CA/Incident Dashboard: Difference between revisions
< CA
Jump to navigation
Jump to search
m (added creation-time column) |
(→Open CA Compliance Bugs: Changed query) |
||
| Line 20: | Line 20: | ||
"f3": "status_whiteboard", | "f3": "status_whiteboard", | ||
"o3": "nowordssubstr", | "o3": "nowordssubstr", | ||
"v3": " | "v3": "leaf-revocation-delay", | ||
"o4": "nowordssubstr", | "o4": "nowordssubstr", | ||
"v4": "audit-delay", | "v4": "audit-delay", | ||
"include_fields": "summary, id, status, assigned_to, whiteboard, last_change_time, creation_time", | "include_fields": "summary, id, status, assigned_to, whiteboard, last_change_time, creation_time", | ||
"order": "short_desc | "order": "short_desc ASC" | ||
} | } | ||
</bugzilla> | </bugzilla> | ||
Revision as of 22:33, 2 February 2024
Open CA Bugs in Bugzilla
Open CA Compliance Bugs
A CA compliance bug relates to a concern about a CA's certificates failing to comply with Mozilla's CA Certificate Policy and/or the CA/Browser Forum's Baseline Requirements, and is determined to not be an imminent security concern. A CA's response to CA compliance bug includes providing an Incident Report in the bug.
Anyone may create a CA Compliance bug as follows:
- https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=CA%20Certificate%20Compliance&version=other
- Whiteboard = [ca-compliance]
- If the issue is due to mandated restrictions regarding COVID-19, use Whiteboard = [ca-compliance][covid-19]
| Summary | ID | Status | Assigned to | Whiteboard | Last change time | Creation time |
|---|---|---|---|---|---|---|
| Agencia Notarial de Certificacion (ANCERT): Missing Contact Information in CCADB | 2015562 | UNCONFIRMED | [ca-compliance] [disclosure-failure] | 2026-03-24T06:57:52Z | 2026-02-09T18:36:46Z | |
| Asseco DS / Certum: CRL URLs disclosed in CCADB do not exactly match the CRL URLs in certificates | 2007105 | ASSIGNED | Kateryna Aleksieieva | [close on 2026-03-30] [ca-compliance] [disclosure-failure] | 2026-03-23T14:49:12Z | 2025-12-19T13:32:26Z |
| Asseco DS / Certum: Finding in Routine WebTrust Audit – S/MIME certificates issued with mailbox validation older than 30 days | 2021685 | ASSIGNED | Kateryna Aleksieieva | [ca-compliance] [smime-misissuance] Next update 2026-04-20 | 2026-03-27T17:07:43Z | 2026-03-07T10:05:43Z |
| Buypass: Findings in 2025 ETSI Audit - Audit Incident Report #1 - Compliance auditing on support processes | 2005194 | ASSIGNED | Mads Henriksveen | [ca-compliance] [audit-finding] Next update 2026-04-08 | 2026-03-16T14:40:11Z | 2025-12-10T13:20:20Z |
| Buypass: Findings in 2025 ETSI Audit - Audit Incident Report #2 - Supply chain policy | 2005196 | ASSIGNED | Mads Henriksveen | [ca-compliance] [audit-finding] Next update 2026-04-08 | 2026-03-16T14:39:39Z | 2025-12-10T13:22:48Z |
| Byte Computer: Missing Contact Information in CCADB | 2015563 | ASSIGNED | Spyros Kollias | [ca-compliance] [disclosure-failure] | 2026-03-19T01:24:18Z | 2026-02-09T18:36:51Z |
| Carillon Information Security: Missing Contact Information in CCADB | 2015564 | ASSIGNED | Lyne Brosseau | [ca-compliance] [disclosure-failure] | 2026-03-19T01:06:25Z | 2026-02-09T18:37:02Z |
| Certicamara: Missing Contact Information in CCADB | 2015565 | ASSIGNED | Direccion TICS | [ca-compliance] [disclosure-failure] | 2026-03-19T01:24:29Z | 2026-02-09T18:37:08Z |
| certSIGN: certificates with delayed SCT signature | 2016672 | ASSIGNED | Gabriel PETCU | [close on 2026-03-30] [ca-compliance] [ov-misissuance] | 2026-03-23T14:56:11Z | 2026-02-13T11:01:07Z |
| certSIGN: delay in updating a Bugzilla ticket | 2025318 | ASSIGNED | Gabriel PETCU | [ca-compliance] [policy-failure] | 2026-03-23T15:03:58Z | 2026-03-23T13:55:28Z |
| Chunghwa Telecom: Test Website certificate not revoked | 2025231 | ASSIGNED | Tsung-Min Kuo | [ca-compliance] [policy-failure] | 2026-03-23T15:01:06Z | 2026-03-23T03:23:44Z |
| D-Trust: CRL HTTP Media Type | 2012511 | ASSIGNED | Ana Laura Martorano | [ca-compliance] [crl-failure] | 2026-03-27T17:02:37Z | 2026-01-26T16:16:11Z |
| D-Trust: CRL URL Disclosure | 2007116 | ASSIGNED | Ana Laura Martorano | [ca-compliance] [disclosure-failure] | 2026-03-27T07:38:54Z | 2025-12-19T14:22:17Z |
| D-Trust: Delayed publication of audit attestation letters in the CCADB | 2011430 | ASSIGNED | Ana Laura Martorano | [ca-compliance] [audit-delay] | 2026-03-27T07:39:44Z | 2026-01-20T14:51:29Z |
| D-Trust: Expired certificate provided on the CA TLS test website for demonstration of valid certificates | 2009149 | ASSIGNED | Ana Laura Martorano | [ca-compliance] [policy-failure] | 2026-03-27T08:39:41Z | 2026-01-08T12:14:02Z |
| D-Trust: TLS Precertificates Exceeding the Maximum Validity Period Allowed by the TLS Baseline Requirements | 2023458 | ASSIGNED | Enrico Entschew | [ca-compliance] [__-misissuance] | 2026-03-27T13:19:40Z | 2026-03-15T21:03:13Z |
| DigiCert: CAA processing during network disruption | 2017185 | ASSIGNED | DigiCert | [ca-compliance] [dv-misissuance] [ov-misissuance] [ev-misissuance] | 2026-03-26T21:31:59Z | 2026-02-16T19:53:36Z |
| Echoworx: Missing Contact Information in CCADB | 2015566 | ASSIGNED | Echoworx | [ca-compliance] [disclosure-failure] | 2026-02-10T21:19:01Z | 2026-02-09T18:37:14Z |
| Financijska agencija (Fina): Mis-issued certificates | 1986968 | ASSIGNED | miroslav.perincic | [ca-compliance] [dv-misissuance] | 2026-03-24T16:07:17Z | 2025-09-04T16:47:06Z |
| Firmaprofesional: Delayed initial incident reporting for Bug 2016475 (72-hour preliminary and 14-day full report timing) | 2025536 | ASSIGNED | ext-antoni.camon | [ca-compliance] [policy-failure] | 2026-03-25T02:56:30Z | 2026-03-23T17:41:52Z |
| Firmaprofesional: Delayed preliminary response under BR 4.9.5 (Bug #2009941) | 2016066 | ASSIGNED | ext-antoni.camon | [close on 2026-03-30] [ca-compliance] [policy-failure] | 2026-03-23T14:50:28Z | 2026-02-11T10:36:54Z |
| Firmaprofesional: Delayed revocation disclosure of TLS Subordinate CA certificate Secure Web 2024 in CCADB | 2016475 | ASSIGNED | ext-antoni.camon | [ca-compliance] [disclosure-failure] | 2026-03-23T17:54:35Z | 2026-02-12T16:15:17Z |
| Firmaprofesional: Delayed weekly updates and responses on open incident reports | 2025538 | UNCONFIRMED | ext-antoni.camon | [ca-compliance] [policy-failure] | 2026-03-25T02:57:05Z | 2026-03-23T17:46:59Z |
| Firmaprofesional: Misissuance of TLS Subordinate CA "AC Firmaprofesional - Secure Web 2024" | 2009941 | ASSIGNED | ext-antoni.camon | [ca-compliance] [ca-misissuance] | 2026-03-23T17:57:33Z | 2026-01-13T10:59:12Z |
| GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates | 2007216 | ASSIGNED | Steven Deitte | [ca-compliance] [disclosure failure] Next update 2026-04-03 | 2026-03-16T15:11:07Z | 2025-12-20T00:13:07Z |
| GoDaddy: Partitioned CRL files missing Issuing Distribution Point | 2007217 | ASSIGNED | Steven Deitte | [ca-compliance] [disclosure failure] | 2026-03-27T18:12:31Z | 2025-12-20T00:15:11Z |
| Google Trust Services: Outdated BR version in some validation records | 2017747 | ASSIGNED | Google Trust Services | [ca-compliance] [policy-failure] Next update 2026-03-31 | 2026-03-04T16:11:59Z | 2026-02-18T21:48:20Z |
| Government of Saudi Arabia, NIC (SDAIA): Missing Contact Information in CCADB | 2015567 | ASSIGNED | Ammar | [ca-compliance] [disclosure-failure] | 2026-03-26T10:46:34Z | 2026-02-09T18:37:18Z |
| HARICA: Incorrect nCAId in PSD2 QCStatement for QWACs | 2017845 | ASSIGNED | HARICA | [ca-compliance] Next update 2026-04-24 | 2026-03-27T17:04:32Z | 2026-02-19T12:11:13Z |
| IdenTrust: Cross-signed root certificate mis-issuance | 2014609 | ASSIGNED | IdenTrust | [ca-compliance] [ca-misissuance] | 2026-03-24T22:44:03Z | 2026-02-05T00:30:24Z |
| IdenTrust: Delay in updating a Bug 2014609 - Next update | 2025595 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:57:41Z | 2026-03-23T21:52:21Z |
| IdenTrust: Delay in updating a Bug 2016585 - Action item | 2025598 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:58:58Z | 2026-03-23T22:03:01Z |
| IdenTrust: Delay in updating a Bug 2016585 - Next update | 2025597 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:58:32Z | 2026-03-23T21:58:39Z |
| IdenTrust: Delay in updating a Bugzilla ticket Bug 2014610 - Next update | 2025596 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:58:04Z | 2026-03-23T21:55:59Z |
| IdenTrust: Full Incident Report for Bug 2014609 was not published within 14 days of discovering the issue | 2025913 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:59:28Z | 2026-03-24T17:14:57Z |
| IdenTrust: Full Incident Report for bug 2014610 was not published within 14 days of discovering the issue | 2025914 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T02:59:55Z | 2026-03-24T17:18:17Z |
| IdenTrust: Full Incident Report for bug 2016585 was not published within 14 days of discovering the issue | 2025917 | ASSIGNED | IdenTrust | [ca-compliance] [policy-failure] | 2026-03-25T03:00:23Z | 2026-03-24T17:24:01Z |
| IdenTrust: Gap between audit periods | 2016267 | ASSIGNED | IdenTrust | [ca-compliance] [audit-failure] | 2026-03-25T21:30:15Z | 2026-02-11T22:48:59Z |
| Identrust: Root CrossSign, of dedicated Roots, missing EKU | 2026351 | ASSIGNED | IdenTrust | [ca-compliance] | 2026-03-26T19:01:51Z | 2026-03-25T20:46:40Z |
| IdenTrust: Root OCSP Signer certificate mis-issuance | 2014610 | ASSIGNED | IdenTrust | [ca-compliance] [uncategorized] | 2026-03-24T22:47:22Z | 2026-02-05T00:38:27Z |
| IdenTrust: Test Certificates from cross-signed roots not disclosed in CT Logs | 2016585 | ASSIGNED | IdenTrust | [ca-compliance] [uncategorized] | 2026-03-24T22:51:43Z | 2026-02-12T23:13:02Z |
| IdenTrust: Unauthorized OCSP responses for cross-signed roots | 2014590 | ASSIGNED | IdenTrust | [ca-compliance] [ocsp-failure] | 2026-03-25T21:29:35Z | 2026-02-04T22:52:56Z |
| iTrusChina: Failure to Provide Regular Incident Update | 2025248 | ASSIGNED | iTrusChina Co.,Ltd. | [ca-compliance] [policy-failure] | 2026-03-25T07:56:55Z | 2026-03-23T08:05:43Z |
| iTrusChina: Failure to Respond to Feb 2026 Chrome Root Program Survey | 2020899 | ASSIGNED | iTrusChina Co.,Ltd. | [ca-compliance] [disclosure-failure] | 2026-03-23T07:37:16Z | 2026-03-04T07:18:19Z |
| iTrusChina: Finding in Routine WebTrust Audit - Domain validation records without the TLS BR version | 2013805 | ASSIGNED | iTrusChina Co.,Ltd. | [ca-compliance] [audit-finding] | 2026-03-23T08:37:54Z | 2026-02-02T02:51:31Z |
| Microsoft PKI Services: Failure to report Bugzilla 2026452 within 72 hrs | 2026453 | ASSIGNED | Microsoft PKI Services | [ca-compliance] [policy-failure] | 2026-03-26T19:02:50Z | 2026-03-26T02:12:06Z |
| Microsoft PKI Services: Failure to update action item status within 3 days | 2021175 | ASSIGNED | Microsoft PKI Services | [close on 2026-04-02] [ca-compliance] [policy-failure] | 2026-03-27T02:58:32Z | 2026-03-05T00:48:22Z |
| Microsoft PKI Services: Policy document bug | 1962829 | ASSIGNED | Microsoft PKI Services | [ca-compliance] [policy-failure] | 2026-03-27T20:47:45Z | 2025-04-26T02:10:29Z |
| Microsoft PKI Services: Failure to publish Full Incident Report for Bugzilla 2021175 within 14 days | 2026452 | ASSIGNED | Microsoft PKI Services | [ca-compliance] [policy-failure] | 2026-03-26T19:02:21Z | 2026-03-26T02:05:32Z |
| Microsoft PKI Services: OCSP Non-Compliance | 1999850 | ASSIGNED | Microsoft PKI Services | [ca-compliance] [ocsp-failure] Next update 2026-04-24 | 2026-02-19T17:29:22Z | 2025-11-13T01:29:14Z |
| Netlock: CA in AIA in PEM format | 2004699 | ASSIGNED | Roland | [ca-compliance] [policy-failure] | 2026-03-23T22:44:30Z | 2025-12-08T13:50:23Z |
| NETLOCK: did not file a preliminary incident report or respond to a third-party report within the 72-hour timeframe | 2013400 | ASSIGNED | Roland | [ca-compliance] [policy-failure] | 2026-03-26T20:42:38Z | 2026-01-29T20:56:39Z |
| NETLOCK: Full Incident Report was not published within 14 days of notification | 2007948 | ASSIGNED | Roland | [ca-compliance] [disclosure failure] | 2026-03-23T20:13:25Z | 2025-12-29T20:30:46Z |
| NETLOCK: Missing Related Incidents section in the bug report | 2013395 | ASSIGNED | Roland | [ca-compliance] [policy-failure] | 2026-03-26T20:43:49Z | 2026-01-29T20:50:07Z |
| NETLOCK: Unavailability of the document repository | 2021559 | ASSIGNED | Roland | [ca-compliance] [policy-failure] | 2026-03-26T20:54:03Z | 2026-03-06T12:10:43Z |
| Netlock: unspecifed revocation code (0) in CRL | 2011314 | ASSIGNED | Roland | [ca-compliance] [crl-failure] | 2026-03-23T22:44:32Z | 2026-01-19T21:40:56Z |
| NISZ Nemzeti Infokommunikacios Szolgaltato: Missing Contact Information in CCADB | 2015568 | UNCONFIRMED | [ca-compliance] [disclosure-failure] | 2026-03-24T06:58:47Z | 2026-02-09T18:37:24Z | |
| PKIoverheid: TSP Cleverbase Findings in 2025 ETSI Audit - Incident Report #1 – Incorrect issuer CA listed in CPS | 1985816 | ASSIGNED | Policy Authority PKIoverheid | [ca-compliance] [audit-finding] Next update 2026-04-14 | 2026-01-27T15:16:50Z | 2025-08-28T15:39:28Z |
| PKIoverheid: TSP KPN Findings in 2025 ETSI Audit - Incident Report #3 – Internal Audit | 1983263 | ASSIGNED | Policy Authority PKIoverheid | [ca-compliance] [audit-finding] | 2026-03-09T14:44:12Z | 2025-08-15T14:05:23Z |
| PKIoverheid: TSP KPN Findings in 2025 ETSI Audit - Incident Report #7 – Change Management | 1983267 | ASSIGNED | Policy Authority PKIoverheid | [close on 2026-03-30] [ca-compliance] [audit-finding] | 2026-03-23T16:10:29Z | 2025-08-15T14:09:40Z |
| PostSignum: Length Subject organizationName | 2021239 | ASSIGNED | CA PostSignum | [ca-compliance] [ov-misissuance] | 2026-03-27T13:07:48Z | 2026-03-05T08:52:41Z |
| SECOM: Incorrect CCADB Non-Audit Document References for FUJIFILM Fnet CA - C | 2023563 | ASSIGNED | SECOM Trust Systems - ONO Fumiaki | [ca-compliance] [disclosure-failure] | 2026-03-23T06:17:44Z | 2026-03-16T12:50:25Z |
| SECOM: Non conformant SCT Encoding Due to SCT Modification by Cybertrust Japan (CTJ) | 2007070 | ASSIGNED | SECOM Trust Systems - ONO Fumiaki | [close on 2026-03-30] [ca-compliance] [ov-misissuance] | 2026-03-23T14:58:04Z | 2025-12-19T08:01:55Z |
| SECOM: Repository service disruption affecting subordinate CAs (CTJ) | 2017840 | ASSIGNED | SECOM Trust Systems - ONO Fumiaki | [ca-compliance] [policy-failure] | 2026-03-26T05:37:05Z | 2026-02-19T11:49:12Z |
| Sectigo: Package patching gap within Certificate Systems | 2019995 | ASSIGNED | Martijn Katerbarg | [ca-compliance] [uncategorized] Next update 2026-04-10 | 2026-03-17T18:15:05Z | 2026-02-27T17:52:48Z |
| SHECA: CRL of root CA not published within 24 hours | 2015383 | ASSIGNED | SHECA | [ca-compliance] [crl-failure] | 2026-03-25T08:54:50Z | 2026-02-09T07:14:45Z |
| SHECA: Failure to keep weekly updates under bugs | 2025259 | ASSIGNED | SHECA | [ca-compliance] [policy-failure] | 2026-03-24T02:05:35Z | 2026-03-23T09:49:06Z |
| SHECA: Test Website certificate expired | 2025135 | ASSIGNED | SHECA | [ca-compliance] [policy-failure] | 2026-03-27T10:21:46Z | 2026-03-22T03:10:44Z |
| SHECA: TLS certificate key generation online | 1993357 | ASSIGNED | SHECA | [ca-compliance] [dv-misissuance] [ov-misissuance] | 2026-03-27T10:23:34Z | 2025-10-08T19:46:26Z |
| Siemens: Outdated CP/CPS records disclosed in CCADB | 2026484 | ASSIGNED | Fabian Meister | [ca-compliance] [disclosure-failure] | 2026-03-26T19:00:35Z | 2026-03-26T07:21:06Z |
| Swiss BIT (FOITT): Missing Contact Information in CCADB | 2015569 | ASSIGNED | Steph | [ca-compliance] [disclosure-failure] | 2026-03-19T01:24:22Z | 2026-02-09T18:37:29Z |
| SwissSign: recommendation on backup testing | 1990272 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:52:09Z | 2025-09-23T17:06:29Z |
| SwissSign: recommendation on BIA/BCP review | 1990263 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:51:27Z | 2025-09-23T16:53:15Z |
| SwissSign: recommendation on BIA/BCP test coverage | 1990266 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:51:38Z | 2025-09-23T16:55:40Z |
| SwissSign: recommendation on CA-specific risk assessment | 1990277 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:52:51Z | 2025-09-23T17:08:41Z |
| SwissSign: recommendation on document release dual control | 1990269 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:51:48Z | 2025-09-23T17:03:05Z |
| SwissSign: recommendation on evaluation of cloud service providers | 1990276 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:52:39Z | 2025-09-23T17:08:11Z |
| SwissSign: recommendation on firewall review | 1990271 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:51:54Z | 2025-09-23T17:05:31Z |
| SwissSign: recommendation on linting software updates | 1990282 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-11-03T08:50:16Z | 2025-09-23T17:12:55Z |
| SwissSign: recommendation on log review process | 1990285 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:54:20Z | 2025-09-23T17:14:00Z |
| SwissSign: recommendation on publication process for CA related data | 1990275 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:52:27Z | 2025-09-23T17:07:40Z |
| SwissSign: recommendation on review of key pair generation implementation | 1990284 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:53:56Z | 2025-09-23T17:13:29Z |
| SwissSign: recommendation on risk assessment | 1990254 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:50:25Z | 2025-09-23T16:08:48Z |
| SwissSign: recommendation on self-assessment tool | 1990281 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:53:00Z | 2025-09-23T17:12:19Z |
| SwissSign: recommendation on synchronization of staging and production environments | 1990274 | ASSIGNED | Sandy Balzer | [ca-compliance] [audit-finding] Next update 2026-04-30 | 2025-10-28T12:52:18Z | 2025-09-23T17:07:10Z |
| Telia: S/MIME Misissuance - incorrect subject information for Multipurpose sponsor-validated-profile | 2012101 | ASSIGNED | Antti Backman | [ca-compliance] [smime-misissuance] Next update 2026-03-31 | 2026-03-17T17:41:38Z | 2026-01-23T12:25:35Z |
86 Total; 86 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Audit Delays
The compliance bug's whiteboard field is tagged with [audit-delay] whenever a CA is unable to deliver audit statements to Mozilla when they are due. Such bugs should be reported as CA compliance issues, with the following whiteboard tags as described here.
- Whiteboard = [ca-compliance][audit-delay]
- For audit delays due to mandated restrictions regarding COVID-19, use Whiteboard = [ca-compliance][audit-delay][covid-19]
| Summary | ID | Status | Assigned to | Whiteboard | Last change time | Creation time |
|---|---|---|---|---|---|---|
| D-Trust: Delayed publication of audit attestation letters in the CCADB | 2011430 | ASSIGNED | Ana Laura Martorano | [ca-compliance] [audit-delay] | 2026-03-27T07:39:44Z | 2026-01-20T14:51:29Z |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Revocation Delays
The compliance bug's whiteboard field is tagged with [delayed-revocation-ca] or [delayed-revocation-leaf] whenever a CA fails to abide by Mozilla's requirement to revoke certificates in a timely fashion. As discussed in CA/Responding_To_An_Incident#Revocation, Mozilla recognizes that there may be *exceptional* situations that cause a CA to not abide by the Baseline Requirements, which should be accompanied by an Incident Report.
Such bugs should be reported as CA compliance issues, and will be categorized appropriately during triage.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
Closed CA Bugs
Closed CA Compliance Bugs
A historical view of past CA compliance bugs may be found here: