← DigiCert cases
Bugzilla #1417771
Certificate Problem Report
DigiCert: Symantec non-constrained/non-disclosed intermediate CA certificates
RESOLVED
DigiCert
AI Summary
This case addresses the issue of non-constrained and non-disclosed intermediate CA certificates associated with DigiCert and the former Symantec infrastructure. The report highlights that there are 279 such certificates that were not reported in the CCADB, leading to compliance concerns. The resolution involved updating the CCADB with these CAs and ensuring they are included in upcoming audit reports, with a focus on proper technical constraints and compliance with Mozilla's policies.
Chronology
- Initial report filed regarding non-constrained CAs.
- Confirmation that all CAs will be included in the upcoming audit report.
- Follow-up on compliance and audit status.
- Discussion on the resolution of the issue and ongoing compliance efforts.
Participants
Jeremy Rowley
Gervase Markham
Wayne Thayer
Brenda Bernal
Ben Wilson
External References
Similar Local Cases
DigiCert: Verizon: "Default City" in Subject:localityName
DigiCert: Non-BR-Compliant OCSP Responders
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension
DigiCert: CAA Checking Issue
DigiCert: no subject alternative name in Siemens certs
DigiCert: Failure to revoke key-compromised certificates within 24 hours
DigiCert: Entity not verified in organizationalUnitName
DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days