← Government of Taiwan, Government Root Certification Authority (GRCA) cases
Bugzilla #1523221 Certificate Misissuance

GRCA: Misissued certificates - invalid CN, bad validity period, missing extensions

RESOLVED FIXED Government of Taiwan, Government Root Certification Authority (GRCA)
AI Summary

The Government Root Certification Authority (GRCA) issued certificates that contained an invalid common name, exceeded the maximum validity period, and lacked required extensions such as EKU and SAN. Although GRCA argued that these certificates were not intended for TLS use, Mozilla's policy classifies them as misissued due to the absence of necessary extensions. An incident report was provided, and GRCA committed to including EKUs in all end-entity certificates issued after July 1, 2020, to comply with Mozilla's Root Store Policy.

Model: gpt-4o-mini Generated: 2026-06-13 17:59 UTC Confidence: 0.95
Chronology
  1. Bug created regarding misissued certificates.
  2. GRCA submitted an incident report.
  3. GRCA confirmed compliance plan for EKUs.
  4. Bug resolved as GRCA's remediation plan was accepted.
Participants
Jonathan Rudenberg Wayne Thayer gpki@ndc.gov.tw
External References
Original Bugzilla Case
Similar Local Cases
#1463975 RESOLVED Certificate Misissuance Opened 2018-05-24 · Closed 2023-02-22 · 59% similar
GRCA: Misissued certificates: Invalid commonName, commonName not in SAN
AI Summary CA Owner
#1524050 RESOLVED Certificate Misissuance Opened 2019-01-30 · Closed 2023-02-22 · 55% similar
Telia: Misissued certificate - invalid dnsName
AI Summary CA Owner
#1443733 RESOLVED Certificate Misissuance Opened 2018-03-07 · Closed 2023-02-22 · 48% similar
SwissSign: Cert issued with a to long validity period
AI Summary CA Owner
#1512270 RESOLVED Certificate Misissuance Opened 2018-12-05 · Closed 2023-02-22 · 48% similar
Microsec: Validity period greater than 825 days
AI Summary CA Owner
#1495507 RESOLVED Certificate Misissuance Opened 2018-10-01 · Closed 2023-02-22 · 48% similar
FNMT: OU exceeds 64 characters
AI Summary CA Owner
#1455119 RESOLVED Certificate Misissuance Opened 2018-04-18 · Closed 2023-02-22 · 48% similar
Firmaprofesional: Undisclosed Intermediate certificate
AI Summary CA Owner
#1455147 RESOLVED Certificate Misissuance Opened 2018-04-18 · Closed 2023-02-22 · 48% similar
Camerfirma: Missing audit for Intermediate certificate
AI Summary CA Owner
#1502957 RESOLVED Certificate Misissuance Opened 2018-10-29 · Closed 2023-02-22 · 47% similar
Camerfirma: MULTICERT Misissuance and missing audits
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action