CA/Closed Incidents

From MozillaWiki
< CA
Jump to: navigation, search

Closed CA Compliance Bugs

A historical view of past overdue audit statements may be found here.
Below is a historical view of past CA compliance bugs. These bugs may have been valid and remedied by the CA, or may have been deemed invalid and closed as unnecessary.

All Other Issues

Full Query
ID Summary Status Resolution Last change time
988633 GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority RESOLVED FIXED 2017-09-20T01:27:06Z
1017157 DigiCert: no subject alternative name in Siemens certs RESOLVED FIXED 2017-04-26T19:23:50Z
1029147 [meta] Bug for Tracking BR Compliance Issues RESOLVED WORKSFORME 2018-01-18T18:13:04Z
1195115 Swisscom: certificates without DNS names in subjectAltName RESOLVED WONTFIX 2017-05-02T06:37:04Z
1262610 DigiCert: ECCE 001 issuing certificates without subject alternative name extension RESOLVED FIXED 2017-04-26T19:23:50Z
1267049 Izenpe: EV certificate with various issues RESOLVED FIXED 2017-04-26T19:23:50Z
1304895 DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension RESOLVED FIXED 2018-06-20T16:23:52Z
1335132 DigiCert: Verizon mis-issued test certificates RESOLVED FIXED 2017-11-28T10:37:09Z
1339339 DigiCert: Non-BR Compliant Certificates - missing CP/CPS OID RESOLVED FIXED 2017-04-26T19:23:50Z
1353827 DigiCert: DigiCert issued cert with CN too long RESOLVED FIXED 2017-09-21T04:55:30Z
1357067 Camerfirma: certs with duplicate SANs and without localityName or stateOrProvinceName RESOLVED FIXED 2017-10-13T16:52:00Z
1367842 TurkTrust: Non-audited, non-technically-constrained intermediate certs RESOLVED FIXED 2017-10-09T12:01:43Z
1368171 Firmaprofesional: Non-audited, non-technically-constrained intermediate certs RESOLVED FIXED 2017-10-13T21:42:23Z
1368176 DigiCert: Non-audited, non-technically-constrained intermediate certs RESOLVED FIXED 2017-09-18T14:26:46Z
1368178 Symantec: Non-audited, non-technically-constrained intermediate cert RESOLVED FIXED 2017-08-18T21:57:16Z
1369342 StartCom: 'un-revoking' intermediate certificates RESOLVED FIXED 2017-09-21T14:04:49Z
1369359 StartCom: mis-issuance of certs with unvalidated domain names and bogus field values RESOLVED FIXED 2017-10-09T12:02:21Z
1374381 SwissSign: BRs require full annual audits RESOLVED FIXED 2018-08-07T00:59:16Z
1386891 Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB RESOLVED FIXED 2017-10-24T09:52:02Z
1386894 StartCom: Non-BR-Compliant Certificate Issuance -- adding Certnomis intermediates to OneCRL RESOLVED DUPLICATE 2017-09-21T23:32:55Z
1389172 DigiCert: Certificate Issues Identified on the Mailing List RESOLVED FIXED 2017-09-20T05:01:50Z
1390974 Actalis: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-09-20T05:24:05Z
1390977 Camerfirma: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-03-02T21:18:42Z
1390978 Certinomis: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-11-29T14:19:25Z
1390979 certSIGN: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-10-13T18:10:15Z
1390981 Comodo: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-12-08T11:36:13Z
1390988 Consorci AOC: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-08-01T18:33:24Z
1390990 D-TRUST: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2019-04-02T00:52:50Z
1390991 Disig: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-02-09T22:09:08Z
1390994 DocuSign/Keynectis: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-12-01T13:23:51Z
1390996 Entrust: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-12-01T11:53:40Z
1390997 GlobalSign: Non-BR-Compliant Certificate Issuance - metadata-only subject fields RESOLVED FIXED 2017-09-05T19:52:28Z
1390998 Kamu SM: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-08-24T19:03:11Z
1391000 IdenTrust: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-10-13T16:09:23Z
1391054 Izenpe: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-01-15T16:59:19Z
1391055 Microsec e-Szigno: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-12-01T12:04:56Z
1391056 NetLock: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-02-09T22:13:50Z
1391058 PROCERT: Non-BR-Compliant Certificate Issuance RESOLVED DUPLICATE 2017-10-18T13:50:29Z
1391063 QuoVadis: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-10-12T18:26:47Z
1391064 SECOM: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-02-09T21:45:58Z
1391066 SwissSign: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-11-30T16:21:32Z
1391067 Symantec: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-02-09T21:52:08Z
1391068 Taiwan-CA: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2019-01-03T21:03:14Z
1391074 T-Systems: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2019-01-24T22:24:28Z
1391087 Visa: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-10-03T21:19:26Z
1391089 WISeKey: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-11-28T11:14:09Z
1391429 GoDaddy: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-12-01T10:21:56Z
1391864 Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-09-01T14:34:07Z
1391867 Let's Encrypt: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2017-08-21T19:00:02Z
1393555 GlobalSign: Non-BR-Compliant Certificate Issuance -- double-dots in dnsName RESOLVED FIXED 2017-12-05T15:44:16Z
1393557 GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits RESOLVED FIXED 2017-11-22T14:44:37Z
1397830 EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate RESOLVED FIXED 2019-09-17T21:48:45Z
1397832 GRCA: Signing SHA-1 OCSP responses with unconstrained certificate RESOLVED FIXED 2017-11-28T11:47:07Z
1397951 DigiCert / InfoCert: Insufficient Serial Number Entropy RESOLVED FIXED 2017-10-13T21:36:08Z
1397954 DigiCert / Siemens: Insufficient Serial Number Entropy RESOLVED FIXED 2017-10-12T12:59:18Z
1397957 DigiCert / CTJ: Metadata in OU fields, Reserved IP Address RESOLVED FIXED 2019-01-14T22:06:51Z
1397958 DigiCert / Terena: Metadata in OU fields RESOLVED FIXED 2017-09-20T05:13:05Z
1397960 DigiCert / Telecom Italia: Several Problems RESOLVED FIXED 2018-08-28T17:49:02Z
1397961 DigiCert / Justica: Invalid DNS names RESOLVED FIXED 2018-06-25T18:42:27Z
1397963 DigiCert / Wells Fargo: Invalid DNS names RESOLVED FIXED 2018-02-06T17:24:54Z
1397965 DigiCert / Swiss Government: CommonName not in SANs RESOLVED FIXED 2017-09-20T05:36:53Z
1397968 DigiCert / Verizon: Reserved/Intranet domain name RESOLVED DUPLICATE 2017-09-08T12:24:16Z
1397969 DigiCert / Inteso San Paulo: Double dot characters RESOLVED FIXED 2018-02-05T19:06:40Z
1398233 Sertifitseerimiskeskuse: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2017-11-28T11:57:11Z
1398240 Firmaprofesional: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-05-04T00:32:43Z
1398242 Disig: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-05-23T21:13:21Z
1398243 certSIGN: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-02-07T18:05:33Z
1398246 Consorci AOC: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-10-12T17:25:25Z
1398247 DocuSign/Keynectis: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2019-01-03T21:15:06Z
1398251 Staat der Nederlandend / PKIoverheid: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2017-11-28T12:05:23Z
1398255 IdenTrust: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-01-11T15:33:46Z
1398258 Izenpe: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2017-10-11T15:26:13Z
1398259 SECOM: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-03-02T15:26:03Z
1398261 Visa: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-05-23T21:50:27Z
1398269 DigiCert: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-06-21T17:23:31Z
1398427 Let's Encrypt: CAA Misissuances RESOLVED FIXED 2019-09-17T20:42:22Z
1398428 Amazon: CAA Misissuances RESOLVED FIXED 2017-11-03T12:10:13Z
1398545 Comodo: CAA Misissuance RESOLVED FIXED 2017-12-06T16:36:39Z
1401211 NetLock: Non-BR-Compliant Certificate Issuance -- * in not the leftmost position in dnsName RESOLVED FIXED 2017-10-24T14:14:40Z
1401486 T-Systems/DFN-PKI cablint findings, follow up to T-Systems Bug 1391074 RESOLVED FIXED 2018-01-18T13:14:56Z
1404403 SwissSign: Two certs issued with same issuer and serial number RESOLVED FIXED 2017-10-12T16:54:04Z
1405815 Camerfirma: Certs issued with same issuer and serial number RESOLVED FIXED 2017-10-13T08:25:10Z
1405817 Actalis: Certs issued with same issuer and serial number RESOLVED FIXED 2018-01-18T15:49:40Z
1405826 Trustwave: Certs issued with same issuer and serial number RESOLVED FIXED 2017-10-07T08:39:54Z
1409735 RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone RESOLVED FIXED 2018-02-09T21:58:17Z
1409760 StartCom: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record RESOLVED WONTFIX 2017-11-28T12:14:29Z
1409764 Asseco DS / Certum: CAA mis-issuance on critical flag and unknown CAA tag RESOLVED FIXED 2019-09-17T20:39:40Z
1409766 Asseco DS / Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record RESOLVED FIXED 2019-09-17T20:39:27Z
1409859 Startcom CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone RESOLVED INVALID 2017-11-28T12:17:06Z
1410834 Comodo: CAA Mis-Issuance on basic test case RESOLVED FIXED 2018-05-23T22:19:09Z
1412950 Firmaprofesional: Insufficient Audit Statements RESOLVED FIXED 2019-07-05T11:51:32Z
1413761 Digicert/Symantec: EV JOI Issue RESOLVED FIXED 2017-11-28T12:18:04Z
1417771 DigiCert: Symantec non-constrained/non-disclosed intermediates RESOLVED FIXED 2018-08-27T14:00:16Z
1417777 DigiCert: Insufficient entropy in serial numbers RESOLVED FIXED 2017-11-28T12:19:34Z
1420766 AlphaSSL/Globalsign: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN RESOLVED INVALID 2017-11-29T15:41:06Z
1420858 Comodo: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN RESOLVED FIXED 2017-12-06T15:51:14Z
1420860 Asseco DS / Certum: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN RESOLVED FIXED 2019-09-17T20:36:03Z
1420861 DigitCert/Thawte: CAA Mis-Issuance on mix of wildcard and non-wildcard DNS names in SAN RESOLVED INVALID 2017-11-30T22:14:19Z
1420871 Camerfirma: Potential Mis-Issuance based on CAA records RESOLVED FIXED 2018-01-17T17:58:16Z
1420873 Comodo/cPanel: Potential Mis-Issuance based on CAA records (Sep 28, 2017) RESOLVED INVALID 2017-12-06T17:53:07Z
1423624 Comodo: CAA misissuances due to race condition RESOLVED FIXED 2017-12-20T14:53:35Z
1425805 Consorci AOC: Insufficient Audit Statements RESOLVED FIXED 2019-01-03T21:31:17Z
1425998 Certinomis/Docapost: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-01-16T22:37:43Z
1426009 T-Systems: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-01-04T17:58:05Z
1426233 Camerfirma: Non-BR-Compliant OCSP Responders RESOLVED FIXED 2018-01-04T17:04:02Z
1426238 QuoVadis: Non-BR-Compliant OCSP Responder RESOLVED FIXED 2018-09-24T18:07:08Z
1426247 Telia: Non-BR-Compliant OCSP Responder RESOLVED FIXED 2018-06-27T21:23:24Z
1426249 Trustis: Non-Br-Compliant OCSP Responder RESOLVED FIXED 2018-04-12T18:14:33Z
1428832 Consorci AOC: Problem reporting mechanism for Consorci AOC points to URL with invalid cert RESOLVED FIXED 2018-01-09T16:46:49Z
1428877 SwissSign: Invalid DNSName in SAN RESOLVED FIXED 2019-01-14T16:22:58Z
1428891 Entrust: Non-BR-Compliant OCSP Responder RESOLVED FIXED 2018-01-26T02:43:12Z
1430909 Quovadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA) RESOLVED FIXED 2018-09-24T18:07:08Z
1431164 Camerfirma: Non-BR-Compliant Issuance - Non-printable characters in OU field RESOLVED FIXED 2018-05-24T16:47:45Z
1435770 Asseco DS / Certum: Non-BR-Compliant Issuance - Debian Weak Keys RESOLVED FIXED 2019-09-17T20:39:51Z
1436173 Digicert: SCEE / Justica: Non-BR-Compliant Certificate Issuance RESOLVED FIXED 2018-08-22T17:52:32Z
1439123 GoDaddy: Failure to respond to January 2018 survey RESOLVED FIXED 2018-02-26T16:07:07Z
1439126 Certinomis/Docapost: Failure to respond to January 2018 survey RESOLVED FIXED 2018-05-24T00:15:29Z
1439127 TurkTrust: Failure to respond to January 2018 survey RESOLVED FIXED 2018-05-24T00:15:58Z
1439128 E-Tugra: Failure to respond to January 2018 survey RESOLVED FIXED 2018-05-30T23:13:01Z
1439129 DSV-Gruppe: Failure to respond to January 2018 survey RESOLVED FIXED 2018-05-08T00:00:16Z
1442091 DigiCert: Unrevocation of BT Class 2 CA - G2 CA Certificate RESOLVED FIXED 2019-09-18T20:25:47Z
1443731 SwissSign: Cert issued with a to long validity period RESOLVED FIXED 2018-10-19T20:25:29Z
1443857 Camerfirma: Non-BR-Compliant Issuance - DNSName is empty RESOLVED FIXED 2018-05-17T17:52:09Z
1444455 DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates RESOLVED FIXED 2019-01-03T21:39:32Z
1445857 DigiCert: Mis-issuance of certificate with https in CN/SAN RESOLVED FIXED 2019-09-18T20:09:52Z
1446080 Let's Encrypt: Improper encoding of wildcard certificates RESOLVED FIXED 2018-03-23T00:21:14Z
1446121 IdenTrust: Improper encoding of wildcard certificate RESOLVED FIXED 2018-08-13T20:35:15Z
1447192 DigiCert Onion Certs RESOLVED FIXED 2018-06-03T18:53:15Z
1447497 DocuSign/Keynectis: Outdated audit statements for Class 2 Primary CA RESOLVED WORKSFORME 2018-03-23T23:33:01Z
1448986 Entrust: IP Address in dNSName form RESOLVED FIXED 2019-09-17T20:40:58Z
1449371 E-Tugra: Validity period > 825 days RESOLVED FIXED 2018-04-20T21:23:08Z
1451228 Asseco DS / Certum: EV certificate mis-issue RESOLVED FIXED 2019-09-17T20:39:45Z
1451446 DigiCert: ABB greater than 825 day cert issuance RESOLVED FIXED 2019-02-15T21:24:46Z
1451578 Distrust the WebTrust Audit of EY (HanYoung) South Korea and KPMG (Samjong) South Korea RESOLVED FIXED 2018-09-07T21:08:26Z
1451949 Dhimyotis/Certigna: Intermediate Cert(s) not disclosed in CCADB RESOLVED FIXED 2018-04-10T16:06:01Z
1451950 DigiCert: Intermediate Cert(s) not disclosed in CCADB RESOLVED FIXED 2018-10-12T19:24:48Z
1451953 TeliaSonera: Intermediate Cert(s) Not Disclosed in CCADB RESOLVED FIXED 2018-10-12T18:10:43Z
1452671 SECOM: TSA Certs Issued from Root RESOLVED FIXED 2018-12-14T16:16:09Z
1455119 Firmaprofesional: Undisclosed Intermediate certificate RESOLVED FIXED 2019-01-03T22:38:48Z
1455128 Certicamara: Undisclosed Intermediate certificates RESOLVED FIXED 2019-01-04T16:58:08Z
1455132 SwissSign: Undisclosed Intermediate Certificates RESOLVED FIXED 2018-11-01T16:50:36Z
1455137 T-Systems: Undisclosed Intermediate certificate RESOLVED FIXED 2019-04-02T00:54:17Z
1455147 Camerfirma: Missing audit for Intermediate certificate RESOLVED FIXED 2018-08-08T00:29:24Z
1455150 DigiCert: Missing audits for Intermediate certificates RESOLVED FIXED 2018-08-16T21:53:08Z
1456655 DigiCert / ABB: Issues with DN, country code and keyUsage RESOLVED FIXED 2019-09-15T22:39:25Z
1458038 DocuSign/Keynectis: Missing BR Self Assessment RESOLVED WONTFIX 2019-01-04T20:57:58Z
1458042 Government of Spain (ACCV): Missing BR Self Assessment RESOLVED FIXED 2018-05-23T18:41:53Z
1458064 Firmaprofesional: Missing BR Self Assessment RESOLVED FIXED 2018-05-23T18:42:58Z
1459557 SwissSign: Certificate issue with Signature RESOLVED FIXED 2018-10-19T19:29:09Z
1461391 Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation RESOLVED FIXED 2019-01-04T20:49:48Z
1462423 NetLock: CN not in SAN RESOLVED FIXED 2019-10-04T18:56:03Z
1462735 Let's Encrypt: Case-sensitive CAA tag processing RESOLVED FIXED 2018-05-24T23:58:37Z
1462797 E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString RESOLVED FIXED 2019-02-20T16:59:33Z
1462844 GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString RESOLVED FIXED 2019-01-09T23:36:41Z
1464286 Swisscom: Missing Audits for Unconstrained Intermediate Certificates RESOLVED FIXED 2018-07-18T22:30:38Z
1464335 Firmaprofesional: Undisclosed Intermediate certificate SIGNE RESOLVED FIXED 2019-09-18T21:20:32Z
1464359 Firmaprofesional: Undisclosed Intermediate certificate SDS RESOLVED FIXED 2019-09-18T21:20:11Z
1465600 DigiCert: Invalid Country Code Issuance RESOLVED FIXED 2019-06-28T20:18:33Z
1466252 Cybertrust Japan: three test websites not provided RESOLVED FIXED 2019-02-20T01:38:01Z
1467110 OCSP responding good for non-issued certs by Consorci AOC root already solved RESOLVED DUPLICATE 2018-10-03T21:47:26Z
1467414 GDCA: Misissuance of certificates with small RSA keys RESOLVED FIXED 2019-09-18T21:22:42Z
1468000 Invalid country field for Camerfirma root CA certificates RESOLVED INVALID 2018-06-14T21:42:26Z
1472052 Quovadis: Certificate containing Debian weak key RESOLVED FIXED 2019-01-09T20:16:01Z
1473971 SwissSign: Domain validated certificate but with stateOrProvinceName RESOLVED FIXED 2018-08-31T20:58:40Z
1475115 Telia: Qualified Audit Statements RESOLVED FIXED 2019-02-06T20:40:38Z
1475563 GDCA: Misissuance of certificates with IP address RESOLVED INVALID 2018-07-18T17:09:49Z
1478933 Camerfirma: Qualified Audit Statements RESOLVED FIXED 2019-09-17T20:36:56Z
1481862 Camerfirma: MULTICERT organizationName Too Long RESOLVED FIXED 2019-04-16T22:53:44Z
1483715 DigiCert: improper domain validation RESOLVED FIXED 2018-11-16T22:57:12Z
1484766 GoDaddy: Random Value Vulnerability in Domain Validation RESOLVED FIXED 2019-01-04T21:39:07Z
1485413 Certigna: Issuance without respecting CAA records RESOLVED FIXED 2019-01-04T21:45:05Z
1485851 Visa: Qualified Audit Statements RESOLVED FIXED 2018-10-03T21:18:22Z
1486650 Let's Encrypt: OCSP "unauthorized" responses RESOLVED FIXED 2018-10-12T18:22:32Z
1492006 Sectigo: Failure to revoke within 24 hours RESOLVED FIXED 2019-09-16T18:58:11Z
1493760 QuoVadis: improper countryName format RESOLVED FIXED 2018-10-12T18:25:53Z
1495497 KIR S.A.: Certificates issued with multiple BR violations RESOLVED FIXED 2019-09-16T00:23:52Z
1495507 Government of Spain FNMT: OU exceeds 64 characters RESOLVED FIXED 2019-02-02T01:18:43Z
1495518 Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment) RESOLVED FIXED 2019-09-17T20:35:32Z
1495524 Certinomis: Unqualified Domain Name in SAN RESOLVED FIXED 2019-05-23T19:05:35Z
1496088 Certinomis: certificate for test.com, O=Entreprise TEST RESOLVED FIXED 2019-05-23T19:08:46Z
1497700 DocuSign/Keynectis: Undisclosed Intermediate certificate RESOLVED WONTFIX 2019-01-04T22:10:37Z
1497703 SECOM: Undisclosed intermediate certificates RESOLVED FIXED 2018-11-01T16:39:33Z
1498409 Certicamara: Failure to respond to September 2018 CA Survey RESOLVED FIXED 2019-01-04T21:35:16Z
1498463 T-Systems: Improperly encoded QCStatements extension RESOLVED FIXED 2019-01-29T18:49:50Z
1499585 Digicert: Undisclosed CAs -Federated Trust CA-1 RESOLVED FIXED 2018-11-01T17:24:34Z
1500593 Identrust: Internal names / failure to report RESOLVED FIXED 2019-01-04T22:15:28Z
1500621 Digicert: Internal Domain Name cert mis-issuance RESOLVED FIXED 2018-11-16T23:02:54Z
1503128 Certinomis: email address in DNS SAN RESOLVED FIXED 2019-05-23T19:07:55Z
1503638 WISeKey: Failure to disclose intermediate in CCADB RESOLVED FIXED 2018-11-01T23:17:43Z
1506607 SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier RESOLVED FIXED 2019-05-20T17:43:59Z
1507862 Government of Spain (ACCV): Late Audit Statement RESOLVED FIXED 2019-01-02T23:09:35Z
1509002 Camerfirma: MULTICERT certificates with a validity period greater than 825 days RESOLVED FIXED 2019-04-16T22:52:13Z
1509512 D-TRUST: syntax error in one tls certificate RESOLVED FIXED 2019-02-20T01:22:27Z
1511459 Asseco DS / Certum: Corrupted certificates RESOLVED FIXED 2019-09-17T20:39:21Z
1512018 Entrust: Certificate issued with '-' in ST field RESOLVED FIXED 2019-05-15T00:11:12Z
1512270 Microsec: Validity period greater than 825 days RESOLVED FIXED 2019-02-02T15:12:26Z
1515564 DigiCert: Underscore character certificates RESOLVED DUPLICATE 2018-12-21T17:59:51Z
1515788 DigiCert: Underscores - CVS Pharmacy RESOLVED FIXED 2019-02-15T19:24:57Z
1516453 DigiCert: Underscores - Discover RESOLVED FIXED 2019-02-15T19:25:18Z
1516545 DigiCert: Underscores - Verizon RESOLVED FIXED 2019-03-03T20:28:38Z
1516561 DigiCert: Underscores - Canadian Imperial Bank of Commerce RESOLVED FIXED 2019-02-26T22:13:42Z
1516599 DigiCert: Underscores - Ericsson RESOLVED FIXED 2019-07-31T23:48:08Z
1517617 DigiCert: Underscores - Citi RESOLVED FIXED 2019-07-31T23:48:03Z
1518553 Sectigo: Use of forbidden subjectPublicKeyInfo algorithm RESOLVED FIXED 2019-09-13T17:13:51Z
1518555 DigiCert: Use of forbidden subjectPublicKeyInfo algorithm RESOLVED FIXED 2019-01-15T18:25:22Z
1518560 Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm RESOLVED FIXED 2019-02-19T17:42:51Z
1519260 QuoVadis: Multiple unreported misissuances in 2018 RESOLVED FIXED 2019-04-26T21:15:39Z
1519265 QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs RESOLVED FIXED 2019-02-20T01:35:24Z
1519572 DigiCert: Underscores - Intuit RESOLVED FIXED 2019-05-01T23:26:22Z
1520876 Entrust: Late mis-issue certificate revocation RESOLVED FIXED 2019-02-20T01:28:10Z
1521520 Entrust: Late revocation of underscore certificate RESOLVED FIXED 2019-02-01T03:45:24Z
1521623 Amazon: Failure to comply with RFC 5280 RESOLVED INVALID 2019-02-05T23:01:29Z
1521950 QuoVadis: BR Error - san dns name starts with period RESOLVED FIXED 2019-04-26T21:14:44Z
1522080 T-Systems: DFN-PKI - Non-IDNA 2003 IDNs, violation of RFC 5280 RESOLVED INVALID 2019-02-04T23:34:01Z
1522975 Google Trust Services: Improper OCSP response for intermediate certificate RESOLVED FIXED 2019-09-17T20:41:46Z
1523186 KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days RESOLVED FIXED 2019-09-16T00:19:27Z
1523676 DigiCert: Good OCSP Responses for Revoked Intermediates RESOLVED FIXED 2019-04-04T18:12:09Z
1523680 Actalis: Non BR Compliant OCSP Responder RESOLVED FIXED 2019-02-20T17:33:18Z
1524050 Telia: Misissued certificate - invalid dnsName RESOLVED FIXED 2019-06-28T23:31:27Z
1524094 Certinomis: invalid DNS names in SAN RESOLVED FIXED 2019-05-23T19:09:18Z
1524103 Certinomis: invalid state and locality fields in subject RESOLVED FIXED 2019-08-11T21:22:11Z
1524112 Certinomis: O=POUR TEST in subject RESOLVED FIXED 2019-05-23T19:06:35Z
1524143 CFCA: Internal iPAddress in certificate RESOLVED FIXED 2019-04-08T19:26:05Z
1524195 Asseco DS / Certum: Invalid dnsNames RESOLVED FIXED 2019-07-01T20:30:10Z
1524448 Certinomis: misissued "test" certificates RESOLVED FIXED 2019-05-23T19:06:56Z
1524449 Certinomis: validity period >825 days RESOLVED FIXED 2019-05-23T19:07:29Z
1524451 Certinomis: invalid CDP extension RESOLVED FIXED 2019-05-14T00:00:43Z
1524452 SECOM: certificate for .test TLD RESOLVED FIXED 2019-03-29T16:05:47Z
1524567 Telia: invalid IP value in SAN DNS field RESOLVED FIXED 2019-06-28T23:56:57Z
1524730 Sectigo: invalid dnsName RESOLVED FIXED 2019-08-03T03:40:41Z
1524816 SECOM: failure to revoke underscores RESOLVED FIXED 2019-02-21T22:32:27Z
1524871 Camerfirma: failure to revoke underscores RESOLVED FIXED 2019-09-10T22:27:44Z
1524875 DigiCert: IP in dnsName RESOLVED FIXED 2019-05-17T22:05:40Z
1524876 Entrust: IP in dnsName RESOLVED FIXED 2019-03-01T16:09:50Z
1524877 GlobalSign: IP in dnsName RESOLVED FIXED 2019-02-21T22:38:00Z
1524878 Asseco DS / Certum: IP in dnsName RESOLVED DUPLICATE 2019-09-17T20:36:08Z
1524879 QuoVadis: IP in dnsName RESOLVED FIXED 2019-03-07T21:07:14Z
1525710 Amazon: Test revoked certificates with invalid validity period RESOLVED FIXED 2019-03-04T19:54:07Z
1526099 Identrust: Discrepancy in values of address fields within CN of SSL Certificates RESOLVED FIXED 2019-07-01T20:22:40Z
1526154 DigiCert: Missed Underscore Certificate Revocations RESOLVED FIXED 2019-04-25T00:24:49Z
1527423 DigiCert: P-384,ecdsa-with-SHA512 Certificates RESOLVED FIXED 2019-07-18T00:25:43Z
1528259 Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field RESOLVED FIXED 2019-08-11T00:31:52Z
1528261 Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) RESOLVED FIXED 2019-08-11T00:33:27Z
1528263 Telia: Misissued certificate - Invalid wildcard format RESOLVED FIXED 2019-07-03T23:49:06Z
1528264 Telia: Misissued certificate - Invalid OU value "-" RESOLVED FIXED 2019-06-28T23:18:30Z
1528290 Izenpe: OU > 64 characters RESOLVED FIXED 2019-03-04T16:05:12Z
1530623 QuoVadis: IPaddress in DNSname SAN RESOLVED FIXED 2019-04-26T21:14:01Z
1530718 T-Systems: Invalid SAN Entries RESOLVED FIXED 2019-08-11T00:39:40Z
1530971 Harica: P-384,ecdsa-with-SHA256 Certificates RESOLVED FIXED 2019-05-02T08:20:27Z
1531800 QuoVadis: DarkMatter Insufficient Serial Number Entropy RESOLVED FIXED 2019-04-26T20:51:51Z
1531817 DigiCert: in-addr.arpa Misissuance RESOLVED FIXED 2019-07-01T22:43:48Z
1532105 SECOM: CrossTrust: OU > 64 characters RESOLVED FIXED 2019-08-11T00:28:45Z
1532112 KIR S.A.: O > 64 characters RESOLVED DUPLICATE 2019-03-04T18:46:30Z
1532313 Comodo: Possible CAA Misissuance due against critical record RESOLVED INVALID 2019-03-04T19:19:44Z
1532399 TrustCor: Insufficient Serial Number Entropy RESOLVED FIXED 2019-03-15T18:59:10Z
1532429 CFCA: Invalid TLD in SAN RESOLVED FIXED 2019-06-28T20:27:26Z
1532842 Google Trust Services: 63 bit serial numbers in some certificates RESOLVED FIXED 2019-07-15T19:03:22Z
1533655 DigiCert: Apple: Non-compliant Serial Numbers RESOLVED FIXED 2019-07-20T00:56:21Z
1533899 Quovadis: Insufficient Serial Number Entropy RESOLVED INVALID 2019-03-15T18:53:58Z
1534145 SSL.com: P-384 curve / ecdsa-with-SHA256 certificates RESOLVED FIXED 2019-04-18T20:29:58Z
1534147 SSL.com: Insufficient serial number entropy RESOLVED FIXED 2019-04-11T18:35:49Z
1534295 Actalis: Insufficient serial number entropy RESOLVED FIXED 2019-08-09T16:41:07Z
1534429 Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy RESOLVED FIXED 2019-08-14T07:30:49Z
1534535 QuoVadis / Siemens: Insufficient serial number entropy RESOLVED FIXED 2019-04-01T08:49:55Z
1534580 DFN-PKI: 40 OV certificates with wrong ST RESOLVED FIXED 2019-07-29T16:46:37Z
1535509 HARICA: Insufficient serial number entropy RESOLVED FIXED 2019-03-29T07:03:19Z
1535735 Entrust: Issued Certificates to incorrect Organization RESOLVED FIXED 2019-09-17T20:41:05Z
1535772 HARICA: wrong characters in NC extension of Technically Constrained Intermediate CA Certificates RESOLVED FIXED 2019-04-19T16:55:13Z
1535869 Taiwan-CA: Invalid SAN Entries RESOLVED FIXED 2019-06-28T17:45:38Z
1535871 PKIoverheid: KPN Insufficient Serial Number Entropy RESOLVED FIXED 2019-12-03T04:44:58Z
1535873 GlobalSign: AT&T Insufficient Serial Number Entropy RESOLVED FIXED 2019-04-24T20:39:18Z
1536082 T-Systems: Insufficient serial number entropy RESOLVED FIXED 2019-08-11T04:11:20Z
1536213 ACCV: Insufficient serial number entropy RESOLVED FIXED 2019-07-23T15:55:50Z
1536287 Entrust: AffirmTrust Issuing CA Impacted by EJBCA Serial Number Issue RESOLVED FIXED 2019-09-17T20:40:52Z
1536760 GlobalSign: Virginia Tech Insufficient Serial Number Entropy RESOLVED FIXED 2019-04-08T19:20:07Z
1536831 GDCA: Insufficient Serial Number Entropy RESOLVED FIXED 2019-06-29T00:35:52Z
1538673 Consorci AOC: EC-SECTORPUBLIC insufficient serial number entropy RESOLVED FIXED 2019-04-22T22:09:56Z
1539190 Kamu SM: Insufficient Serial Number Entropy RESOLVED FIXED 2019-05-14T00:32:23Z
1539296 Digicert: KPN Outdated Audit RESOLVED FIXED 2019-06-29T00:30:54Z
1539307 Buypass: Insufficient Serial Number Entropy RESOLVED FIXED 2019-06-28T16:36:43Z
1539358 SECOM: Insufficient Serial Number Entropy RESOLVED FIXED 2019-05-17T17:44:06Z
1539531 Certinomis: certificates with space in dNSName SAN RESOLVED FIXED 2019-05-07T23:09:23Z
1540281 WISeKey: Insufficient Serial Number Entropy RESOLVED FIXED 2019-04-15T17:29:35Z
1540315 QuoVadis: LLB insufficient Serial Number Entropy RESOLVED FIXED 2019-07-01T22:27:39Z
1540961 Atos: Insufficient Serial Number Entropy RESOLVED FIXED 2019-06-29T00:36:27Z
1541064 SwissSign: Error in OrganisationIdentifier in signature/seal certificate RESOLVED FIXED 2019-04-25T18:50:24Z
1542082 Identrust: Failure to disclose Unconstrained intermediate Within 7 Days RESOLVED FIXED 2019-08-11T00:36:21Z
1542302 E-Tugra: Insufficient serial number entropy RESOLVED FIXED 2019-05-01T23:30:32Z
1542328 Certinomis: Invalid TLD in SAN RESOLVED FIXED 2019-05-23T19:04:05Z
1542793 Certinomis: Invalid SAN in a certificate RESOLVED FIXED 2019-05-07T23:04:38Z
1544586 Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. RESOLVED FIXED 2019-08-11T00:41:10Z
1544712 SECOM: certificate for which “OU=-” RESOLVED FIXED 2019-08-11T03:59:14Z
1544722 SECOM: certificate for which “L” and “ST” not set RESOLVED FIXED 2019-07-29T04:25:44Z
1544933 Certinomis: certificates for an unregistered domain, with unknown OCSP status RESOLVED FIXED 2019-05-23T19:04:35Z
1545208 Sectigo: Missing Changelog in CPS RESOLVED FIXED 2019-09-18T03:36:02Z
1546253 GDCA: Authentication of Organization Identity Failure for an OV Certificate RESOLVED FIXED 2019-08-11T00:30:23Z
1546776 SecureTrust: Unvalidated domain in certificate RESOLVED FIXED 2019-08-11T00:35:09Z
1547072 Certinomis: Use of Domain Validation Method 3.2.2.4.5 after August 1, 2018 RESOLVED INVALID 2019-05-10T00:36:48Z
1547691 GlobalSign: AT&T SSL certificates without the AIA extension RESOLVED FIXED 2019-09-15T23:08:05Z
1548713 Sectigo: "Default City" in Subject:localityName RESOLVED FIXED 2019-12-09T16:48:34Z
1548714 SECOM: "Default City" in Subject:localityName RESOLVED FIXED 2019-08-10T23:54:14Z
1548716 DigiCert: Verizon: "Default City" in Subject:localityName RESOLVED FIXED 2019-05-20T22:42:46Z
1548719 DigiCert: Revoked intermediate certificates not in CRL RESOLVED FIXED 2019-08-06T17:44:41Z
1548720 SSL.com: CRL not found - SSL.com-Enterprise-Intermediate-EV-RSA-4096-R1.crl RESOLVED FIXED 2019-06-28T23:28:47Z
1549308 WISeKey: Revocation of multiple intermediate CAs RESOLVED INVALID 2019-05-06T22:58:22Z
1550575 Asseco DS / Certum: commonName not from subjectAltName entries RESOLVED FIXED 2019-07-18T21:28:15Z
1550576 SSL.com: Expired CRLs RESOLVED INVALID 2019-05-13T22:08:57Z
1551357 Certinomis: certificates with invalid DNS SAN RESOLVED FIXED 2019-05-23T19:03:16Z
1551363 DigiCert: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-09-06T16:43:47Z
1551364 SwissSign: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-06-25T23:41:48Z
1551369 Kamu SM: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-07-01T20:14:47Z
1551371 T-Systems: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-07-03T21:10:08Z
1551374 SecureTrust: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-07-24T17:56:25Z
1551375 certSIGN: "Some-State" in stateOrProvinceName RESOLVED FIXED 2019-07-24T22:13:19Z
1551390 Certinomis: 174 certificates with unknown OCSP status RESOLVED FIXED 2019-05-23T19:05:03Z
1552562 Entrust: Question marks in certificate O and L fields RESOLVED FIXED 2019-06-28T16:25:38Z
1552586 GlobalSign: 4 Misissued certificates with invalid CN RESOLVED FIXED 2019-08-11T04:15:08Z
1554259 GlobalSign: SPKI lacks explicit NULL parameter, RESOLVED FIXED 2019-08-10T23:46:27Z
1556948 DigiCert Validation Scope Incident RESOLVED FIXED 2019-11-26T01:34:23Z
1557085 Camerfirma: Intesa Sanpaolo misissued certificates RESOLVED FIXED 2019-08-03T03:38:32Z
1559376 Entrust: Certificate Issued with Incorrect Country Code RESOLVED FIXED 2019-09-05T23:58:08Z
1560234 SECOM: Ambiguity on KeyUsage with ECC public key RESOLVED INVALID 2019-07-29T04:40:48Z
1563574 SECOM: Failure to disclose Unconstrained Intermediate within 7 Days RESOLVED FIXED 2019-09-15T23:45:29Z
1563575 Telia: Failure to disclose Unconstrained Intermediate within 7 Days RESOLVED FIXED 2019-07-22T18:47:09Z
1563772 D-TRUST: Precertificate OU > 64 Characters RESOLVED FIXED 2019-09-17T00:57:27Z
1563917 QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) RESOLVED FIXED 2019-08-10T23:44:21Z
1565494 CFCA: Missed CPS update publication on website in 2018 RESOLVED FIXED 2019-08-15T14:06:59Z
1566162 DigiCert: Failure to supervise ABB Subordinate CA RESOLVED FIXED 2019-09-15T22:55:08Z
1566580 LuxTrust: Overdue Audit Statements 2019 RESOLVED WORKSFORME 2019-07-31T17:42:02Z
1566586 Asseco DS / Certum: Overdue Audit Statements 2019 RESOLVED FIXED 2019-09-17T20:36:19Z
1567060 Sectigo / Web.com: inconsistent disclosure of externally-operated intermediate RESOLVED FIXED 2019-09-16T18:55:06Z
1567062 Asseco DS / Certum: inconsistent disclosure of externally-operated intermediate RESOLVED FIXED 2019-09-17T20:36:34Z
1567588 D-TRUST: incorrectly formatted businessCategory entry RESOLVED FIXED 2019-12-03T03:43:35Z
1567659 Entrust: SHA-1 Issuance and other misissuance while testing RESOLVED FIXED 2019-09-16T18:16:45Z
1569266 Amazon: No Space In Private Organization RESOLVED FIXED 2019-08-10T23:03:35Z
1569651 SwissSign: Misissuance of Leaf Certificates because of incorrect postcode RESOLVED FIXED 2019-12-09T23:23:13Z
1572638 Actalis: Failure to revoke certs within the BR required timeframe RESOLVED FIXED 2019-11-02T17:02:53Z
1572992 Netlock: Failure to provide regular and timely incident updates RESOLVED FIXED 2019-10-04T18:58:09Z
1573490 PKIoverheid: CIBG insufficient serial number entropy RESOLVED FIXED 2019-10-22T04:21:38Z
1574594 Amazon: Revoked Sample Certs - No SANs RESOLVED FIXED 2019-09-17T20:34:58Z
1575125 DigiCert: Apple: Unconstrained CAs not included in WTBR report RESOLVED FIXED 2019-10-18T18:53:56Z
1576133 SECOM: Mis-issued EV Certificates RESOLVED FIXED 2019-09-26T08:14:55Z
1577014 DigiCert OCSP services returns 1 byte RESOLVED FIXED 2019-10-22T17:58:50Z
1577652 Let's Encrypt: OCSP Responder Returned "Unauthorized" for Some Precertificates RESOLVED INVALID 2019-10-05T00:01:44Z
1578417 T-Systems: Issue with Organization field RESOLVED FIXED 2019-10-06T02:15:21Z
1578809 PKIoverheid: Compliance issues CIBG TLS certificates RESOLVED FIXED 2019-09-16T17:31:47Z
1579284 TrustCor: Non-audited intermediate certificates RESOLVED FIXED 2019-10-08T21:37:46Z
1579299 Asseco DS / Certum: non-audited intermediate certificate RESOLVED INVALID 2019-12-09T23:40:59Z
1579413 GlobalSign: OCSP Responder Returns invalid values for Some Precertificates RESOLVED INVALID 2019-10-05T00:04:20Z
1579509 SSL.com: Precertificates without corresponding certificates return OCSP value of "Unknown" RESOLVED INVALID 2019-10-05T00:04:51Z
1579950 QuoVadis: OCSP handling of Certificate Transparency Pre-certs RESOLVED INVALID 2019-10-09T18:12:23Z
1580393 HARICA: OCSP Responder Returned "Unauthorized" for Some Precertificates RESOLVED INVALID 2019-10-05T00:06:04Z
1581234 QuoVadis: EV JOI Issue RESOLVED FIXED 2019-11-02T16:45:55Z
1582519 DigiCert: Apple: Precertificates without corresponding certificates return OCSP value of "unknown" RESOLVED INVALID 2019-10-05T00:06:34Z
1582601 E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit RESOLVED FIXED 2019-11-02T17:54:54Z
1586115 Firmaprofesional / SIGNE: No BR Audit for subCA technically capable of issuing TLS certs RESOLVED FIXED 2019-10-28T18:07:08Z
1586604 DigiCert: TERENA: No localityName in EV precert RESOLVED INVALID 2019-10-09T00:18:43Z
1586792 QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs RESOLVED FIXED 2019-11-02T16:45:36Z
1586847 Microsoft: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy RESOLVED FIXED 2019-11-25T23:18:11Z
1590171 QuoVadis: failure to reply in a timely manner RESOLVED FIXED 2019-11-07T20:55:17Z
1596931 DigiCert: Verizon CPS lacks problem reporting instructions RESOLVED FIXED 2019-12-03T03:16:58Z
1596949 Government of Spain FNMT: CP/CPS lack CAA processing details RESOLVED FIXED 2019-12-03T03:54:37Z
1597135 HARICA: 3 EV TLS Certificates without L or ST RESOLVED FIXED 2019-12-04T18:07:24Z
1598277 Asseco DS / Certum: CA certificates not listed in audit report RESOLVED FIXED 2019-12-03T04:23:48Z
1600301 Asseco DS / Certum: EV Certificates issued with wrong Business Category RESOLVED FIXED 2019-12-09T21:33:05Z

365 Total; 0 Open (0%); 365 Resolved (100%); 0 Verified (0%);


Delayed Revocation

Full Query
ID Summary Status Resolution Last change time
1600158 Asseco DS / Certum: Failure to revoke intermediate certificates within the BR time period RESOLVED FIXED 2019-12-03T04:58:45Z

1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);