Open Bug 1579299 Opened Last month Updated 26 days ago

Asseco DS / Certum: non-audited intermediate certificate

Categories

(NSS :: CA Certificate Compliance, task)

task
Not set

Tracking

(Not tracked)

People

(Reporter: kwilson, Assigned: aleksandra.kapinos)

Details

(Whiteboard: [ca-compliance])

Looking at https://crt.sh/mozilla-disclosures#disclosedwithinconsistentaudit I found that the following intermediate certificate is not listed in scope of an audit statement.

This cert either needs to be revoked and added to OnCRL, or needs to be included in scope of appropriate audits and audit statements.

Subject
CN=SSL.com Root Certification Authority RSA; O=SSL Corporation; C=US
Issuer
CN=Certum Trusted Network CA; OU=Certum Certification Authority; O=Unizeto Technologies S.A.; C=PL
SHA-256 Fingerprint
ACF718DF838E640051777D1947F51620E8D804BA186553AE52FC9811B5D34B8B

This certificate are showed up in the new audit statement which covered the period March 27, 2018 to 4 March, 2019. Today, we updated the new audit report in CCADB and in Certum website https://www.certum.eu/en/cert_aboutus_about_webtrust/

Summary: Asseco/Certum: non-audited intermediate certificate → Asseco DS / Certum: non-audited intermediate certificate
You need to log in before you can comment on or make changes to this bug.