← Asseco Data Systems S.A. cases
Bugzilla #1518560
Policy Compliance
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm
RESOLVED
FIXED
Asseco Data Systems S.A.
AI Summary
Asseco Data Systems S.A. was found to be issuing certificates that included the forbidden P-521 algorithm, violating Mozilla's Root Store Policy. The issue was reported in a Bugzilla case, prompting the CA to cease issuance of such certificates and to provide an incident report detailing the timeline and corrective actions taken. The CA has since implemented measures to ensure compliance with browser policies and has established a process for monitoring changes in requirements to prevent future occurrences.
Chronology
- Bugzilla case created regarding the use of forbidden algorithm.
- CA blocked issuance of certificates with P-521 keys.
- CA completed documentation comparing technical requirements from browser policies.
Participants
Ryan Sleevi
Wojciech Trapczyński
External References
Similar Local Cases
Asseco DS / Certum: CPS does not refer to BR domain validation methods
Asseco DS / Certum: Cross-Signed non-EV-audited root with an EV-enabled root
SECOM: Non-BR-Compliant Certificate Issuance
Asseco DS / Certum: Failure to Update Policy Documents within 365 Days
Microsoft PKI Services: Failure to disclose Unconstrained Intermediate within 7 Days
PKIoverheid: KPN CPS Lists Forbidden Domain Validation Method 3.2.2.4.6
NetLock: Replacement of enduser certificates after the EVGL 1.7.4 self-audit
Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy