Micros: Issusing 1024 bit certificates

RESOLVED FIXED

Status

RESOLVED FIXED
4 years ago
2 years ago

People

(Reporter: kurt, Assigned: kwilson)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: BR Compliance - 1024 bit certs)

(Reporter)

Description

4 years ago
Hi,

I'm seeing recent 1024 certificates from the following chain:
C = US, OU = www.xrampsecurity.com, O = XRamp Security Services Inc, CN = XRamp Global Certification Authority
C = US, ST = Illinois, L = Chicago, O = "Trustwave Holdings, Inc.", CN = "Trustwave Organization Issuing CA, Level 2", emailAddress = ca@trustwave.com
C = US, ST = Maryland, L = Columbia, O = "Micros Systems, Inc.", CN = Micros CA
C = US, ST = Maryland, L = Columbia, O = "Micros Systems, Inc.", CN = Micros Internal CA
(Reporter)

Updated

4 years ago
Blocks: 1029147
(Assignee)

Updated

4 years ago
Assignee: kwilson → jrandall
Whiteboard: BR Compliance - 1024 bit certs
jrandall: have you been able to look into this issue? If you need more info from Kurt about the certificates, you can ask here.

Gerv
(Assignee)

Updated

2 years ago
Assignee: jrandall → kwilson

Comment 2

2 years ago
The last 1024 bit key issued from that chain was 8/14/14.  When Trustwave was made aware of the issue, we confirmed that this was specific to a particular use case and confirmed no other chains had improperly issued <2048 server certificates. Since then the "Trustwave Organization Issuing CA, Level 2" CA has been revoked.
(Assignee)

Updated

2 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED

Updated

2 years ago
Product: mozilla.org → NSS
You need to log in before you can comment on or make changes to this bug.