CA/Incident Dashboard

From MozillaWiki
< CA
Jump to: navigation, search

Open CA Bugs in Bugzilla

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern.

Anyone may create a CA Compliance bug as follows:

Full Query
ID Summary Status Assigned to Whiteboard Last change time
1456655 DigiCert / ABB: Issues with DN, country code and keyUsage ASSIGNED Brenda Bernal [ca-compliance] 2019-07-15T23:50:48Z
1462423 NetLock: CN not in SAN ASSIGNED Varga Viktor [ca-compliance] Next Update - 1-June-2019 2019-07-17T15:08:04Z
1463975 GRCA: Misissued certificates: Invalid commonName, commonName not in SAN ASSIGNED National Development Council [ca-compliance] 2019-07-15T17:00:21Z
1468477 QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage ASSIGNED Stephen Davidson [ca-compliance] Next Update - 01-January 2020 2019-07-11T16:33:16Z
1492006 Sectigo: Failure to revoke within 24 hours ASSIGNED Robin Alden [ca-compliance] - Next Update - 01-August 2019 2019-07-19T15:05:09Z
1495497 KIR S.A.: Certificates issued with multiple BR violations ASSIGNED Piotr Grabowski [ca-compliance] 2019-07-11T16:33:20Z
1496616 Consorci: Qualified audit statements ASSIGNED Francesc Ferrer [ca-compliance] Next Update - 01-January 2020 2019-07-11T16:33:23Z
1502957 Camerfirma: MULTICERT Misissuance and missing audits ASSIGNED Juan Angel Martin [ca-compliance] - Next Update - 07-March 2019 2019-07-11T16:33:25Z
1518553 Sectigo: Use of forbidden subjectPublicKeyInfo algorithm ASSIGNED Robin Alden [ca-compliance] 2019-07-19T18:10:48Z
1520299 Hongkong Post / Certizen: Failure to report misissuance ASSIGNED Man Ho [ca-compliance] 2019-07-16T14:42:50Z
1523186 KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days ASSIGNED Piotr Grabowski [ca-compliance] - Next Update - 03-March 2019 2019-07-11T16:33:30Z
1523221 GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions ASSIGNED National Development Council [ca-compliance] 2019-07-11T16:33:31Z
1524730 Sectigo: invalid dnsName ASSIGNED Robin Alden [ca-compliance] 2019-07-19T15:06:20Z
1524733 CFCA: invalid dnsNames ASSIGNED Jonathan Sun [ca-compliance] 2019-07-11T16:33:34Z
1524815 GoDaddy: failure to revoke underscores ASSIGNED Joanna [ca-compliance] 2019-07-22T13:49:31Z
1524871 Camerfirma: failure to revoke underscores ASSIGNED Eusebio Herrera [ca-compliance] - 15-August 2019 2019-07-11T16:33:37Z
1528259 Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field ASSIGNED pekka.lahtiharju [ca-compliance] 2019-07-11T16:33:40Z
1528261 Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld) ASSIGNED pekka.lahtiharju [ca-compliance] 2019-07-11T16:33:42Z
1530718 T-Systems: Invalid SAN Entries ASSIGNED Arnold Essing [ca-compliance] 2019-07-11T16:33:44Z
1532105 SECOM: CrossTrust: OU > 64 characters ASSIGNED Hisashi Kamo [ca-compliance] 2019-07-19T10:19:31Z
1532113 CFCA: O > 64 characters ASSIGNED Oliver Bi [ca-compliance] - Next Update - 01-August 2019 2019-07-16T18:27:36Z
1532333 Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate ASSIGNED Eusebio Herrera [ca-compliance] 2019-07-19T21:06:47Z
1532436 Chunghwa Telecom: Test certificate with unregistered domain name ASSIGNED Li-Chun CHEN [ca-compliance] - 14-October 2019 2019-07-15T15:12:07Z
1532559 CFCA: Wrong SerialNumber encoding ASSIGNED Jonathan Sun [ca-compliance] 2019-07-19T04:08:48Z
1533774 GoDaddy: Insufficient serial number entropy ASSIGNED Joanna [ca-compliance] 2019-07-22T13:45:43Z
1534295 Actalis: Insufficient serial number entropy ASSIGNED ADRIANO SANTONI [ca-compliance] - Next Update - 27-July 2019 2019-07-23T13:06:15Z
1534429 Camerfirma: Multicert SSL CA 001: Insufficient serial number entropy ASSIGNED [ca-compliance] - Next Update - 01-July 2019 2019-07-15T17:21:12Z
1534580 DFN-PKI: 40 OV certificates with wrong ST ASSIGNED Jürgen Brauckmann [ca-compliance] - Next Update - 03-August 2019 2019-07-23T17:30:12Z
1535871 PKIoverheid: KPN Insufficient Serial Number Entropy ASSIGNED Jochem van den Berge [ca-compliance] 2019-07-23T14:53:27Z
1536082 T-Systems: Insufficient serial number entropy ASSIGNED Arnold Essing [ca-compliance] 2019-07-11T16:36:45Z
1538638 Firmaprofesional: AC Firmaprofesional - INFRAESTRUCTURA insufficient serial number entropy ASSIGNED chemalogo [ca-compliance] 2019-07-22T18:51:11Z
1542082 Identrust: Failure to disclose Unconstrained intermediate Within 7 Days ASSIGNED roots [ca-compliance] 2019-07-11T16:36:48Z
1544586 Government of Spain FNMT: Findings in 2019 Audit Statement, including domain validation methods, CAA, etc. ASSIGNED alain [ca-compliance] 2019-07-11T16:36:49Z
1544712 SECOM: certificate for which “OU=-” ASSIGNED Hisashi Kamo [ca-compliance] 2019-07-18T08:46:01Z
1545208 Sectigo: Missing Changelog in CPS ASSIGNED Robin Alden [ca-compliance] - Next Update - 20-July 2019 2019-07-19T19:36:59Z
1546253 GDCA: Authentication of Organization Identity Failure for an OV Certificate ASSIGNED capoc [ca-compliance] 2019-07-11T16:36:54Z
1546776 SecureTrust: Unvalidated domain in certificate ASSIGNED fcorday [ca-compliance] 2019-07-11T16:36:55Z
1547691 GlobalSign: AT&T SSL certificates without the AIA extension ASSIGNED douglas.beattie [ca-compliance] - Next Update - 01-August 2019 2019-07-11T16:36:56Z
1548713 Sectigo: "Default City" in Subject:localityName ASSIGNED Robin Alden [ca-compliance] 2019-07-19T19:22:51Z
1548714 SECOM: "Default City" in Subject:localityName ASSIGNED Hisashi Kamo [ca-compliance] - Next Update - 01-July 2019 2019-07-11T16:36:57Z
1548719 DigiCert: Revoked intermediate certificates not in CRL ASSIGNED Stephen Davidson [ca-compliance] 2019-07-11T16:37:02Z
1549861 Camerfirma: Outdated audit statements for intermediate certs ASSIGNED Eusebio Herrera [ca-compliance] 2019-07-11T16:37:04Z
1549862 Entrust: Outdated audit statement for intermediate cert ASSIGNED Bruce Morton [ca-compliance] 2019-07-11T16:37:05Z
1550645 Digicert: CAA Checking Issue ASSIGNED Brenda Bernal [ca-compliance] 2019-07-17T15:02:57Z
1551362 Sectigo: "Some-State" in stateOrProvinceName ASSIGNED Robin Alden [ca-compliance] - Next Update - 31-July 2019 2019-07-19T15:07:12Z
1551363 DigiCert: "Some-State" in stateOrProvinceName ASSIGNED Brenda Bernal [ca-compliance] Next Update - 01-September 2019 2019-07-17T15:28:17Z
1551372 Telia: "Some-State" in stateOrProvinceName ASSIGNED pekka.lahtiharju [ca-compliance] - Next Update - 01-October 2019 2019-07-11T16:37:09Z
1551374 SecureTrust: "Some-State" in stateOrProvinceName ASSIGNED fcorday [ca-compliance] 2019-07-11T16:37:11Z
1551375 certSIGN: "Some-State" in stateOrProvinceName ASSIGNED Cristian Garabet [ca-compliance] Next Update - 25-July 2019 2019-07-11T16:37:12Z
1552586 GlobalSign: 4 Misissued certificates with invalid CN ASSIGNED douglas.beattie [ca-compliance] 2019-07-11T16:37:13Z
1554259 GlobalSign: SPKI lacks explicit NULL parameter, ASSIGNED douglas.beattie [ca-compliance] 2019-07-17T15:04:34Z
1556806 Camerfirma: Inforcert misissued certificates ASSIGNED Eusebio Herrera [ca-compliance] 2019-07-23T17:12:28Z
1556906 DigiCert: Apple: Non-compliant Common Name Length ASSIGNED certification_authority [ca-compliance] - Next Update - 01-August 2019 2019-07-17T15:29:37Z
1556948 DigiCert Validation Scope Incident ASSIGNED Jeremy Rowley [ca-compliance] Next Update - 01-October 2019 2019-07-17T15:31:08Z
1557085 Camerfirma: Intesa Sanpaolo misissued certificates ASSIGNED Eusebio Herrera [ca-compliance] 2019-07-15T17:33:22Z
1558552 SwissSign: CP/CPS certificate profile issue ASSIGNED Mike Guenther [ca-compliance] Next Update - 23-July 2019 2019-07-23T14:58:18Z
1559376 Entrust: Certificate Issued with Incorrect Country Code ASSIGNED Dathan Demone [ca-compliance] 2019-07-11T16:37:29Z
1559765 Izenpe: Multiple invalid EV certificates issued ASSIGNED o-garcia [ca-compliance] - Next Update - 01-December 2019 2019-07-17T07:24:51Z
1561013 Entrust: Certificate issued with validity greater than 825-days ASSIGNED Bruce Morton [ca-compliance] 2019-07-20T02:22:46Z
1563573 DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days ASSIGNED Brenda Bernal [ca-compliance] 2019-07-19T17:17:23Z
1563574 SECOM: Failure to disclose Unconstrained Intermediate within 7 Days ASSIGNED Hisashi Kamo [ca-compliance] - Next Update - 27-July 2019 2019-07-23T18:04:32Z
1563579 Sectigo: Failure to provide timely incident reports ASSIGNED Robin Alden [ca-compliance] 2019-07-19T19:26:31Z
1563772 D-TRUST: Precertificate OU > 64 Characters ASSIGNED Enrico Entschew [ca-compliance] Next Update - 24-July 2019 2019-07-17T15:24:54Z
1563917 QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17) ASSIGNED Stephen Davidson [ca-compliance] - Next Update - 30-July 2019 2019-07-23T08:15:43Z
1565270 Telia: Qualified BR Audit Statement ASSIGNED pekka.lahtiharju [ca-compliance] Qualified BR Audit 2019-07-15T17:32:10Z
1565494 CFCA: Missed CPS update publication on website in 2018 ASSIGNED Oliver Bi [ca-compliance] 2019-07-15T17:12:21Z
1566162 DigiCert: Failure to supervise ABB Subordinate CA ASSIGNED Jeremy Rowley [ca-compliance] 2019-07-17T21:55:48Z
1566580 LuxTrust: Overdue Audit Statements 2019 ASSIGNED Yves Nullens [ca-compliance] Overdue Audits for root certs 2019-07-17T20:02:56Z
1566586 Asseco/Certum: Overdue Audit Statements 2019 ASSIGNED Wojciech Trapczyński [ca-compliance] Overdue Audits for root certs 2019-07-23T18:02:05Z
1567060 Sectigo / inconsistent disclosure of externally-operated intermediate ASSIGNED Robin Alden [ca-compliance] 2019-07-22T15:44:11Z
1567061 GoDaddy / Amazon Trust Services: inconsistent disclosure of externally-operated intermediate ASSIGNED Joanna [ca-compliance] 2019-07-22T15:44:47Z
1567062 Asseco / inconsistent disclosure of externally-operated intermediate ASSIGNED Wojciech Trapczyński [ca-compliance] 2019-07-19T12:23:24Z
1567456 T-Systems: "Some-State" comparable issues ASSIGNED Arnold Essing [ca-compliance] Next Update - 08-August 2019 2019-07-22T15:44:41Z
1567588 D-TRUST: incorrectly formatted businessCategory entry ASSIGNED Enrico Entschew [ca-compliance] 2019-07-23T19:14:35Z
1567659 Entrust: SHA-1 Issuance and other misissuance while testing ASSIGNED Bruce Morton [ca-compliance] 2019-07-22T15:44:01Z

75 Total; 75 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here: