Open
Bug 2052085
Opened 3 days ago
Updated 2 days ago
Certainly: Missing audit log entries for certificates issued during capacity testing
Categories
(CA Program :: CA Certificate Compliance, task)
CA Program
CA Certificate Compliance
Tracking
(Not tracked)
ASSIGNED
People
(Reporter: djeffery, Assigned: djeffery)
Details
(Whiteboard: [ca-compliance] [uncategorized])
Preliminary Incident Report
Summary
- Incident description: While performing our annual WebTrust audit,
Certainly identified that 5,868 certificates issued during planned capacity
characterization testing on 2026-04-01 and 2026-04-02 are missing some or all
expected audit log entries. The root cause is kernel-level syslog socket
saturation under sustained high-volume issuance (280–360 certificates/second).
All affected certificates have since expired (30-day validity); zero remain
valid. One certificate among the affected set was a typical subscriber issuance
while the remaining 5,867 were all generated by the load testing harness.
Certainly is developing remediation to prevent this failure pathway and to
monitor for missing audit entries in the future. - Relevant policies:
- Certainly CP/CPS §5.4 (Records Archival / Audit Logging)
- Baseline Requirements §5.4.1 (Types of Events Recorded)
- NCSSRs §3.2 (Security Monitoring)
- Source of incident disclosure: Self Reported
Certainly will publish a full incident report by 2026-07-13.
Updated•3 days ago
|
Assignee: nobody → djeffery
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Whiteboard: [ca-compliance] [uncategorized]
You need to log in
before you can comment on or make changes to this bug.
Description
•