Open CA Bugs in Bugzilla

Open CA Compliance Bugs

A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern.

Anyone may create a CA Compliance bug as follows:

https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=CA%20Certificate%20Compliance
Whiteboard = [ca-compliance]

Full Query

ID	Summary	Status	Assigned to	Whiteboard	Last change time
1390990	D-TRUST: Non-BR-Compliant Certificate Issuance	NEW	Arno Fiedler	[ca-compliance] [remediation-accepted] Next Action: 2018-06-16	2018-07-18T17:56:32Z
1391068	Taiwan-CA: Non-BR-Compliant Certificate Issuance	NEW	Robin Lin	[ca-compliance] - Next Update - 15-May 2018	2018-06-07T00:56:36Z
1391074	T-Systems: Non-BR-Compliant Certificate Issuance	NEW	Lothar Eickholt	[ca-compliance]	2018-10-12T04:08:26Z
1397957	DigiCert / CTJ: Metadata in OU fields, Reserved IP Address	NEW	Jeremy Rowley	[ca-compliance] - Next Update - 01-January 2019	2018-06-20T16:22:14Z
1398247	DocuSign/Keynectis: Non-BR-Compliant OCSP Responders	NEW	Erwann Abalea	[ca-compliance]	2018-10-09T22:36:33Z
1409766	Certum: CAA Mis-Issuance on CNAME pointing directly to restrictive CAA record	UNCONFIRMED	Wojciech Trapczyński	[ca-compliance]	2018-10-25T06:05:35Z
1425805	Consorci AOC: Insufficient Audit Statements	UNCONFIRMED	Francesc Ferrer	[ca-compliance] - Next update 30-Sept-2018	2018-10-01T12:33:49Z
1428877	SwissSign: Invalid DNSName in SAN	NEW	Mike Guenther	[ca-compliance]	2018-11-02T15:58:32Z
1444455	DocuSign/Keynectis: Non-Compliant Technically Constrained Intermediates	NEW	Erwann Abalea	[ca-compliance]	2018-07-10T07:52:23Z
1448986	Entrust - IP Address in dNSName form	UNCONFIRMED	Bruce Morton	[ca-compliance] - Next Update - 01-February 2019	2018-08-03T16:52:18Z
1452671	SECOM: TSA Certs Issued from Root	NEW	Hisashi Kamo	[ca-compliance]	2018-11-15T08:30:02Z
1455119	Firmaprofesional: Undisclosed Intermediate certificate	NEW	chemalogo	[ca-compliance]	2018-05-31T19:02:35Z
1455128	Certicamara: Undisclosed Intermediate certificates	NEW	Leonardo Maldonado	[ca-compliance]	2018-10-23T21:23:54Z
1455137	T-Systems: Undisclosed Intermediate certificate	NEW	Bernd	[ca-compliance]	2018-06-29T18:25:26Z
1456655	ABB issues with DN, country code and keyUsage	UNCONFIRMED	Brenda Bernal	[ca-compliance] - Next Update - 01-October 2018	2018-10-12T13:30:52Z
1458038	DocuSign/Keynectis: Missing BR Self Assessment	NEW	Erwann Abalea	[ca-compliance]	2018-07-17T22:07:46Z
1461391	Comodo: Misissuance using "CNAME CSR Hash 2" method of domain control validation	ASSIGNED	Robin Alden	[ca-compliance]	2018-10-23T20:36:43Z
1462423	NetLock: CN not in SAN	UNCONFIRMED	Varga Viktor	[ca-compliance]	2018-05-17T23:18:19Z
1462797	E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString	NEW	Davut Tokgöz	[ca-compliance]	2018-06-13T20:42:19Z
1462844	GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString	NEW	Daymion Reynolds	[ca-compliance]	2018-09-10T17:52:05Z
1463975	[GRCA] Misissued certificates: Invalid commonName, commonName not in SAN	NEW	National Development Council	[ca-compliance]	2018-05-25T00:00:35Z
1466252	Cybertrust Japan: three test websites not provided	NEW	Wayne Thayer [:wayne]	[ca-compliance] - Next update 19-Oct-2018	2018-10-23T00:38:55Z
1468477	QuoVadis (Freistaat Bayern): Non-BR-compliant Key Usage	NEW	Stephen Davidson	[ca-compliance] - Next Update - 01-July 2018	2018-09-24T18:07:07Z
1472052	Quovadis: Certificate containing Debian weak key	NEW	Stephen Davidson	[ca-compliance]	2018-09-24T18:07:06Z
1475115	Telia: Qualified Audit Statements	NEW	pekka.lahtiharju	[ca-compliance]	2018-09-06T21:41:03Z
1478933	Camerfirma, Qualified Audit Statements	UNCONFIRMED	Juan Angel Martin	[ca-compliance] - Next Update - 01-February 2019	2018-10-31T22:34:50Z
1481862	Camerfirma: organizationName Too Long	REOPENED	Juan Angel Martin	[ca-compliance]	2018-09-26T22:25:24Z
1484766	GoDaddy: Random Value Vulnerability in Domain Validation	NEW	Daymion Reynolds	[ca-compliance]	2018-10-25T13:09:47Z
1485413	Certigna: Issuance without respecting CAA records	NEW	Josselin Allemandou	[ca-compliance]	2018-09-16T22:04:44Z
1492006	Comodo: Failure to revoke within 24 hours	NEW	Robin Alden	[ca-compliance]	2018-10-23T20:37:16Z
1495497	KIR S.A.: Certificates issued with multiple BR violations	NEW	Piotr Grabowski	[ca-compliance]	2018-10-11T22:30:42Z
1495507	Government of Spain FNMT: OU exceeds 64 characters	NEW	Rafa Medina	[ca-compliance]	2018-11-05T18:00:32Z
1495518	Assecco DS / Certum: Unallowed key usage for EC public key (Key Encipherment)	NEW	Wojciech Trapczyński	[ca-compliance] - Next Update - 01-July 2019	2018-10-25T06:08:58Z
1495524	Certinomis: Unqualified Domain Name in SAN	NEW	Franck Leroy	[ca-compliance] - Next Update - 01-January 2019	2018-10-30T05:10:00Z
1496088	Certinomis: certificate for test.com, O=Entreprise TEST	UNCONFIRMED	Franck Leroy	[ca-compliance]	2018-11-13T10:42:56Z
1496616	Consorci: Qualified audit statements	NEW	Francesc Ferrer	[ca-compliance]	2018-10-15T10:18:32Z
1497700	DocuSign/Keynectis: Undisclosed Intermediate certificate	NEW	Erwann Abalea	[ca-compliance]	2018-10-09T22:28:55Z
1498409	Certicamara: Failure to respond to September 2018 CA Survey	NEW	Leonardo Maldonado	[ca-compliance]	2018-10-23T21:23:54Z
1498463	T-Systems: Improperly encoded QCStatements extension	NEW	Bernd	[ca-compliance]	2018-11-12T16:27:32Z
1500593	Identrust: Internal names / failure to report	NEW	roots	[ca-compliance]	2018-10-19T20:46:40Z
1502957	Camerfirma: MULTICERT Misissuance and missing audits	NEW	Juan Angel Martin	[ca-compliance]	2018-11-15T22:42:06Z
1503128	Certinomis: email address in DNS SAN	UNCONFIRMED	Franck Leroy	[ca-compliance]	2018-11-13T11:36:52Z
1506607	SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier	UNCONFIRMED	Mike Guenther	[ca-compliance] Next Update - 2018-11-16	2018-11-16T15:19:01Z
1507376	TÜViT: Issues with T-Systems Audits	NEW	Matthias Wiedenhorst	[auditor-compliance]	2018-11-16T14:44:35Z
1507862	Government of Spain (ACCV): Late Audit Statement	NEW	Jose Amador	[ca-compliance]	2018-11-16T18:01:38Z

45 Total; 45 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Closed CA Bugs

Closed CA Compliance Bugs

A historical view of past CA compliance bugs may be found here:

https://wiki.mozilla.org/CA/Closed_Incidents

CA/Incident Dashboard

Contents

Open CA Bugs in Bugzilla

Open CA Compliance Bugs

Closed CA Bugs

Closed CA Compliance Bugs

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools