undisclosed Intermediate certificate 1455119 RESOLVED chemalogo [ca-compliance] 2019-01-03T22:38:48Z
Firmaprofesional: Undisclosed Intermediate certificate SDS 1464359 RESOLVED Wayne Thayer [ca-compliance] 2019-09-18T21:20:11Z
Firmaprofesional: Undisclosed Intermediate certificate SIGNE 1464335 RESOLVED Wayne Thayer [ca-compliance] 2019-09-18T21:20:32Z
FNMT: Invalid localityName 1744722 RESOLVED alain [ca-compliance] Next update 2022-02-28 2022-04-14T20:25:28Z
FNMT: Issuance of QCP-n certificates without verifying identity 1693304 RESOLVED alain [ca-compliance] 2021-03-26T15:19:34Z
FNMT: Minor non-conformities in 2020 audit statement 1626805 RESOLVED alain [ca-compliance] 2020-07-09T08:09:13Z
FNMT: Minor non-conformities in 2021 audit statement 1704199 RESOLVED Brox [ca-compliance] 2021-04-30T15:37:06Z
FNMT: Missisuance of web site certificates without CA/Browser Forum’s reserved policy OID 1696872 RESOLVED alain [ca-compliance] 2021-09-30T16:07:07Z
GDCA: Authentication of Organization Identity Failure for an OV Certificate 1546253 RESOLVED capoc [ca-compliance] 2019-08-11T00:30:23Z
GDCA: CRL validity period exceeds allowed value by one second 1738191 RESOLVED capoc [ca-compliance] 2021-11-04T18:44:31Z
GDCA: Insufficient Serial Number Entropy 1536831 RESOLVED capoc [ca-compliance] 2019-06-29T00:35:52Z
GDCA: Misissuance of certificates with IP address 1475563 RESOLVED Wayne Thayer [ca-compliance] 2018-07-18T17:09:49Z
GDCA: Misissuance of certificates with small RSA keys 1467414 RESOLVED capoc [ca-compliance] - Next Update - 20-June 2018 2019-09-18T21:22:42Z
GDCA:Incorrect Value in organizationName Field 1662382 RESOLVED capoc [ca-compliance] 2020-10-05T21:21:27Z
GlobalSign - Wrong business category (Non Commercial Entity when should have been Private Organization) 1599775 RESOLVED Eva Van Steenberge [ca-compliance] 2020-01-22T21:52:19Z
GlobalSign: 4 Misissued certificates with invalid CN 1552586 RESOLVED douglas.beattie [ca-compliance] 2019-08-11T04:15:08Z
GlobalSign: AT&T Insufficient Serial Number Entropy 1535873 RESOLVED douglas.beattie [ca-compliance] 2019-04-24T20:39:18Z
GlobalSign: AT&T SSL certificates without the AIA extension 1547691 RESOLVED douglas.beattie [ca-compliance] 2019-09-15T23:08:05Z
GlobalSign: Certificate issued to FQDN with malformed CAA 1759854 RESOLVED Christophe Bonjean [ca-compliance] 2022-05-06T14:35:29Z
GlobalSign: Certificate issued with RSASSA-PSS public key 1630870 RESOLVED Paul Brown [ca-compliance] Next update - 30-June, 2020 2020-07-06T20:09:56Z
GlobalSign: Certificates with RSA keys where modulus is not divisible by 8 1654896 RESOLVED Arvid Vermote [ca-compliance] 2020-11-04T04:56:50Z
GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs 1650018 RESOLVED Arvid Vermote [ca-compliance] 2020-09-14T12:32:36Z
GlobalSign: Empty SingleExtension in OCSP responses 1667944 RESOLVED Paul Brown [ca-compliance] 2021-03-07T05:38:12Z
GlobalSign: EV certificates with serialNumber Government Entity and businessCategory Private Organization 1744518 RESOLVED Paul Brown [ca-compliance] 2022-01-20T21:31:12Z
GlobalSign: Failure to provide a preliminary report within 24 hours 1668005 RESOLVED Arvid Vermote [ca-compliance] 2020-11-20T21:50:35Z
Globalsign: Failure to revoke key-compromised certificate within 24 hours 1639799 RESOLVED Arvid Vermote [ca-compliance] Next Update - 12-June 2020 2020-06-18T18:09:45Z
GlobalSign: Incorrect Jurisdiction of Incorporation information for Japan 1658932 RESOLVED Eva Van Steenberge [ca-compliance] Next Update - 1-Oct-2020 2020-10-16T19:19:41Z
GlobalSign: Incorrect OCSP Delegated Responder Certificate 1649937 RESOLVED douglas.beattie [ca-compliance] Next Update 2022-01-31 2022-02-11T20:43:53Z
GlobalSign: Incorrect RegNumber-Org Type combination 1714968 RESOLVED Eva Van Steenberge [ca-compliance] 2021-07-30T12:07:04Z
GlobalSign: Invalid countryName 1707073 RESOLVED Eva Van Steenberge [ca-compliance] Next update 2021-08-12 2021-08-13T22:31:59Z
GlobalSign: Invalid stateOrProvinceName and locality pair 1708834 RESOLVED Arvid Vermote [ca-compliance] Next update 2021-10-01 2021-10-06T21:46:38Z
GlobalSign: Invalid stateOrProvinceName value 1668007 RESOLVED Arvid Vermote [ca-compliance] 2021-02-12T17:42:50Z
GlobalSign: IP in dnsName 1524877 RESOLVED douglas.beattie [ca-compliance] 2019-02-21T22:38:00Z
GlobalSign: Misissuance of QWAC Certificates 1623356 RESOLVED douglas.beattie [ca-compliance] 2020-07-26T03:06:56Z
GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields 1390997 RESOLVED Linus Hallberg [ca-compliance] [remediation-accepted] 2017-09-05T19:52:28Z
GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName 1393555 RESOLVED Linus Hallberg [ca-compliance] 2017-12-05T15:44:16Z
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits 1393557 RESOLVED Linus Hallberg [ca-compliance] 2017-11-22T14:44:37Z
GlobalSign: OCSP responder certificates with more than 64 characters in CN 1760311 RESOLVED Christophe Bonjean [ca-compliance] 2022-05-06T14:35:43Z
GlobalSign: OCSP Responder Returns invalid values for Some Precertificates 1579413 RESOLVED douglas.beattie [ca-compliance] 2019-10-05T00:04:20Z
GlobalSign: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request 1605372 RESOLVED douglas.beattie [ca-compliance] 2020-03-07T01:20:18Z
GlobalSign: OCSP Status HTTP 530 1622505 RESOLVED Arvid Vermote [ca-compliance] 2020-08-16T23:17:07Z
GlobalSign: RSA-1024 leaf certificate issued after 2013-12-31 1690807 RESOLVED Eva Van Steenberge [ca-compliance] 2021-05-07T15:32:19Z
GlobalSign: SHA-256 hash algorithm used with ECC P-384 key 1664328 RESOLVED Arvid Vermote [ca-compliance] Next Update 2021-03-05 2021-03-11T17:45:33Z
GlobalSign: SPKI lacks explicit NULL parameter, 1554259 RESOLVED douglas.beattie [ca-compliance] 2019-08-10T23:46:27Z
GlobalSign: SSL Certificates with US country code and invalid State/Prov 1575880 RESOLVED douglas.beattie [ca-compliance] - Next Update 2021-01-15 2021-01-27T19:44:24Z
GlobalSign: Use of Domain Validation Random Value for more than 30 days 1654544 RESOLVED Arvid Vermote [ca-compliance] 2020-09-09T22:50:55Z
GlobalSign: Virginia Tech Insufficient Serial Number Entropy 1536760 RESOLVED douglas.beattie [ca-compliance] 2019-04-08T19:20:07Z
GLOBALTRUST: CN domain not in SAN 1716123 RESOLVED Daniel Zens [ca-compliance] Next update 2021-09-20 2021-09-15T15:46:23Z
GLOBALTRUST: Revoked test website not using revoked certificate 1716163 RESOLVED Daniel Zens [ca-compliance] 2021-07-08T21:57:45Z
GoDaddy: Document Reuse Issue 1646226 RESOLVED Daniela Hood [ca-compliance] 2020-07-24T00:20:59Z
GoDaddy: Agreed-Upon Website Domain Validation Issue 1647030 RESOLVED Daniela Hood [ca-compliance] 2020-08-07T15:00:53Z
GoDaddy: Certificate Problem Report responses greater than 24 hours 1734953 RESOLVED Brittany Randall [ca-compliance] 2021-11-04T18:43:38Z
GoDaddy: Certificates issued with validity periods greater than 398-days 1662807 RESOLVED Joanna [ca-compliance] Next Update 2021-01-11 2021-02-26T16:29:24Z
GoDaddy: cross certificate disclosure to CCADB 1572234 RESOLVED Joanna [ca-compliance] 2020-01-22T22:47:55Z
GoDaddy: Domain Validation Reuse Issue 1605804 RESOLVED Joanna [ca-compliance] - Next Update - 1-June 2020 2020-06-29T04:06:45Z
GoDaddy: DV certificates with organizationalUnit field in subject 1662810 RESOLVED Joanna [ca-compliance] 2020-10-13T02:58:39Z
GoDaddy: Expired CRLs 1645832 RESOLVED Daniela Hood [ca-compliance] Next Update - 2021-01-01 2021-03-30T21:13:18Z
GoDaddy: Failure to respond to January 2018 survey 1439123 RESOLVED Daymion Reynolds [ca-compliance] 2018-02-26T16:07:07Z
GoDaddy: Failure to revoke certificate with compromised key within 24 hours 1640310 RESOLVED Daniela Hood [ca-compliance] 2020-11-17T22:52:46Z
GoDaddy: Failure to revoke key-compromised certificates within 24 hours 1639798 RESOLVED Joanna [ca-compliance] 2020-07-08T17:39:35Z
GoDaddy: failure to revoke underscores 1524815 RESOLVED Joanna [ca-compliance] 2019-12-24T19:18:40Z
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString 1462844 RESOLVED Daymion Reynolds [ca-compliance] 2019-01-09T23:36:41Z
GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority 988633 RESOLVED Kathleen Wilson [ca-compliance] 2017-09-20T01:27:06Z
GoDaddy: inconsistent disclosure of externally-operated intermediate 1567061 RESOLVED Joanna [ca-compliance] 2020-01-23T23:41:23Z
GoDaddy: Insufficient serial number entropy 1533774 RESOLVED Joanna [ca-compliance] 2020-01-24T19:57:36Z
GoDaddy: Issued EV Wildcard Certificate 1731939 RESOLVED Brittany Randall [ca-compliance] Next update 2021-11-01 2021-11-05T20:41:01Z
GoDaddy: Issues with State and Country fields 1577913 RESOLVED Joanna [ca-compliance] 2020-01-22T23:32:26Z
GoDaddy: Non-BR-Compliant Certificate Issuance 1391429 RESOLVED Daymion Reynolds [ca-compliance] [remediation-accepted] Next Update - 2017-11-30 2017-12-01T10:21:56Z
GoDaddy: Random Value Vulnerability in Domain Validation 1484766 RESOLVED Daymion Reynolds [ca-compliance] 2019-01-04T21:39:07Z
GoDaddy: Reported TLS Certificate Private Key Exposure 1742602 RESOLVED Brittany Randall [ca-compliance] 2021-12-28T22:11:25Z
GoDaddy: Root CRLs exceed maximum validity period by 1 second 1734265 RESOLVED Brittany Randall [ca-compliance] 2021-11-04T18:43:21Z
Google Trust Services: 63 bit serial numbers in some certificates 1532842 RESOLVED ryan_hurst [ca-compliance] 2019-07-15T19:03:22Z
Google Trust Services: Certificates not disclosed in CCADB 1667844 RESOLVED Ryan Hurst [ca-compliance] 2020-12-11T17:40:06Z
Google Trust Services: CRL handling of expired certificates not fully compliant with RFC 5280 Section 3.3 1581183 RESOLVED Andy Warner [ca-compliance] 2020-01-22T23:55:09Z
Google Trust Services: CRL validity period set to expected value plus one second 1731164 RESOLVED Cade Cairns [ca-compliance] 2021-10-20T16:18:03Z
Google Trust Services: Delayed publication of CPS removing DNS Operator Exception 1729097 RESOLVED Brett L [ca-compliance] Next update 2021-09-24 2021-10-20T16:17:49Z
Google Trust Services: digitalSignature KeyUsage not set 1652581 RESOLVED Andy Warner [ca-compliance] 2021-06-11T18:03:27Z
Google Trust Services: Failure to provide regular and timely incident updates 1708516 RESOLVED Andy Warner [ca-compliance] 2021-08-25T16:11:20Z
Google Trust Services: Forbidden Domain Validation Method 1706967 RESOLVED Andy Warner [ca-compliance] 2021-08-25T16:11:04Z
Google Trust Services: Improper OCSP response for intermediate certificate 1522975 RESOLVED kluge [ca-compliance] 2019-09-17T20:41:46Z
Google Trust Services: Incorrect revocation data temporarily served for GTS Y3 & Y4 1634795 RESOLVED Andy Warner [ca-compliance] 2020-08-07T15:03:09Z
Google Trust Services: Invalid ASN.1 encoding of singleExtensions in OCSP responses 1678183 RESOLVED Andy Warner [ca-compliance] 2021-06-07T18:21:18Z
google Trust Services: invalid curve-hash combination 1612389 RESOLVED Andy Warner [ca-compliance] 2020-04-14T22:03:37Z
Google Trust Services: Invalid OCSP responses 1630079 RESOLVED Andy Warner [ca-compliance] 2020-04-15T04:39:52Z
Google Trust Services: OCSP serving issue 2020-04-09 1630040 RESOLVED Andy Warner [ca-compliance] 2020-05-21T03:41:19Z
Google Trust Services: Out-of-date CPS disclosure 1706976 RESOLVED Andy Warner [ca-compliance] 2021-04-28T16:47:33Z
Google Trust Services: Signing SHA-1 Hash for existing CA certificate with changes in Key Usage 1709223 RESOLVED Ryan Hurst [ca-compliance] 2021-07-30T12:03:59Z
Google Trust Services: Tracking bug for possible audit delays (audit due 2020-12) 1625498 RESOLVED kluge [ca-compliance] [audit-delay] [covid-19] 2020-09-21T16:14:51Z
Government of Spain (ACCV): Late Audit Statement 1507862 RESOLVED Jose Amador [ca-compliance] 2019-01-02T23:09:35Z
Government of Spain (ACCV): Missing BR Self Assessment 1458042 RESOLVED Jose Amador [ca-compliance] 2018-05-23T18:41:53Z
Government of Spain FNMT: CP/CPS lack CAA processing details 1596949 RESOLVED alain [ca-compliance] 2019-12-17T18:09:07Z
Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. 1544586 RESOLVED alain [ca-compliance] 2020-03-27T17:54:20Z
Government of Spain FNMT: OU exceeds 64 characters 1495507 RESOLVED Rafa Medina [ca-compliance] Next Update - 1-February 2019 2020-03-17T17:40:20Z
Government of Spain FNMT: QC Statement that contains at least one of the ETSI ESI statements 1625421 RESOLVED alain [ca-compliance] 2020-03-30T18:07:53Z
GRCA: Audit Letter Validation failures on intermediate certificates 1614448 RESOLVED National Development Council [ca-compliance] 2020-07-29T22:50:35Z
GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions 1523221 RESOLVED National Development Council [ca-compliance] 2020-02-05T03:47:39Z
GRCA: Misissued certificates: Invalid commonName, commonName not in SAN 1463975 RESOLVED National Development Council [ca-compliance] Next Update 1-October 2020 CKA_NSS_SERVER_DISTRUST_AFTER 2020-10-05T20:37:45Z
GRCA: Signing SHA-1 OCSP responses with unconstrained certificate 1397832 RESOLVED National Development Council [ca-compliance] 2017-11-28T11:47:07Z
HARICA: 3 EV TLS Certificates without L or ST 1597135 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2019-12-04T18:07:24Z
HARICA: Certificates with invalid policy tree 1699796 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2021-04-19T15:52:58Z
HARICA: Incorrect OCSP Delegated Responder Certificate 1649945 RESOLVED Dimitris Zacharopoulos [ca-compliance] Next update 2020-11-18 2020-12-09T18:27:02Z
HARICA: Insufficient serial number entropy 1535509 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2019-03-29T07:03:19Z
HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates 1580393 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2019-10-05T00:06:04Z
Harica: P-384,ecdsa-with-SHA256 Certificates 1530971 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2019-05-02T08:20:27Z
HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates 1535772 RESOLVED Dimitris Zacharopoulos [ca-compliance] 2019-04-19T16:55:13Z
Hongkong Post / Certizen: Failure to report misissuance 1520299 RESOLVED Man Ho [ca-compliance] 2019-12-24T18:01:19Z
IdenTrust / ISRG: Inconsistent Disclosure of Externally-Operated Intermediate 1671410 RESOLVED IdenTrust [ca-compliance] 2021-01-22T19:05:22Z
IdenTrust: Intermittent interruptions to DNS service 1734906 RESOLVED IdenTrust [ca-compliance] 2021-10-26T01:13:37Z
IdenTrust: Certificates with Invalid values for stateOrProvinceName 1718552 RESOLVED IdenTrust [ca-compliance] 2021-08-12T15:06:55Z
Identrust: Discrepancy in values of address fields within CN of SSL Certificates 1526099 RESOLVED IdenTrust [ca-compliance] 2019-07-01T20:22:40Z
IdenTrust: EV TLS certificate with invalid Jurisdiction state for government entity 1756261 RESOLVED IdenTrust [ca-compliance] 2022-04-14T20:26:01Z
IdenTrust: EV TLS certificate with wrong jurisdiction state for private organization 1756850 RESOLVED IdenTrust [ca-compliance] 2022-03-25T16:33:49Z
Identrust: Failure to disclose Unconstrained intermediate Within 7 Days 1542082 RESOLVED IdenTrust [ca-compliance] 2019-08-11T00:36:21Z
IdenTrust: Improper encoding of wildcard certificate 1446121 RESOLVED IdenTrust [ca-compliance] 2018-08-13T20:35:15Z
Identrust: Incorrect Subject Details for HydrantId 1635279 RESOLVED IdenTrust [ca-compliance] - Next Update - 1-October 2020 2020-10-13T02:58:12Z
Identrust: Internal names / failure to report 1500593 RESOLVED IdenTrust [ca-compliance] 2019-01-04T22:15:28Z
IdenTrust: Invalid OCSP Response Held in Cache 1678410 RESOLVED IdenTrust [ca-compliance] 2021-04-19T16:07:43Z
IdenTrust: Issuance of certificates greater than 398 days 1663080 RESOLVED IdenTrust [ca-compliance] 2021-06-11T18:04:14Z
IdenTrust: Issuance of OV SSL Certificate with doc vetting older than 398 days 1744627 RESOLVED IdenTrust [ca-compliance] Next update 2022-01-17 2022-01-28T21:33:11Z
Identrust: Issuance of Subordinate CA’s Without EKU 1669594 RESOLVED IdenTrust [ca-compliance] 2021-01-27T19:41:38Z
IdenTrust: Mis-Issued EV Certificates 1734917 RESOLVED IdenTrust [ca-compliance] Next update 2022-01-22 2022-01-28T21:32:54Z
IdenTrust: Missing Thumbprints In Some Annual Audit Reports 1588213 RESOLVED IdenTrust [ca-compliance] 2020-06-05T23:27:28Z
IdenTrust: Non-BR-Compliant Certificate Issuance 1391000 RESOLVED Vishvas Patel [ca-compliance] 2017-10-13T16:09:23Z
IdenTrust: Non-BR-Compliant OCSP Responders 1398255 RESOLVED Vishvas Patel [ca-compliance] 2018-01-11T15:33:46Z
IdenTrust: OCSP Outage 1636544 RESOLVED IdenTrust [ca-compliance] Next Update - 30-July 2020 2020-08-07T15:01:15Z
IdenTrust: OCSP Responder missing id-pkix-ocsp-nocheck 1653680 RESOLVED IdenTrust [ca-compliance] 2020-11-04T04:56:26Z
IdenTrust: Service Degradation 1677239 RESOLVED IdenTrust [ca-compliance] 2021-06-11T18:04:50Z
IdenTrust: Unavailable CRL and OCSP Responders 1754593 RESOLVED IdenTrust [ca-compliance] 2022-04-14T20:25:46Z
IdenTrust: Unavailable CRL for IdenTrust ‘DST Root CA X3’. 1709192 RESOLVED IdenTrust [ca-compliance] Next update 2021-07-01 2021-07-14T14:48:01Z
IdenTrust: Validation Source for EV Certificates not Publicly Disclosed 1753287 RESOLVED IdenTrust [ca-compliance] 2022-04-15T15:12:08Z
Invalid country field for Camerfirma root CA certificates 1468000 RESOLVED Wayne Thayer [ca-compliance] 2018-06-14T21:42:26Z
IP certificate issued with Domain Validation 1550547 RESOLVED Wayne Thayer [ca-compliance] 2020-01-09T23:00:12Z
iTrusChina: verification errors for the roots' CRLs(ARL) 1712664 RESOLVED iTrusChina Co.,Ltd. [ca-compliance] 2021-10-27T15:01:28Z
Izenpe: CA certificates not listed in audit report 1596744 RESOLVED Oscar Garcia [ca-compliance] 2019-12-14T00:18:06Z
Izenpe: certificate issued to internal domain 1651026 RESOLVED Oscar Garcia [ca-compliance] Next Update 2020-12-01 2021-01-22T19:05:02Z
Izenpe: Certificates not disclosed in CCADB 1667846 RESOLVED Oscar Garcia [ca-compliance] 2021-01-22T18:39:07Z
Izenpe: CRL and ARL exceed validity period value by one second 1738421 RESOLVED David [ca-compliance] 2022-02-17T17:17:18Z
Izenpe: EV certificate with various issues 1267049 RESOLVED Kathleen Wilson [ca-compliance] 2017-04-26T19:23:50Z
Izenpe: Failure to provide a preliminary report within 24 hours. 1647121 RESOLVED Oscar Garcia [ca-compliance] 2020-09-14T12:32:13Z
Izenpe: incorrect value in stateOrProvinceName 1653284 RESOLVED Oscar Garcia [ca-compliance] Next Update 2020-12-01 2020-12-09T18:26:47Z
Izenpe: Multiple invalid EV certificates issued 1559765 RESOLVED Oscar Garcia [ca-compliance] - Next Update - 9-October 2020 2020-11-09T17:26:02Z
Izenpe: Multiple sub CAs with incorrectly encoded SubjectPublicKeyInfo algorithm 1685767 RESOLVED Oscar Garcia [ca-compliance] 2021-01-22T18:39:07Z
Izenpe: Non-BR-Compliant Certificate Issuance 1391054 RESOLVED Oscar Garcia [ca-compliance] 2018-01-15T16:59:19Z
Izenpe: Non-BR-Compliant OCSP Responders 1398258 RESOLVED Oscar Garcia [ca-compliance] 2017-10-11T15:26:13Z
Izenpe: OU > 64 characters 1528290 RESOLVED Oscar Garcia [ca-compliance] 2019-03-04T16:05:12Z
Kamu SM: "Some-State" in stateOrProvinceName 1551369 RESOLVED Melis Şimşek [ca-compliance] 2019-07-01T20:14:47Z
Kamu SM: Insufficient Serial Number Entropy 1539190 RESOLVED Melis Şimşek [ca-compliance] 2019-05-14T00:32:23Z
Kamu SM: Non-BR-Compliant Certificate Issuance 1390998 RESOLVED Tuğba ÖZCAN [ca-compliance] 2017-08-24T19:03:11Z
KIR S.A.: Certificates issued greater than stated in CPS 1708965 RESOLVED Piotr Grabowski [ca-compliance] 2021-06-11T17:41:48Z
KIR S.A.: Certificates issued with multiple BR violations 1495497 RESOLVED Piotr Grabowski [ca-compliance] 2019-09-16T00:23:52Z
KIR S.A.: CN domain not in SAN 1705187 RESOLVED Piotr Grabowski [ca-compliance] 2021-09-10T17:48:38Z
KIR S.A.: CP/CPS contains noncompliant DV method, does not specify CAA domains 1705904 RESOLVED Piotr Grabowski [ca-compliance] 2021-07-14T14:49:25Z
KIR S.A.: DV certificates with locality name, organization name and stateOrProvinceName 1705832 RESOLVED Piotr Grabowski [ca-compliance] 2021-07-12T21:52:56Z
KIR S.A.: Invalid localityName + CRL Revoked but OCSP Unknown 1705337 RESOLVED Piotr Grabowski [ca-compliance] 2021-07-16T05:31:01Z
KIR S.A.: Invalid organizationName 1705647 RESOLVED Piotr Grabowski [ca-compliance] Next update 2022-01-22 2022-01-28T21:32:30Z
KIR S.A.: Many certificates with OCSP Unknown 1705657 RESOLVED Piotr Grabowski [ca-compliance] 2021-07-26T19:28:03Z
KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days 1523186 RESOLVED Piotr Grabowski [ca-compliance] 2019-09-16T00:19:27Z
KIR S.A.: O > 64 characters 1532112 RESOLVED Piotr Grabowski [ca-compliance] 2019-03-04T18:46:30Z
Let's Encrypt intent to issue root and intermediate certificates with organizationName and CABF DV OID 1658437 RESOLVED Josh Aas [ca-compliance] 2020-11-04T04:54:11Z
Let's Encrypt: 302 total OCSP responses available beyond acceptable timelines 1666047 RESOLVED Kiel C [ca-compliance] 2020-10-09T17:55:30Z
Let's Encrypt: CAA Misissuances 1398427 RESOLVED Josh Aas [ca-compliance] 2019-09-17T20:42:22Z
Let's Encrypt: CAA Rechecking bug 1619047 RESOLVED Jacob Hoffman-Andrews [ca-compliance] Next Update - 14-August 2020 2020-09-09T14:58:29Z
Let's Encrypt: Case-sensitive CAA tag processing 1462735 RESOLVED Josh Aas [ca-compliance] 2018-05-24T23:58:37Z
Let's Encrypt: certificate lifetimes 90 days plus one second 1715455 RESOLVED Josh Aas [ca-compliance] Next update 2021-11-12 2021-12-01T23:34:23Z
Let's Encrypt: Delay updating OCSP responses 1729567 RESOLVED Aaron Gable [ca-compliance] Next update 2021-10-01 2021-10-15T21:02:50Z
Let's Encrypt: Expired ISRG Root OCSP X1 Certificate 1645276 RESOLVED Andrew Gabbitas [ca-compliance] 2020-08-13T19:18:09Z
Let's Encrypt: Failure to audit log subscriber certificate OCSP updates 1684112 RESOLVED Andrew Gabbitas [ca-compliance] 2021-04-07T13:59:38Z
Let's Encrypt: Failure to provide OCSP Responses for some certificates 1753123 RESOLVED Aaron Gable [ca-compliance] 2022-02-25T18:41:30Z
Let's Encrypt: Failure to revoke key-compromised certificate within 24 hours 1639794 RESOLVED Jacob Hoffman-Andrews [ca-compliance] 2020-07-26T02:49:32Z
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours 1627614 RESOLVED Josh Aas [ca-compliance] 2020-05-19T15:56:08Z
Let's Encrypt: Improper encoding of wildcard certificates 1446080 RESOLVED Josh Aas [ca-compliance] 2018-03-23T00:21:14Z
Let's Encrypt: Mis-issued certificates related to SC48v2 1735247 RESOLVED Jillian [ca-compliance] 2021-10-20T16:18:25Z
Let's Encrypt: Non-BR-Compliant Certificate Issuance 1391867 RESOLVED Josh Aas [ca-compliance] 2017-08-21T19:00:02Z
Let's Encrypt: OCSP "unauthorized" responses 1486650 RESOLVED Josh Aas [ca-compliance] 2018-10-12T18:22:32Z
Let's Encrypt: OCSP Responder Returned "Unauthorized" for Some Precertificates 1577652 RESOLVED Jacob Hoffman-Andrews [ca-compliance] 2019-10-05T00:01:44Z
Let's Encrypt: OCSP responses with no revocationReason 1648840 RESOLVED Jacob Hoffman-Andrews [ca-compliance] 2020-07-06T22:12:28Z
Let's Encrypt: TLS Using ALPN TLS Version and OID 1751984 RESOLVED Aaron Gable [ca-compliance] Next update 2022-03-11 2022-03-04T17:51:04Z
Let’s Encrypt: 2019.08.20 Incident: Incorrect OCSP responses under certain conditions 1576789 RESOLVED Josh Aas [ca-compliance] 2020-01-23T17:07:13Z
Let’s Encrypt: TLS Using ALPN Allows Additional Identifiers in Challenge Certificate 1752670 RESOLVED Jillian [ca-compliance] Next update 2022-03-11 2022-03-04T17:50:41Z
LuxTrust: Outdated audit statement for intermediate cert 1578505 RESOLVED ca [ca-compliance] - Overdue Audit for intermediate cert 2020-07-29T21:00:34Z
LuxTrust: Overdue Audit Statements 2019 1566580 RESOLVED Yves Nullens [ca-compliance] Overdue Audits for root certs 2019-07-31T17:42:02Z
Microsec e-Szigno: Certificate validity period greater than 398 days 1676352 RESOLVED dr. Sándor SZŐKE [ca-compliance] Next update 2021-05-01 2021-06-11T17:41:15Z
Microsec e-Szigno: Non-BR-Compliant Certificate Issuance 1391055 RESOLVED dr. Sándor SZŐKE [ca-compliance] 2017-12-01T12:04:56Z
Microsec: Audit Letter Validation Failures 1625767 RESOLVED dr. Sándor SZŐKE [ca-compliance] - Next Update - 1-June 2020 2020-08-07T15:00:33Z
Microsec: Incorrect OCSP Delegated Responder Certificate 1649947 RESOLVED dr. Sándor SZŐKE [ca-compliance] 2020-08-07T14:45:30Z
Microsec: Issuance of 2 IVCP precertificates without givenName, surName, localityName fields 1622539 RESOLVED dr. Sándor SZŐKE [ca-compliance] Next Update 15-July 2020 2020-07-27T02:25:42Z
Microsec: Misissuance of one OV certificate with Key Usage KeyEncipherment 1728384 RESOLVED dr. Sándor SZŐKE [ca-compliance] 2022-02-09T23:07:29Z
Microsec: Validity period greater than 825 days 1512270 RESOLVED dr. Sándor SZŐKE [ca-compliance] 2019-02-02T15:12:26Z
Microsoft DSRE PKI: OCSP responders found to respond signed by the default CA when passed an invalid issuer in request 1620727 RESOLVED Dustin Hollenback [ca-compliance] 2020-11-25T00:36:44Z
Microsoft DSRE PKI: problem reporting e-mail in CPS does not work 1604124 RESOLVED Dustin Hollenback [ca-compliance] 2020-11-25T00:21:42Z
Microsoft PKI Services, Malformed ICAs (Key Usage Malformed) 1718991 RESOLVED John Mason [ca-compliance] 2021-08-06T17:34:25Z
Microsoft PKI Services: Certificate Mis-Issuance, DNSName is not FQDN, Preferred Name Syntax 1706860 RESOLVED John Mason [ca-compliance] 2021-06-07T16:26:37Z
Microsoft PKI Services: Certificate Mis-Issuance, DNSNames must have a valid TLD 1670337 RESOLVED John Mason [ca-compliance] Next Update 2021-04-19 2021-06-07T16:26:51Z
Microsoft PKI Services: DV certificate issued with OV fields 1674561 RESOLVED Dustin Hollenback [ca-compliance] Next update 2021-05-01 2021-06-11T18:06:25Z
Microsoft PKI Services: Failure to disclose Revocation of Intermediate CAs within 7 Days 1742195 RESOLVED John Mason [ca-compliance] 2021-12-06T16:32:15Z
Microsoft PKI Services: Failure to disclose Unconstrained Intermediate within 7 Days 1700809 RESOLVED John Mason [ca-compliance] 2021-07-04T19:45:58Z
Microsoft PKI Services: Malformed ICAs (missing certificate policy extensions) 1711147 RESOLVED John Mason [ca-compliance] 2022-02-09T23:07:48Z
Microsoft PKI Services: Overdue Audit Reports 2021 1724530 RESOLVED mohanr [ca-compliance] 2021-10-03T18:31:33Z
Microsoft PKI Services: Policy Documentation, Failure to update Domain Validation Method 1693932 RESOLVED John Mason [ca-compliance] 2021-04-07T14:06:02Z
Microsoft PKI Services: Policy Documentation, Failure to update Subscriber Certificate Max Validity Period 1693930 RESOLVED John Mason [ca-compliance] 2021-07-16T05:33:06Z
Microsoft PKI Services: Underscore in SAN 1705419 RESOLVED John Mason [ca-compliance] Next update 2021-09-15 2021-09-20T16:02:41Z
Microsoft: Certificate Mis-Issuance, Locality Missing 1644936 RESOLVED John Mason [ca-compliance] 2020-09-04T19:38:04Z
Microsoft: Firewall log data retention 1658995 RESOLVED Dustin Hollenback [ca-compliance] Next Update - 21-Sept-2020 2021-01-05T20:13:38Z
Microsoft: Incomplete Logical Access Review Audit Evidence 1652827 RESOLVED Dustin Hollenback [ca-compliance] Next Update - 21-September 2020 2021-01-05T20:12:59Z
Microsoft: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586847 RESOLVED Jason Cooper [ca-compliance] 2020-09-04T19:39:03Z
Microsoft: Loss of Archived Firewall logs from Retention Store 1602999 RESOLVED mohanr [ca-compliance] 2020-09-04T19:37:00Z
Microsoft: Null Character Bug and Microsoft Root CAs 1598390 RESOLVED Julio Montano [ca-compliance] 2020-09-04T19:37:55Z
Microsoft: Unrevoked 4 intermediate certificates 1740585 RESOLVED John Mason [ca-compliance] 2021-12-06T16:32:41Z
Multicert: AIA CA Issuer field pointing to PEM encoded cert 1637093 RESOLVED [ca-compliance] 2020-07-26T20:40:56Z
Netlock: CA Certificate Missing from Audit Reports 1716874 RESOLVED Anna Bányai [ca-compliance] 2022-01-14T17:26:10Z
NetLock: CN not in SAN 1462423 RESOLVED Varga Viktor [ca-compliance] 2019-10-04T18:56:03Z
Netlock: Cumulative report connected to EV verification 1676440 RESOLVED Varga Viktor [ca-compliance] 2021-01-27T19:43:45Z
Netlock: Failure to provide regular and timely incident updates 1572992 RESOLVED Varga Viktor [ca-compliance] 2019-10-04T18:58:09Z
NetLock: Issuance of >398-day precertificates after 2020-09-01 1676367 RESOLVED Varga Viktor [ca-compliance] 2021-04-07T13:59:57Z
NetLock: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy 1586795 RESOLVED Varga Viktor [ca-compliance] Next Update 2020-12-01 2020-11-19T05:11:12Z
NetLock: Non-BR-Compliant Certificate Issuance 1391056 RESOLVED Varga Viktor [ca-compliance] 2018-02-09T22:13:50Z
NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName 1401211 RESOLVED Varga Viktor [ca-compliance] 2017-10-24T14:14:40Z
Netlock: Replacement of enduser certificates after the EVGL 1.7.4 self-audit 1680378 RESOLVED Anna Bányai [ca-compliance] 2022-02-18T16:19:26Z
Network Solutions: Audit report delay 1649507 RESOLVED Roy Dykes [ca-compliance] [audit-delay] 2020-07-27T02:44:41Z
Network Solutions: 2021 Audit Findings 1-3 1725047 RESOLVED Keith McKenney [ca-compliance] 2021-08-16T22:10:04Z
Network Solutions: 2021 Audit Observation #1 1725039 RESOLVED Keith McKenney [ca-compliance] 2021-12-06T16:32:00Z
Network Solutions: 2021 Audit Observation #2 1725041 RESOLVED Keith McKenney [ca-compliance] 2021-09-02T17:10:37Z
Network Solutions: 2021 Audit Observation #3 1725043 RESOLVED Keith McKenney [ca-compliance] 2021-10-20T16:19:01Z
Network Solutions: All test CA test website certificates are expired 1726333 RESOLVED Keith McKenney [ca-compliance] 2021-11-04T18:46:17Z
OCSP responding good for non-issued certs by Consorci AOC root already solved 1467110 RESOLVED Wayne Thayer [ca-compliance] 2018-10-03T21:47:26Z
PKIOverheid / QuoVadis: CPS inconsistencies 1650234 RESOLVED Stephen Davidson [ca-compliance] Next update 7-Aug 2020 2020-08-31T22:43:22Z
PKIoverheid: CIBG insufficient serial number entropy 1573490 RESOLVED Jorik van 't Hof [ca-compliance] 2019-10-22T04:21:38Z
PKIoverheid: Compliance issues CIBG TLS certificates 1578809 RESOLVED Jochem van den Berge [ca-compliance] 2019-09-16T17:31:47Z
PKIoverheid: Incorrect OCSP Delegated Responder Certificate 1649964 RESOLVED Jorik van 't Hof [ca-compliance] Next Update 2021-01-25 2021-03-31T21:54:14Z
PKIoverheid: KPN CPS lacks problem reporting instructions 1596923 RESOLVED Jorik van 't Hof [ca-compliance] 2020-01-22T20:56:10Z
PKIoverheid: KPN CPS Lists Forbidden Domain Validation Method 1719451 RESOLVED David Weissenberg [ca-compliance] Next update 2021-10-01 2022-03-09T15:48:18Z
PKIoverheid: KPN Insufficient Serial Number Entropy 1535871 RESOLVED Jochem van den Berge [ca-compliance] 2019-12-03T04:44:58Z
PKIoverheid: KPN issued Invalid organizationalUnitName 1706950 RESOLVED Jorik van 't Hof [ca-compliance] 2021-07-30T12:06:39Z
PKIoverheid: Missing audit statement "UZI-register Medewerker Niet op Naam CA G21" 1609706 RESOLVED Jorik van 't Hof [ca-compliance] 2020-02-22T21:19:47Z
PKIoverheid: Missing WTBR audit statements Staat der Nederlanden 2017/2018 1605126 RESOLVED Jorik van 't Hof [ca-compliance] 2020-02-05T23:08:51Z
PKIoverheid: No BR Audit for subCAs technically capable of issuing TLS certs 1586125 RESOLVED Jorik van 't Hof [ca-compliance] 2020-03-27T03:50:05Z
PKIoverheid: Overdue audit statements for intermediate certificates 1669518 RESOLVED Jorik van 't Hof [ca-compliance] 2021-04-08T15:19:23Z
PKIoverheid: TSP CPS lacks problem reporting instructions 1610507 RESOLVED Jorik van 't Hof [ca-compliance] 2020-01-21T20:34:48Z
Problem with NETLOCK's codesigning CA 1734114 RESOLVED Anna Bányai [ca-compliance] 2021-11-10T17:50:34Z
PROCERT: Non-BR-Compliant Certificate Issuance 1391058 RESOLVED Procert [ca-compliance] 2017-10-18T13:50:29Z
QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage 1468477 RESOLVED Stephen Davidson [ca-compliance] 2019-12-31T20:16:48Z
QuoVadis / Siemens: Insufficient serial number entropy 1534535 RESOLVED Rufus Buschart [ca-compliance] 2019-04-01T08:49:55Z
QuoVadis: BR Error - san dns name starts with period 1521950 RESOLVED Stephen Davidson [ca-compliance] 2019-04-26T21:14:44Z
QuoVadis: EV serialNumber with "none" 1645708 RESOLVED Stephen Davidson [ca-compliance] 2020-07-26T03:07:18Z
QuoVadis: Incorrect EV businessCategory 1593357 RESOLVED Stephen Davidson [ca-compliance] 2020-01-22T00:05:40Z
QuoVadis: IPaddress in DNSname SAN 1530623 RESOLVED Stephen Davidson [ca-compliance] 2019-04-26T21:14:01Z
QuoVadis: LLB insufficient Serial Number Entropy 1540315 RESOLVED Stephen Davidson [ca-compliance] 2019-07-01T22:27:39Z
QuoVadis: N/A in EV serialNumber field 1576283 RESOLVED Stephen Davidson [ca-compliance] 2020-01-17T22:36:55Z
QuoVadis: OCSP handling of Certificate Transparency Pre-certs 1579950 RESOLVED Stephen Davidson [ca-compliance] 2019-10-09T18:12:23Z
Quovadis: Certificate containing Debian weak key 1472052 RESOLVED Stephen Davidson [ca-compliance] 2019-01-09T20:16:01Z
QuoVadis: DarkMatter Insufficient Serial Number Entropy 1531800 RESOLVED Scott Rea [ca-compliance] 2019-04-26T20:51:51Z
QuoVadis: EV JOI Issue 1581234 RESOLVED Stephen Davidson [ca-compliance] 2019-11-02T16:45:55Z
QuoVadis: Failure to provide a preliminary report within 24 hours 1762456 RESOLVED Jeremy Rowley [ca-compliance] 2022-04-14T20:24:54Z
QuoVadis: Failure to provide a preliminary report within 24 hours. 1649880 RESOLVED Stephen Davidson [ca-compliance] Next Update 1-October 2020 2020-11-10T23:13:16Z
QuoVadis: failure to reply in a timely manner 1590171 RESOLVED Stephen Davidson [ca-compliance] 2019-11-07T20:55:17Z
QuoVadis: hostnames not in preferred name syntax 1738472 RESOLVED Stephen Davidson [ca-compliance] 2021-11-26T06:30:33Z
QuoVadis: improper countryName format 1493760 RESOLVED Stephen Davidson [ca-compliance] 2018-10-12T18:25:53Z
QuoVadis: Incorrect EV jurisdiction of incorporation information 1589047 RESOLVED Stephen Davidson [ca-compliance] 2020-04-01T03:50:45Z
QuoVadis: Incorrect keyUsage for ECC certificate 1667518 RESOLVED Stephen Davidson [ca-compliance] 2020-11-13T18:45:33Z
QuoVadis: Incorrect OCSP Delegated Responder Certificate 1649938 RESOLVED Stephen Davidson [ca-compliance] Next Update 2021-01-07 2021-04-07T14:06:18Z
Quovadis: Insufficient Serial Number Entropy 1533899 RESOLVED Jeremy Rowley [ca-compliance] 2019-03-15T18:53:58Z
QuoVadis: IP in dnsName 1524879 RESOLVED Stephen Davidson [ca-compliance] 2019-03-07T21:07:14Z
QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs 1586792 RESOLVED Stephen Davidson [ca-compliance] 2019-11-02T16:45:36Z
QuoVadis: Multiple unreported misissuances in 2018 1519260 RESOLVED Stephen Davidson [ca-compliance] 2019-04-26T21:15:39Z
QuoVadis: Non-BR-Compliant Certificate Issuance 1391063 RESOLVED Stephen Davidson [ca-compliance] [remediation-accepted] Next Update - 2018-06-30 2018-10-12T18:26:47Z
Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) 1430909 RESOLVED Stephen Davidson [ca-compliance] - Next Update - mid-Feb 2018 2018-09-24T18:07:08Z
QuoVadis: Non-BR-Compliant OCSP Responder 1426238 RESOLVED Stephen Davidson [ca-compliance] 2018-09-24T18:07:08Z
QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs 1519265 VERIFIED Wayne Thayer [ca-compliance] 2020-06-26T00:33:36Z
QuoVadis: revocation services validity set to expected value plus one second 1733000 RESOLVED Stephen Davidson [ca-compliance] 2021-10-14T13:28:20Z
QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) 1563917 RESOLVED Stephen Davidson [ca-compliance] 2019-08-10T23:44:21Z
QuoVadis/PKIoverheid: incorrect OCSP response for precertificate 1724276 RESOLVED Stephen Davidson [ca-compliance] 2021-10-22T13:59:18Z
RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone 1409735 RESOLVED Steven Medin [ca-compliance] 2018-02-09T21:58:17Z
SECOM: "Default City" in Subject:localityName 1548714 RESOLVED Hisashi Kamo [ca-compliance] 2019-08-10T23:54:14Z
SECOM: Ambiguity on KeyUsage with ECC public key 1560234 RESOLVED Hisashi Kamo [ca-compliance] 2019-07-29T04:40:48Z
SECOM: CA Certificates Missing from Audit Reports 1717044 RESOLVED Hisashi Kamo [ca-compliance] 2021-11-04T18:44:13Z
SECOM: certificate for .test TLD 1524452 RESOLVED Hisashi Kamo [ca-compliance] 2019-03-29T16:05:47Z
SECOM: certificate for which “L” and “ST” not set 1544722 RESOLVED Hisashi Kamo [ca-compliance] 2019-07-29T04:25:44Z
SECOM: certificate for which “OU=-” 1544712 RESOLVED Hisashi Kamo [ca-compliance] 2019-08-11T03:59:14Z
SECOM: CP/CPS does not clearly specify domain validation methods 1705480 RESOLVED Hisashi Kamo [ca-compliance] Next update 2021-08-01 2021-07-30T12:05:03Z
SECOM: CrossTrust: OU > 64 characters 1532105 RESOLVED Hisashi Kamo [ca-compliance] 2019-08-11T00:28:45Z
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days 1563574 RESOLVED Hisashi Kamo [ca-compliance] 2019-09-15T23:45:29Z
SECOM: failure to revoke underscores 1524816 RESOLVED Hisashi Kamo [ca-compliance] 2019-02-21T22:32:27Z
SECOM: FUJIFILM intermediate not listed in audit statement 1695938 RESOLVED Hisashi Kamo [ca-compliance] Next update 2021-10-01 2021-11-04T18:43:57Z
SECOM: Incorrect OCSP Delegated Responder Certificate 1649962 RESOLVED Hisashi Kamo [ca-compliance] 2020-08-07T14:41:24Z
SECOM: Insufficient Serial Number Entropy 1539358 RESOLVED Hisashi Kamo [ca-compliance] 2019-05-17T17:44:06Z
SECOM: Mis-issued EV Certificates 1576133 RESOLVED Yuu Hidaka [ca-compliance] 2019-09-26T08:14:55Z
SECOM: Non-BR-Compliant Certificate Issuance 1391064 RESOLVED Hisashi Kamo [ca-compliance] 2018-02-09T21:45:58Z
SECOM: Non-BR-Compliant OCSP Responders 1398259 RESOLVED Hisashi Kamo [ca-compliance] [remediation-accepted] Next Update - 5-Mar 2018 2018-03-02T15:26:03Z
SECOM: Outdated audit statements for intermediate certs 1695993 RESOLVED Hisashi Kamo [ca-compliance] 2021-04-19T15:56:27Z
SECOM: Root CRLs exceed maximum validity period by 1 second 1735998 RESOLVED Hisashi Kamo [ca-compliance] 2021-11-10T22:51:17Z
SECOM: TSA Certs Issued from Root 1452671 RESOLVED Hisashi Kamo [ca-compliance] 2018-12-14T16:16:09Z
SECOM: Undisclosed intermediate certificates 1497703 RESOLVED Hisashi Kamo [ca-compliance] 2018-11-01T16:39:33Z
SECOM: Unqualified domain name in SAN 1695786 RESOLVED Hisashi Kamo [ca-compliance] Next update 2021-08-01 2021-08-06T17:50:03Z
Sectigo / inconsistent disclosure of externally-operated intermediate 1567060 RESOLVED Robin Alden [ca-compliance] 2019-09-16T18:55:06Z
Sectigo: "Default City" in Subject:localityName 1548713 RESOLVED Robin Alden [ca-compliance] 2019-12-09T16:48:34Z
Sectigo: "Manual DCV" method used 1718579 RESOLVED Tim Callan [ca-compliance] 2021-08-18T16:37:16Z
Sectigo: "Some-State" in stateOrProvinceName 1551362 RESOLVED Robin Alden [ca-compliance] 2020-03-23T16:22:15Z
Sectigo: "unauthorized" OCSP responses 1639518 VERIFIED Robin Alden [ca-compliance] 2022-04-21T23:05:18Z
Sectigo: 2020 failure to respond to abuse report discovered 1718785 RESOLVED Tim Callan [ca-compliance] 2021-07-28T16:15:56Z
Sectigo: CCADB failed ALV - D-TRUST CA 2-1 2015 1597948 RESOLVED Robin Alden [ca-compliance] 2020-07-08T02:18:23Z
Sectigo: CCADB failed ALV - Ensured Root CA 1597950 RESOLVED Robin Alden [ca-compliance] 2020-07-28T20:39:30Z
Sectigo: CCADB failed ALV - Network Solutions Certificate Authority 1597947 RESOLVED Rob Stradling [ca-compliance] 2020-10-31T16:57:38Z
Sectigo: Certificate Problem Report response issues 1650845 RESOLVED Nick France [ca-compliance] Updates in Bug #1648717 2021-04-07T14:09:06Z
Sectigo: Certificates with RSA keys where modulus is not divisible by 8 1653504 RESOLVED Nick France [ca-compliance] 2021-09-02T17:10:37Z
Sectigo: CRL validity beyond CPS allowed value 1735761 RESOLVED Tim Callan [ca-compliance] 2021-11-04T18:42:55Z
Sectigo: DCV Reuse after 825 days 1718771 RESOLVED Rob Stradling [ca-compliance] 2021-08-12T15:06:37Z
Sectigo: EV SSL Certificates with incorrect businessCategory 1590810 RESOLVED Robin Alden [ca-compliance] - Next Update - 1-June 2020 2020-06-29T20:16:03Z
Sectigo: EV SSL Certificates with incorrect subject details. 1575022 RESOLVED Robin Alden [ca-compliance] - Next Update - 15-Aug 2020 2020-09-09T14:50:22Z
Sectigo: Failure to block disallowed LDH labels in domain names 1740493 RESOLVED Martijn Katerbarg [ca-compliance] 2021-12-17T19:11:24Z
Sectigo: Failure to provide a preliminary report within 24 hours 1619359 RESOLVED Robin Alden [ca-compliance] 2020-08-11T16:49:32Z
Sectigo: Failure to provide a preliminary report within 24 hours. 1648717 RESOLVED Rich Smith [ca-compliance] 2021-03-31T21:54:53Z
Sectigo: Failure to provide timely incident reports 1563579 RESOLVED Rob Stradling [ca-compliance] 2021-06-14T23:00:15Z
Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours 1625715 RESOLVED Robin Alden [ca-compliance] 2020-05-22T18:05:31Z
Sectigo: Failure to revoke key-compromised certificate within 24 hours 1639804 RESOLVED Robin Alden [ca-compliance] Next update 15-Aug-2020 2020-08-13T19:17:48Z
Sectigo: Failure to revoke key-compromised certificates 1639805 RESOLVED Rich Smith [ca-compliance] 2020-09-09T22:50:31Z
Sectigo: Failure to revoke within 24 hours 1492006 RESOLVED Robin Alden [ca-compliance] 2019-09-16T18:58:11Z
Sectigo: Forbidden Domain Validation Method 1714628 RESOLVED Tim Callan [ca-compliance] 2021-07-16T05:31:50Z
Sectigo: Inadequate DCV 1694233 RESOLVED Tim Callan [ca-compliance] 2021-07-12T20:06:28Z
Sectigo: Inappropriate subject:serialNumber information in EV certificates obtained through ACME 1712120 RESOLVED Tim Callan [ca-compliance] Next update 2021-10-01 2021-10-22T13:59:03Z
Sectigo: Incorrect EV businessCategory 1715929 RESOLVED Tim Callan [ca-compliance] 2021-08-18T16:37:42Z
Sectigo: Incorrect JOI Country value 1747915 RESOLVED Martijn Katerbarg [ca-compliance] 2022-01-14T17:26:38Z
Sectigo: Incorrect JOI for federal credit unions 1741026 RESOLVED Tim Callan [ca-compliance] 2021-12-17T19:11:38Z
Sectigo: Incorrect locality information 1714193 RESOLVED Tim Callan [ca-compliance] 2021-07-30T12:06:05Z
Sectigo: invalid dnsName 1524730 RESOLVED Robin Alden [ca-compliance] 2019-08-03T03:40:41Z
Sectigo: Invalid postalCode field 1708934 RESOLVED Tim Callan [ca-compliance] 2021-07-08T22:11:14Z
Sectigo: Invalid stateOrProvinceName 1710243 RESOLVED Rob Stradling [ca-compliance] 2021-07-12T03:02:24Z
Sectigo: invalid subject:organizationalUnitName on DV certificates 1593776 RESOLVED Robin Alden [ca-compliance] 2021-09-14T02:04:46Z
Sectigo: Lack of input validation in stateOrProvinceName 1645686 RESOLVED Rich Smith [ca-compliance] 2021-07-07T14:43:45Z
Sectigo: Missing Changelog in CPS 1545208 RESOLVED Robin Alden [ca-compliance] 2019-09-18T03:36:02Z
Sectigo: Missing registration numbers in EV certificates 1721271 RESOLVED Tim Callan [ca-compliance] Next update 2021-10-18 2021-12-01T23:34:06Z
Sectigo: Misspellings in stateOrProvince or localityName fields 1715024 RESOLVED Tim Callan [ca-compliance] 2021-08-27T17:07:56Z
Sectigo: Mojibake in certificate Subject fields 1724458 RESOLVED Tim Callan [ca-compliance] Next update 2022-02-15 2022-03-21T02:03:00Z
Sectigo: Potential audit report delay 1648593 RESOLVED Nick France [ca-compliance] [audit-delay] 2020-10-31T16:57:13Z
Sectigo: potentially invalid organizational validation certificates 1717046 RESOLVED Ben Wilson [ca-compliance] 2021-06-21T22:03:44Z
Sectigo: Reseller ZeroSSL and Private Key Generation 1699756 RESOLVED Ben Wilson [ca-compliance] 2021-03-31T14:29:01Z
Sectigo: SC45 DCV Reuse Error 1756847 RESOLVED Martijn Katerbarg [ca-compliance] 2022-03-25T16:33:00Z
Sectigo: State name in localityName 1720744 RESOLVED Tim Callan [ca-compliance] 2021-09-07T18:58:20Z
Sectigo: Subject field with unvalidated information included in certificates 1736064 RESOLVED Tim Callan [ca-compliance] Next update 2022-02-16 2022-02-17T17:17:56Z
Sectigo: test certificates issued from trusted CA 1712188 RESOLVED Tim Callan [ca-compliance] 2021-10-20T16:16:46Z
Sectigo: Truncated registration numbers in EV certificates 1732484 RESOLVED Tim Callan [ca-compliance] 2021-10-27T15:02:04Z
Sectigo: Use of forbidden subjectPublicKeyInfo algorithm 1518553 RESOLVED Robin Alden [ca-compliance] 2019-09-13T17:13:51Z
Sectigo: ZeroSSL: failure to revoke within 24 hours 1698936 RESOLVED Tim Callan [ca-compliance] 2021-04-19T15:57:36Z
SecureTrust: Unvalidated domain in certificate 1546776 RESOLVED fcorday [ca-compliance] 2019-08-11T00:35:09Z
SecureTrust: "Some-State" in stateOrProvinceName 1551374 RESOLVED fcorday [ca-compliance] 2019-12-20T13:47:52Z
SecureTrust: BR Audit 2019 - matters to be resolved 1606031 RESOLVED Corey Bonnell [ca-compliance] 2020-03-14T16:48:30Z
SecureTrust: CPS section number 3 non-compliance event 1671037 RESOLVED Andrea Holland [ca-compliance] 2021-02-12T17:42:36Z
SecureTrust: Failure to provide a preliminary report within 24 hours. 1667799 RESOLVED Andrea Holland [ca-compliance] 2021-03-11T17:46:07Z
SecureTrust: Inaccurate value in stateOrProvinceName 1667842 RESOLVED Andrea Holland [ca-compliance] 2021-08-02T19:24:45Z
SecureTrust: Metadata-only field values in 2 certificates 1646711 RESOLVED Corey Bonnell [ca-compliance] 2020-08-03T18:49:13Z
SecureTrust: Unconstrained ICA not included in WTBR audit report 1600844 RESOLVED Corey Bonnell [ca-compliance] 2020-01-22T22:09:54Z
Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders 1398233 RESOLVED Mihkel Tammsalu [ca-compliance] 2017-11-28T11:57:11Z
SK ID Solutions: Audit Letter Validation failures on intermediate certificates 1614449 RESOLVED Kristel Rünnimeri [ca-compliance] 2020-03-05T22:57:37Z
SK ID Solutions: Incorrect OCSP Delegated Responder Certificate 1649942 RESOLVED Kathleen Wilson [ca-compliance] 2020-09-09T17:43:00Z CRL not found - 1548720 RESOLVED Chris Kemmerer [ca-compliance] 2019-06-28T23:28:47Z Expired CRLs 1550576 RESOLVED Chris Kemmerer [ca-compliance] Expired CRLs 2019-05-13T22:08:57Z Insufficient serial number entropy 1534147 RESOLVED Fotis Loukos [ca-compliance] 2019-04-11T18:35:49Z Insufficient validation evidence for the localityName attribute of an OV certificate 1666872 RESOLVED Chris Kemmerer [ca-compliance] 2020-10-31T16:58:42Z Intermediate certificate not listed in audit reports 1610000 RESOLVED Chris Kemmerer [ca-compliance] 2020-02-22T21:29:09Z Issuance of an EV TLS certificate with incorrect O Field Value 1719916 RESOLVED Chris Kemmerer [ca-compliance] 2021-11-26T06:30:05Z Issued precertificate with Debian Weak Key 1620772 RESOLVED Chris Kemmerer [ca-compliance] 2020-04-08T00:14:21Z P-384 curve / ecdsa-with-SHA256 certificates 1534145 RESOLVED Fotis Loukos [ca-compliance] 2019-04-18T20:29:58Z Precertificates without corresponding certificates return OCSP value of "Unknown" 1579509 RESOLVED Chris Kemmerer [ca-compliance] 2019-10-05T00:04:51Z Wildcard DV certificate issued with a non-validated domain name 1678720 RESOLVED Chris Kemmerer [ca-compliance] 2021-01-15T16:53:01Z
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance 1391864 RESOLVED Mark Janssen [ca-compliance] 2017-09-01T14:34:07Z
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders 1398251 RESOLVED Mark Janssen [ca-compliance] 2017-11-28T12:05:23Z
Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone 1409859 RESOLVED Iñigo [ca-compliance] 2017-11-28T12:17:06Z
StartCom: 'un-revoking' intermediate certificates 1369342 RESOLVED Kathleen Wilson [ca-compliance] 2017-09-21T14:04:49Z
StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record 1409760 RESOLVED Iñigo [ca-compliance] 2017-11-28T12:14:29Z
StartCom: mis-issuance of certs with unvalidated domain names and bogus field values 1369359 RESOLVED Kathleen Wilson [ca-compliance] 2017-10-09T12:02:21Z
StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL 1386894 RESOLVED Kathleen Wilson [ca-compliance] 2017-09-21T23:32:55Z
Swisscom: certificates without DNS names in subjectAltName 1195115 RESOLVED H-P Waldegger [ca-compliance] 2017-05-02T06:37:04Z
Swisscom: Missing Audits for Unconstrained Intermediate Certificates 1464286 RESOLVED H-P Waldegger [ca-compliance] 2018-07-18T22:30:38Z
SwissSign: "Some-State" in stateOrProvinceName 1551364 RESOLVED Timo Schmitt [ca-compliance] 2021-01-13T09:27:29Z
SwissSign: Audit Letter Validation failures on intermediate certificates 1614450 RESOLVED Nathalie Weiler [ca-compliance] 2020-02-27T15:33:43Z
SwissSign: BRs require full annual audits 1374381 RESOLVED Reinhard Dietrich [ca-compliance] 2018-08-07T00:59:16Z
SwissSign: Cert issued with a to long validity period 1443731 RESOLVED Juerg.Eiholzer [ca-compliance] - Next Update - 01-August 2018 2018-10-19T20:25:29Z
SwissSign: Certificate issue with Signature 1459557 RESOLVED Juerg.Eiholzer [ca-compliance] - Next Update - 01-August 2018 2018-10-19T19:29:09Z
SwissSign: Certificate with key length 16258 1731586 RESOLVED Mike Guenther [ca-compliance] 2021-11-26T06:29:12Z
SwissSign: Certificate with key length 4098 bit 1691704 RESOLVED Mike Guenther [ca-compliance] 2021-03-11T17:45:50Z
SwissSign: Domain validated certificate but with stateOrProvinceName 1473971 RESOLVED Reinhard Dietrich [ca-compliance] 2018-08-31T20:58:40Z
SwissSign: duplicate serial number 1636140 RESOLVED Mike Guenther [ca-compliance] 2020-07-07T23:28:11Z
SwissSign: duplicate serial number 1677737 RESOLVED Mike Guenther [ca-compliance] 2021-06-01T19:50:01Z
SwissSign: Error in OrganisationIdentifier in signature/seal certificate 1541064 RESOLVED Mike Guenther [ca-compliance] 2019-04-25T18:50:24Z
SwissSign: failure to provide a preliminary report within 24 hours 1636141 RESOLVED Mike Guenther [ca-compliance] 2020-07-26T23:19:59Z
SwissSign: Failure to provide a preliminary report within 24 hours. 1671113 RESOLVED Mike Guenther [ca-compliance] 2021-02-12T17:45:34Z
SwissSign: Invalid DNSName in SAN 1428877 RESOLVED Mike Guenther [ca-compliance] 2019-01-14T16:22:58Z
SwissSign: Invalid stateOrProvinceName field 1670894 RESOLVED Mike Guenther [ca-compliance] 2021-02-08T17:31:34Z
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier 1506607 RESOLVED Mike Guenther [ca-compliance] 2019-05-20T17:43:59Z
SwissSign: Misissuance of Leaf Certificates because of incorrect postcode 1569651 RESOLVED Timo Schmitt [ca-compliance] 2020-01-29T10:20:16Z
SwissSign: Misissuance with mispellings in Location for a number of Certificates 1613334 RESOLVED Mike Guenther [ca-compliance] Next Update 31-July 2020 2020-10-14T05:01:40Z
SwissSign: Non-BR-Compliant Certificate Issuance 1391066 RESOLVED Corneia Enke [ca-compliance] [remediation-accepted] Next Update - 2017-11-04 2017-11-30T16:21:32Z
SwissSign: OCSP responder unreachable 1662137 RESOLVED Mike Guenther [ca-compliance] 2020-09-14T12:33:15Z
SwissSign: Two certs issued with same issuer and serial number 1404403 RESOLVED Corneia Enke [ca-compliance] 2017-10-12T16:54:04Z
SwissSign: Undisclosed Intermediate Certificates 1455132 RESOLVED Juerg.Eiholzer [ca-compliance] - Next Update - 16-October 2018 2018-11-01T16:50:36Z
SwissSign: wrong address in EV certificate 1734131 RESOLVED Mike Guenther [ca-compliance] 2021-10-20T16:17:17Z
Symantec: Non-audited, non-technically-constrained intermediate cert 1368178 RESOLVED Steven Medin [ca-compliance] 2017-08-18T21:57:16Z
Symantec: Non-BR-Compliant Certificate Issuance 1391067 RESOLVED Steven Medin [ca-compliance] 2018-02-09T21:52:08Z
T-Systems / DFN-PKI: 40 OV certificates with wrong ST 1534580 RESOLVED Jürgen Brauckmann [ca-compliance] 2020-07-22T17:35:48Z
T-Systems / DFN-PKI: 42 certificates with RSA modulus size in bits not divisable by 8 1651132 RESOLVED Jürgen Brauckmann [ca-compliance] - Next Update - 2-Oct-2020 2020-11-13T18:45:50Z
T-Systems: "Internet Widgits Pty Ltd" in organizationName 1638898 RESOLVED Arnold Essing [ca-compliance] 2020-05-18T17:38:58Z
T-Systems: "Some-State" comparable issues 1567456 RESOLVED Arnold Essing [ca-compliance] 2019-12-27T22:59:14Z
T-Systems: "Some-State" in stateOrProvinceName 1551371 RESOLVED Arnold Essing [ca-compliance] 2019-07-03T21:10:08Z
T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 1522080 RESOLVED Jürgen Brauckmann [ca-compliance] 2019-02-04T23:34:01Z
T-Systems: Improperly encoded QCStatements extension 1498463 RESOLVED Bernd [ca-compliance] 2019-01-29T18:49:50Z
T-Systems: Incorrect OCSP Delegated Responder Certificate 1649941 RESOLVED Arnold Essing [ca-compliance] 2020-08-07T14:35:15Z
T-Systems: Insufficient serial number entropy 1536082 RESOLVED Arnold Essing [ca-compliance] 2019-08-11T04:11:20Z
T-Systems: Invalid SAN Entries 1530718 RESOLVED Arnold Essing [ca-compliance] 2019-08-11T00:39:40Z
T-Systems: Issue with Organization field 1578417 RESOLVED Arnold Essing [ca-compliance] 2020-05-18T17:38:58Z
T-Systems: Non-BR-Compliant Certificate Issuance 1391074 RESOLVED Lothar Eickholt [ca-compliance] Next Update - 28-January 2019 2019-01-24T22:24:28Z
T-Systems: Non-BR-Compliant OCSP Responders 1426009 RESOLVED Lothar Eickholt [ca-compliance] 2018-01-04T17:58:05Z
T-Systems: Undisclosed Intermediate certificate 1455137 RESOLVED Bernd [ca-compliance] 2019-04-02T00:54:17Z
T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 1401486 RESOLVED Lothar Eickholt [ca-compliance] 2018-01-18T13:14:56Z
Taiwan-CA: Invalid SAN Entries 1535869 RESOLVED Hao-Chun Li [ca-compliance] 2019-06-28T17:45:38Z
Taiwan-CA: Invalid stateOrProvinceName 1709070 RESOLVED Hao-Chun Li [ca-compliance] Next update 2021-08-15 2021-08-13T22:30:05Z
Taiwan-CA: Misissued certificate: Invalid organizationUnitName 1629020 RESOLVED Hao-Chun Li [ca-compliance] 2020-04-19T14:55:54Z
Taiwan-CA: Non-BR-Compliant Certificate Issuance 1391068 RESOLVED Robin Lin [ca-compliance] 2019-01-03T21:03:14Z
Telekom Security: Certificate with invalid FQDN 1711432 RESOLVED Arnold Essing [ca-compliance] 2021-06-11T17:42:38Z
Telekom Security: CRL also contained unrevoked certificates 1655698 RESOLVED Arnold Essing [ca-compliance] 2021-02-08T17:32:33Z
Telekom Security: Finding in 2020 ETSI-Audit regarding weekly review of changes to configurations 1651611 RESOLVED Arnold Essing [ca-compliance] 2021-01-27T19:41:57Z
Telekom Security: Key Encipherment in two ECC SAN TLS certificates 1703528 RESOLVED Arnold Essing [ca-compliance] 2021-06-23T15:40:05Z
Telekom Security: Multiple commonName in certificates 1705791 RESOLVED Arnold Essing [ca-compliance] 2021-12-12T22:30:10Z
Telekom Security: Wrong jurisdiction entries in certificates 1675314 RESOLVED Arnold Essing [ca-compliance] 2021-04-07T14:01:37Z
Telia CA: AIA CA Issuer field pointing to PEM encoded cert 1637854 RESOLVED pekka.lahtiharju [ca-compliance] 2020-09-09T22:39:44Z
Telia CA: Ambiguity on KeyUsage with ECC public key 1612332 RESOLVED pekka.lahtiharju [ca-compliance] 2020-05-21T02:26:24Z
Telia CA: Certificates with RSA keys where modulus is not divisible by 8 1674536 RESOLVED pekka.lahtiharju [ca-compliance] 2021-02-01T10:54:26Z
Telia CA: Invalid email contact address was used for few domains 1736020 RESOLVED pekka.lahtiharju [ca-compliance] 2022-02-17T17:17:05Z
Telia: "Some-State" in stateOrProvinceName 1551372 RESOLVED pekka.lahtiharju [ca-compliance] 2020-07-06T20:10:26Z
Telia: Disallowed curve (P-521) in leaf certificate 1689589 RESOLVED pekka.lahtiharju [ca-compliance] 2021-06-11T18:08:43Z
Telia: Failure to disclose Unconstrained Intermediate within 7 Days 1563575 RESOLVED pekka.lahtiharju [ca-compliance] 2019-07-22T18:47:09Z
Telia: invalid IP value in SAN DNS field 1524567 RESOLVED pekka.lahtiharju [ca-compliance] 2019-06-28T23:56:57Z
Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field 1528259 RESOLVED pekka.lahtiharju [ca-compliance] 2019-08-11T00:31:52Z
Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) 1528261 RESOLVED pekka.lahtiharju [ca-compliance] 2019-08-11T00:33:27Z
Telia: Misissued certificate - invalid dnsName 1524050 RESOLVED pekka.lahtiharju [ca-compliance] 2019-06-28T23:31:27Z
Telia: Misissued certificate - Invalid OU value "-" 1528264 RESOLVED pekka.lahtiharju [ca-compliance] 2019-06-28T23:18:30Z
Telia: Misissued certificate - Invalid wildcard format 1528263 RESOLVED pekka.lahtiharju [ca-compliance] 2019-07-03T23:49:06Z
Telia: Non-BR-Compliant OCSP Responder 1426247 RESOLVED pekka.lahtiharju [ca-compliance] 2018-06-27T21:23:24Z
Telia: Qualified Audit Statements 1475115 RESOLVED pekka.lahtiharju [ca-compliance] 2019-02-06T20:40:38Z
Telia: Qualified BR Audit Statement 1565270 RESOLVED pekka.lahtiharju [ca-compliance] Next Update 2021-03-01 2021-03-07T05:38:57Z
Telia: Qualified BR Audit Statement 2020 1649683 RESOLVED pekka.lahtiharju [ca-compliance] 2020-07-29T20:14:41Z
Telia: Two CA certificates not listed in audit report 1614311 RESOLVED pekka.lahtiharju [ca-compliance] 2020-05-21T01:39:00Z
TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB 1451953 RESOLVED Wayne Thayer [ca-compliance] - Next Update - 01-May 2018 2018-10-12T18:10:43Z
TERENA: Insufficient validation of organizationalUnitName 1675923 RESOLVED Jeremy Rowley [ca-compliance] 2020-11-10T10:35:51Z
Trustcor: Incorrect CA-Issuers URI 1568356 RESOLVED Neil Dunbar [ca-compliance] 2019-12-13T23:17:26Z
TrustCor: Insufficient Serial Number Entropy 1532399 RESOLVED Neil Dunbar [ca-compliance] 2019-03-15T18:59:10Z
TrustCor: Non-audited intermediate certificates 1579284 RESOLVED Neil Dunbar [ca-compliance] 2019-10-08T21:37:46Z
TrustCor: Non-mention of Email CAs in WTBR audit reports 1599503 RESOLVED Neil Dunbar [ca-compliance] 2021-06-29T19:14:53Z
Trustis: Gap between audit periods 1623472 RESOLVED Blake Morgan [ca-compliance] Audit Gap 2020-05-13T19:58:29Z
Trustis: Non-Br-Compliant OCSP Responder 1426249 RESOLVED Blake Morgan [ca-compliance] 2018-04-12T18:14:33Z
Trustwave: Certs issued with same issuer and serial number 1405826 RESOLVED fcorday [ca-compliance] 2017-10-07T08:39:54Z
TunTrust: OCSP unreachable 1663953 RESOLVED Agence Nationale de Certification Electronique [ca-compliance] Next Update 2021-06-15 2021-07-16T05:32:51Z
TurkTrust: Failure to respond to January 2018 survey 1439127 RESOLVED Atilla Biler [ca-compliance] 2018-05-24T00:15:58Z
TurkTrust: Non-audited, non-technically-constrained intermediate certs 1367842 RESOLVED Atilla Biler [ca-compliance] 2017-10-09T12:01:43Z
TWCA: CA Certificate Missing from Audit Reports 1716670 RESOLVED Hao-Chun Li [ca-compliance] 2022-03-25T16:32:35Z
Visa: Non-BR-Compliant Certificate Issuance 1391087 RESOLVED Marcelo B. Silva [ca-compliance] 2018-10-03T21:19:26Z
Visa: Non-BR-Compliant OCSP Responders 1398261 RESOLVED Marcelo B. Silva [ca-compliance] 2018-05-23T21:50:27Z
Visa: Qualified Audit Statements 1485851 RESOLVED PKI Policy [ca-compliance] 2018-10-03T21:18:22Z Failure to respond in time to revocation requests 1723121 RESOLVED Keith McKenney [ca-compliance] 2021-10-20T16:18:50Z Overdue Audit Statements 2021 1721473 RESOLVED Keith McKenney [ca-compliance] 2021-10-20T16:18:38Z
WISeKey: Failure to disclose intermediate in CCADB 1503638 RESOLVED Pedro Fuentes [ca-compliance] 2018-11-01T23:17:43Z
WISeKey: Incorrect OCSP Delegated Responder Certificate 1649939 RESOLVED Pedro Fuentes [ca-compliance] [covid-19] Next Update - 25 October, 2020 2020-08-10T20:33:37Z
WISeKey: Insufficient Serial Number Entropy 1540281 RESOLVED Pedro Fuentes [ca-compliance] 2019-04-15T17:29:35Z
WISeKey: Issuance of certificate with two potentially conflicting policy OIDs 1626868 RESOLVED Pedro Fuentes [ca-compliance] 2020-04-06T21:43:04Z
WISeKey: Non-BR-Compliant Certificate Issuance 1391089 RESOLVED Pedro Fuentes [ca-compliance] 2017-11-28T11:14:09Z
WISeKey: Revocation of multiple intermediate CAs 1549308 RESOLVED Wayne Thayer [ca-compliance] 2019-05-06T22:58:22Z
WISeKey: Typo in Organization field 1609501 RESOLVED Pedro Fuentes [ca-compliance] 2020-01-24T20:29:51Z
WISeKey: Unofficial DBA in Organization field 1614290 RESOLVED Pedro Fuentes [ca-compliance] 2020-05-21T02:08:15Z

800 Total; 0 Open (0%); 798 Resolved (99.75%); 2 Verified (0.25%);

Delayed Revocation

Full Query
Summary ID Status Assigned to Whiteboard Last change time
Actalis: Delayed revocation of non-BR-compliant CA Certificate within 7 days 1718554 RESOLVED Adriano Santoni [ca-compliance] [delayed-revocation-ca] Next update 2021-09-22 2021-10-03T18:31:21Z
Actalis: delayed revocation related to inaccurate value in stateOrProvinceName 1670861 RESOLVED Adriano Santoni [ca-compliance] [delayed-revocation-leaf] 2021-01-27T19:44:39Z
Actalis: Failure to revoke certs within the BR required timeframe 1572638 RESOLVED Giorgio Girelli [ca-compliance] [delayed-revocation-leaf] 2021-06-07T18:09:57Z
Actalis: Failure to revoke within 7 days: OCSP EKU issue 1651651 RESOLVED Adriano Santoni [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 2020-12-29T15:41:55Z
Amazon Trust Services: Revocation Time for Intermediate Certificates 1719920 RESOLVED Heather (Amazon Trust Services) [ca-compliance] [delayed-revocation-ca] 2021-09-07T14:24:14Z
Asseco DS / Certum: Failure to revoke intermediate certificates within the BR time period 1600158 RESOLVED Wojciech Trapczyński [ca-compliance] [delayed-revocation-ca] 2019-12-03T04:58:45Z
Asseco DS/Certum: Failure to revoke within 5 days 1668523 RESOLVED Aleksandra Kurosz [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-15 2021-01-27T19:42:38Z
Buypass: Failure to revoke PSD2 QWACs within mandated 5 days 1628292 RESOLVED Mads Henriksveen [ca-compliance] [delayed-revocation-leaf] Next update 2020-12-01 2020-11-20T21:49:34Z
Buypass: intermediate certificates not revoked within BR time period 1598319 RESOLVED Mads Henriksveen [ca-compliance] [delayed-revocation-ca] 2020-05-19T15:58:04Z
Camerfirma: BR revocation period exceeded 1624658 RESOLVED Ana Lopes [ca-compliance] [delayed-revocation-leaf] [covid-19] 2020-04-23T05:08:00Z
Camerfirma: Decision not to revoke certificates with authorityKeyIdentifier that violates Mozilla Policy 1609828 RESOLVED Juan Angel Martin [ca-compliance] [delayed-revocation-leaf] 2020-02-01T20:23:20Z
Camerfirma: Delayed revocations of certificates issued by old CAs with an RSA modulus size of 2047 bits 1692535 RESOLVED Ben Wilson [ca-compliance] [delayed-revocation-leaf] Next update 2022-02-18 2022-02-22T00:02:36Z
Camerfirma: Delayed revocations related to certificates without CABForum OV Reserved Policy Identifier 1686966 RESOLVED Ana Lopes [ca-compliance] [delayed-revocation-leaf] 2021-03-19T18:12:10Z
Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident 1647099 RESOLVED Ana Lopes [ca-compliance] [delayed-revocation-leaf] [covid-19] 2020-11-13T18:55:50Z
Camerfirma: Delayed revocations related to Invalid stateOrProvinceName field 1668331 RESOLVED Juan Angel Martin [ca-compliance] [delayed-revocation-leaf] 2021-01-27T19:43:26Z
Camerfirma: Failure to revoke within 7 days: OCSP EKU issue 1652603 RESOLVED Eusebio Herrera [ca-compliance] [delayed-revocation-ca] 2020-12-01 2021-04-19T16:08:31Z
Camerfirma: Govern d'Andorra audits 1575530 RESOLVED Juan Angel Martin [ca-compliance] [delayed-revocation-ca] 2020-10-20T22:57:37Z
Camerfirma: Invalid authorityKeyIdentifier, violating Mozilla Policy and RFC 5280 1586860 RESOLVED Juan Angel Martin [ca-compliance] [delayed-revocation-ca] 2020-03-20T07:05:24Z
CFCA: O > 64 characters 1532113 RESOLVED Oliver Bi [ca-compliance] [delayed-revocation-leaf] 2020-05-21T02:23:13Z
D-TRUST: Delayed revocation of EV certificates 1580525 RESOLVED Enrico Entschew [ca-compliance] [delayed-revocation-leaf] 2020-05-08T17:26:18Z
Dhimyotis/Certigna: Certificates issued with validity periods greater than 398-days 1674082 RESOLVED r.delval [ca-compliance] [delayed-revocation-leaf] 2021-03-07T05:37:50Z
Dhimyotis/Certigna: Failure to revoke in the timeline specified by the BRs 1685142 RESOLVED r.delval [ca-compliance] [delayed-revocation-leaf] 2021-01-05T19:23:18Z
DigiCert: Delay of revocation for EV audit inconsistency incident 1651828 RESOLVED Brenda Bernal [ca-compliance] [delayed-revocation-leaf] [covid-19] 2020-08-13T19:17:14Z
DigiCert: Failure to revoke within 7 days: OCSP EKU issue 1651461 RESOLVED Brenda Bernal [ca-compliance] [delayed-revocation-ca] 2021-03-11T17:44:32Z
E-Tugra: The failure to revoke a certificate 1687608 RESOLVED Davut Tokgöz [ca-compliance] [delayed-revocation-leaf] 2021-04-07T14:12:33Z
Entrust: Compromised Private Key was not Revoked in Less than 24 Hours 1611241 RESOLVED Dathan Demone [ca-compliance] [delayed-revocation-leaf] 2020-02-07T03:21:24Z
Entrust: Failure to revoke a certificate 1636339 RESOLVED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2020-08-07T15:02:43Z
Entrust: Late Revocation due to SHA-256 hash algorithm 1651481 RESOLVED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2020-11-02T19:18:38Z
Entrust: Late Revocation for Invalid State/Province Issue 1658794 RESOLVED Dathan Demone [ca-compliance][delayed-revocation-leaf] 2020-10-09T17:54:48Z
Entrust: Late Revocation for SSL Certificates issued with Un-verified IP Addresses 1748634 RESOLVED Bruce Morton [ca-compliance] [delayed-revocation-leaf] 2022-03-08T22:49:05Z
Entrust: SHA-256 hash algorithm used with ECC P-384 key 1648472 RESOLVED Bruce Morton [ca-compliance] [delayed-revocation-leaf] Next Update - 21-Sept. 2020 2020-09-21T15:54:40Z
Firmaprofesional: Failure to revoke ICAs within 7 days: OCSP EKU 1651637 RESOLVED Maria Jose Prieto [ca-compliance] [delayed-revocation-ca] Next update 2021-04-23 2021-05-13T19:50:19Z
GlobalSign: Failure to revoke 2 noncompliant QWACs within 5 days 1625445 RESOLVED Paul Brown [ca-compliance] [delayed-revocation-leaf] 2020-04-06T13:54:09Z
GlobalSign: Failure to revoke noncompliant certificates within 5 days 1654545 RESOLVED Arvid Vermote [ca-compliance] [delayed-revocation-leaf] 2020-09-21T15:53:12Z
GlobalSign: Failure to revoke noncompliant ICA within 7 days 1599788 RESOLVED Arvid Vermote [ca-compliance] [delayed-revocation-ca] 2020-05-19T15:33:36Z
GlobalSign: Failure to revoke noncompliant ICA within 7 days 1651447 RESOLVED Arvid Vermote [ca-compliance] [delayed-revocation-ca] 2021-04-30T15:40:24Z
GlobalSign: ICAs in CCADB, without EKU extension are listed in WTCA report but not in WTBR report 1591005 RESOLVED Arvid Vermote [ca-compliance] [delayed-revocation-ca] Next Update 2021-03-15 2021-03-31T21:53:40Z
GlobalSign: Untimely revocation of TLS certificate after submission of private key compromise 1620922 RESOLVED Arvid Vermote [ca-compliance] [delayed-revocation-leaf] 2020-03-14T16:56:10Z
GoDaddy: Failure to Revoke Subscriber Certificates within 24 hours 1742657 RESOLVED Brittany Randall [ca-compliance] [delayed-revocation-leaf] Next update 2022-03-31 2022-04-15T15:12:22Z
Google Trust Services: Failure to revoke subscriber certificates within BR timeframe 1715421 RESOLVED Fotis Loukos [ca-compliance] [delayed-revocation-leaf] 2021-08-25T16:10:39Z
HARICA: Delayed revocation for non-BR-compliant CA Certificates within 7 days 1651465 RESOLVED Dimitris Zacharopoulos [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2020-12-09T18:25:23Z
Identrust: Delay Revocation for EV SSL Certificates 1757247 RESOLVED IdenTrust [ca-compliance] [delayed-revocation-leaf] 2022-04-27T16:05:10Z
Identrust: Failure to Revoke Subscriber Certificates Within 5 days 1736706 RESOLVED IdenTrust [ca-compliance] [delayed-revocation-leaf] [ca-compliance] Next update 2022-01-05 2022-01-13T14:47:06Z
IdenTrust: Undisclosed Unrevoked ICAs 1598807 RESOLVED IdenTrust [ca-compliance] [delayed-revocation-ca] [covid-19] - Next Update - 7-Aug 2020 2020-09-09T14:58:48Z
Izenpe: Failure to revoke within 5 days 1656487 RESOLVED Oscar Garcia [ca-compliance][delayed-revocation-leaf] 2020-11-13T18:48:33Z
Izenpe: intermediate certificates not revoked within BR time period 1598608 RESOLVED Oscar Garcia [ca-compliance] [delayed-revocation-ca] 2020-02-07T03:13:19Z
KIR S.A.: Delayed revocations of certificates 1709872 RESOLVED Piotr Grabowski [ca-compliance] [delayed-revocation-leaf] Next update 2022-01-22 2022-02-09T23:08:09Z
Let's Encrypt: Failure to revoke for Certificate Lifetime Incident 1715672 RESOLVED Aaron Gable [ca-compliance] [delayed-revocation-leaf] Next update 2022-01-12 2022-01-13T14:48:10Z
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours 1625322 RESOLVED Josh Aas [ca-compliance] [delayed-revocation-leaf] 2020-05-29T18:38:51Z
Let's Encrypt: Incomplete revocation for CAA rechecking bug 1619179 RESOLVED Josh Aas [ca-compliance] [delayed-revocation-leaf] 2020-05-29T18:43:23Z
Microsec: Failure to revoke noncompliant ICA within 7 days 1651632 RESOLVED dr. Sándor SZŐKE [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2020-12-09T18:24:55Z
Netlock - Failure to revoke noncompliant ICA within 7 days 1656882 RESOLVED Varga Viktor [ca-compliance] [delayed-revocation-ca] 2020-11-13T18:49:06Z
Netlock: Delayed revocation report connected to ticket 1680378 1688844 RESOLVED Varga Viktor [ca-compliance] [delayed-revocation-leaf] 2021-04-19T15:52:15Z
PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue 1652604 RESOLVED Jorik van 't Hof [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2021-03-31T21:54:27Z
PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue 1652922 RESOLVED Ben Wilson [ca-compliance] [delayed-revocation-ca] 2020-07-15T19:11:10Z
QuoVadis: Failure to revoke certificates with compromised private keys 1624504 RESOLVED Stephen Davidson [ca-compliance] [delayed-revocation-leaf] - Next update 31-July 2020 2020-07-29T20:24:44Z
QuoVadis: Unconstrained CAs missing audits 1581597 RESOLVED Stephen Davidson [ca-compliance] [delayed-revocation-ca] [covid-19] 2020-08-16T23:16:22Z
QuoVadis: Failure to revoke within 7 days: OCSP EKU issue 1651553 RESOLVED Stephen Davidson [ca-compliance] [delayed-revocation-ca] Next update 2021-01-22 2021-03-31T21:55:05Z
QuoVadis: Unconstrained CAs revocation 1599916 RESOLVED Stephen Davidson [ca-compliance] [delayed-revocation-ca] 2020-09-10T01:37:22Z
SECOM: Delayed Revocation of CA Certificate with OCSP EKU Issue 1652610 RESOLVED Hisashi Kamo [ca-compliance] [delayed-revocation-ca] 2021-04-19T15:52:43Z
SECOM: Delayed Revocation of non-technically constrained FUJIFILM Certificates 1707229 RESOLVED Hisashi Kamo [ca-compliance] [delayed-revocation-leaf] Next update 2022-04-29 2022-04-27T16:05:28Z
Sectigo: Failure to properly respond to a report of subscriber key compromise 1635840 RESOLVED Robin Alden [ca-compliance] [delayed-revocation-leaf] 2020-07-09T01:23:15Z
Sectigo: Failure to revoke within 5 days 1665763 RESOLVED Rich Smith [ca-compliance] [delayed-revocation-leaf] 2020-11-13T18:42:16Z
Sectigo: Non-revocation of certificates with subject:organizationalUnitName in DV certificates 1620561 RESOLVED Nick France [ca-compliance] [delayed-revocation-leaf] Next update 2021-01-05 2021-01-27T19:44:10Z
SecureTrust: Delayed revocation of a customer revoke request 1724485 RESOLVED Andrea Holland [ca-compliance] [delayed-revocation-leaf] 2021-09-10T17:49:04Z
SwissSign: CP/CPS certificate profile issue 1558552 RESOLVED Mike Guenther [ca-compliance] [delayed-revocation-leaf] 2020-02-01T23:58:13Z
SwissSign: Delayed revocation for mispellings in Location for a number of Certificates 1613406 RESOLVED Mike Guenther [ca-compliance] [delayed-revocation-leaf] Next Update 31-Aug 2020 2020-09-09T14:58:07Z
Telekom Security: Delayed Revocations of Sub-CA certificates 1651487 RESOLVED Arnold Essing [ca-compliance] [delayed-revocation-ca] Next update 2020-12-01 2020-12-09T18:27:15Z
Telia CA: Delayed revocation of 5 EE certificates in connection to id=1736020 1737808 RESOLVED pekka.lahtiharju [ca-compliance] [delayed-revocation-leaf] 2022-02-17T17:16:51Z
TrustCor: Non-revocation of CA certificates within 7 days 1599571 RESOLVED Neil Dunbar [ca-compliance] [delayed-revocation-ca] 2020-04-07T23:59:15Z
WISeKey: Failure to meet revocation deadline 1610767 RESOLVED Pedro Fuentes [ca-compliance] [delayed-revocation-leaf] 2020-07-06T20:17:55Z
WISeKey: Failure to revoke ICA Certificates within 7 days (OCSP EKU) 1651730 RESOLVED Pedro Fuentes [ca-compliance] [delayed-revocation-ca] Next Update 2020-12-01 2020-12-09T18:26:32Z

72 Total; 0 Open (0%); 72 Resolved (100%); 0 Verified (0%);