Certigna: Precertificate with a validity period greater than 398-days
Categories
(CA Program :: CA Certificate Compliance, task)
Tracking
(Not tracked)
People
(Reporter: michel, Assigned: bwilson)
Details
(Whiteboard: [ca-compliance] [ov-misissuance])
Hello,
I found the precertificate https://crt.sh/?id=6926734395&opt=zlint issued by Certigna with a validity period greater than 398-days.
Comment 1•2 years ago
|
||
In a previous incident report (bug 1667744 comment 10), Certigna wrote:
"This modifications ensure that certificates will not be issued with a validity grater than 397 days."
Why has this happened again?
Assignee | ||
Updated•2 years ago
|
Comment 2•2 years ago
|
||
Hello,
Thank very much you for reporting this information.
We have launched internal investigations to identify the origin of the issuance of this certificate with a validity period of 400 days.
The incident seems to be linked to a specific case of certificate renewal that has not been rectified by our automatic verification scripts.
Pending the results of these investigations, we can already confirm that:
- Only this certificate is affected by this incident ;
- Actions to revoke the certificate have been initiated ;
- The incident has been communicated to all CA and RA teams in order to be more vigilant about this situation while awaiting the results of the investigations and the deployment of corrective actions.
We will create within 24 hours a detailed bug report of the incident in accordance with the requirements and will provide you more details about its origin and the corrective actions.
The incident will also be reported to our assessment body and our supervisory body.
Best regards
Comment 3•2 years ago
|
||
Hello,
We create this new bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1774418 ) to report this incident and provide more details on its origin and the corrective actions.
We remain at your disposal for any further information.
Best regards
Comment 4•2 years ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Comment 5•2 years ago
|
||
Redirect a needinfo that is pending on an inactive user to the triage owner.
:kwilson, since the bug has recent activity, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Description
•