After the publication of the version 2.7 – effective from January 1st, 2020, we have only issued SubCAs created as a substitution of old ones that will stopped been used for some different causes.
All the old SubCAs were created before that version as you can see on the list below:
InfoCert Organization Validation CA 3
Intesa Sanpaolo Organization Validation CA
MULTICERT SSL Certification Authority 001
The SubCAs created as a substitution of the old ones are listed below:
InfoCert Organization Validation 2019 CA 3
Intesa Sanpaolo Organization Validation 2019 CA
MULTICERT SSL Certification Authority 005
We have always verified that the old problems with the certificates had been solved and the needed audits performed before the creation of the new certificates.
Regarding the mentioned subCA "MULTICERT SSL Certification Authority 005", it was issued as a substitution of the prior subCA "MULTICERT SSL Certification Authority 001" and it was not going to be controlled by a new third party.
In these cases, we followed the given instructions to incorporate a new CA in the CCADB that had not debuted yet, indicating “same as parent” until the audit was performed.
Concretely, it was done for the subCA "MULTICERT SSL Certification Authority 005", before performing the audit that covered the period: 2019-12-06 / 2020-04-06.
This subCA has not issued certificates yet.
Anyway, we catch the information, and it will be taken into account to notify all the new CA issuances in the future, even if they are renewals of old certificates.
Tomorrow, we will include an incident report.