Closed Bug 1934630 Opened 3 months ago Closed 2 months ago

Add Certisign-issued TLS certificate to OneCRL

Categories

(Core :: Security Block-lists, Allow-lists, and other State, task)

task

Tracking

()

RESOLVED WONTFIX

People

(Reporter: bwilson, Assigned: bwilson, NeedInfo)

References

Details

(Whiteboard: [ca-onecrl])

Attachments

(1 file)

2.81 KB, application/x-x509-ca-cert
Details

As reported in Bug #1934361, this certificate - https://crt.sh/?sha256=421329f0dc2f683d6e96c1b5b310974d0997ad984ef69120f55372b4f48e1037, was mis-issued and should be added to OneCRL.

Here is the entryMaker-constructed OneCRL entry:
{
"issuerName": "MIGFMQswCQYDVQQGEwJCUjETMBEGA1UEChMKSUNQLUJyYXNpbDE1MDMGA1UECxMsQXV0b3JpZGFkZSBDZXJ0aWZpY2Fkb3JhIFJhaXogQnJhc2lsZWlyYSB2MTAxKjAoBgNVBAMTIUFDIENlcnRpc2lnbiBJQ1AtQnJhc2lsIFNTTCBFViBHNA==",
"serialNumber": "KIU0Rzkach52lIVJTnNXUg==",
"enabled": true,
"details": {
"who": "",
"created": "",
"bug": "1934630",
"name": "",
"why": ""
}
}

Status: NEW → ASSIGNED
Flags: needinfo?(dkeeler)

During our standard certificate monitoring, an internal miscommunication led us to incorrectly deem a legitimate request as a one issued in error. We apologize for the confusion and will be performing a postmortem on this issue.

Please see https://bugzilla.mozilla.org/show_bug.cgi?id=1934361#c16, as the certificate was still a mis-issuance due to the linting problems

Action on this is being suspended until we have more information.

Flags: needinfo?(dkeeler)

This certificate was revoked by the CA on 2024-12-13. Therefore, it no longer needs to be added to OneCRL.

Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Flags: needinfo?(mozilla)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: