Open Bug 2007216 Opened 6 days ago Updated 4 days ago

GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates

Tracking

(Not tracked)

Status:

ASSIGNED

People

(Reporter: sdeitte, Assigned: sdeitte)

Details

(Whiteboard: [ca-compliance] [disclosure failure])

Steven Deitte

Assignee

Description

•

6 days ago

Steps to reproduce:

Preliminary Incident Report

Summary

Incident description: CRL disclosure in CCADB mismatch against CRL listed in issued certificates
Relevant policies: CCADB Policy 6.2
Source of incident disclosure: Certificate Problem Reporting

GoDaddy has maintained full and partitioned CRL files for issuing intermediate certificates. We have a mismatch between these on CCADB and what is listed on our leaf certificates. We are working to increase the number of certificates we include on the partitioned CRL files to ensure when we update CCADB to match leaf certificates that we are not in a situation of having to frequently update the list. A full investigation is also ongoing.

incident-reporting

Updated

•

4 days ago

Assignee: nobody → sdeitte

Status: UNCONFIRMED → ASSIGNED

Ever confirmed: true

Whiteboard: [ca-compliance] [disclosure failure]

incident-reporting

Updated

•

4 days ago

Type: enhancement → task

You need to log in before you can comment on or make changes to this bug.

Bugzilla

GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates

Categories

(CA Program :: CA Certificate Compliance, task)

Tracking

(Not tracked)

People

(Reporter: sdeitte, Assigned: sdeitte)

References

Details

(Whiteboard: [ca-compliance] [disclosure failure])

Crash Data

Security

(public)

User Story

Description

Preliminary Incident Report

Summary

Updated

Updated