← Apple Inc. cases
Bugzilla #1772644 Technical Compliance

Apple: CRL issuance frequency deviates from CPS in some cases

RESOLVED FIXED Apple Inc.
AI Summary

Apple identified that the Certificate Revocation List (CRL) issuance frequency for its public TLS CAs was configured for 24 hours but was occurring at a 37.5 hour interval in some cases, which deviated from their stated practice in the Apple Public Certificate Policy Statement (CPS). The issue was resolved by creating an additional CRL worker, ensuring compliance with the 24-hour issuance frequency. Apple is also reviewing and updating the CPS to address hard interval settings.

Model: gpt-4o-mini Generated: 2026-06-13 15:13 UTC Confidence: 1.00
Chronology
  1. Issue identified during review of validation services
  2. Fix applied to ensure CRL issuance frequency met CPS requirements
  3. Updated version of the Apple Public CPS posted
Participants
certification_authority@apple.com aaron@letsencrypt.org bwilson@mozilla.com
External References
Original Bugzilla Case bugzilla.mozilla.org images.apple.com www.apple.com images.apple.com
Similar Local Cases
#1914893 RESOLVED Technical Compliance Opened 2024-08-26 · Closed 2024-09-18 · 47% similar
Amazon Trust Services: CRL not DER-encoded
AI Summary CA Owner
#1746945 RESOLVED Technical Compliance Opened 2021-12-20 · Closed 2023-02-22 · 40% similar
Amazon Trust Services: Missing CAA Check For Test Website Certificates
AI Summary CA Owner
#1428891 RESOLVED Technical Compliance Opened 2018-01-08 · Closed 2023-02-22 · 38% similar
Entrust: Non-BR-Compliant OCSP Responder
AI Summary CA Owner
#1398246 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 38% similar
Consorci AOC: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1398240 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 38% similar
Firmaprofesional: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1521623 RESOLVED Technical Compliance Opened 2019-01-21 · Closed 2024-05-09 · 38% similar
Amazon Trust Services: Failure to comply with RFC 5280
AI Summary CA Owner
#1015767 RESOLVED Technical Compliance Opened 2014-05-25 · Closed 2022-11-14 · 38% similar
startcom: still issuing < 2048 bit certificates
AI Summary CA Owner
#1436173 RESOLVED Technical Compliance Opened 2018-02-06 · Closed 2023-02-22 · 38% similar
DigiCert: SCEE / Justica: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action