← DarkMatter LLC cases
Bugzilla #1519260
Certificate Misissuance
QuoVadis: Multiple unreported misissuances in 2018
RESOLVED
FIXED
DarkMatter LLC
AI Summary
In 2018, QuoVadis identified multiple misissuances of SSL certificates that were not reported at the time. The issues were discovered through post-issuance linting, leading to the revocation of problematic certificates. QuoVadis has since implemented pre-issuance linting to prevent future occurrences and has committed to greater transparency regarding certificate management. The case highlights the importance of timely reporting and remediation of certificate errors.
Chronology
- Certificate identified using linting.
- Certificate revoked.
- Bug reported.
- Pre-issuance linting implemented.
Participants
Stephen Davidson
Ryan Sleevi
Wayne Thayer
External References
Similar Local Cases
QuoVadis: Non-BR-Compliant issuance --improper characters in DNSName (BIT sub-CA)
QuoVadis: Certificate containing Debian weak key
QuoVadis: Non-BR-Compliant OCSP Responder
QuoVadis: IPaddress in DNSname SAN
KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days
SECOM: Mis-issued EV Certificates
Entrust: SHA-1 Issuance and other misissuance while testing
Camerfirma: Infocert misissued certificates