Closed Bug 1774171 Opened 2 years ago Closed 2 years ago

Certigna: Precertificate with a validity period greater than 398-days

Categories

(CA Program :: CA Certificate Compliance, task)

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1774418

People

(Reporter: michel, Assigned: bwilson)

Details

(Whiteboard: [ca-compliance] [ov-misissuance])

Hello,
I found the precertificate https://crt.sh/?id=6926734395&opt=zlint issued by Certigna with a validity period greater than 398-days.

Flags: needinfo?(r.delval)

In a previous incident report (bug 1667744 comment 10), Certigna wrote:
"This modifications ensure that certificates will not be issued with a validity grater than 397 days."

Why has this happened again?

Assignee: bwilson → r.delval
Status: NEW → ASSIGNED
Whiteboard: [ca-compliance]

Hello,

Thank very much you for reporting this information.

We have launched internal investigations to identify the origin of the issuance of this certificate with a validity period of 400 days.
The incident seems to be linked to a specific case of certificate renewal that has not been rectified by our automatic verification scripts.

Pending the results of these investigations, we can already confirm that:

  • Only this certificate is affected by this incident ;
  • Actions to revoke the certificate have been initiated ;
  • The incident has been communicated to all CA and RA teams in order to be more vigilant about this situation while awaiting the results of the investigations and the deployment of corrective actions.

We will create within 24 hours a detailed bug report of the incident in accordance with the requirements and will provide you more details about its origin and the corrective actions.

The incident will also be reported to our assessment body and our supervisory body.

Best regards

Hello,

We create this new bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1774418 ) to report this incident and provide more details on its origin and the corrective actions.

We remain at your disposal for any further information.

Best regards

The bug assignee is inactive on Bugzilla, so the assignee is being reset.

Assignee: r.delval → bwilson

Redirect a needinfo that is pending on an inactive user to the triage owner.
:kwilson, since the bug has recent activity, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(r.delval) → needinfo?(kwilson)
Flags: needinfo?(kwilson) → needinfo?(bwilson)
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Flags: needinfo?(bwilson)
Resolution: --- → DUPLICATE
Product: NSS → CA Program
Whiteboard: [ca-compliance] → [ca-compliance] [ov-misissuance]
You need to log in before you can comment on or make changes to this bug.