← Telia Company cases
Bugzilla #1524050
Certificate Misissuance
Telia: Misissued certificate - invalid dnsName
RESOLVED
FIXED
Telia Company
AI Summary
Telia Company issued a certificate with an invalid dnsName due to a trailing space, which was reported on January 25, 2019. The certificate was not revoked until January 31, 2019, after an internal investigation determined it did not pose an urgent security concern. Telia has since improved its procedures for handling such incidents, including updating its contact methods for urgent issues and conducting a mass scan that identified another similar misissued certificate. The incident report and subsequent actions have been documented and addressed.
Chronology
- Certificate with invalid dnsName reported to Telia.
- Certificate revoked after internal investigation.
- Mass scan identified another invalid certificate.
- All questions answered and remediation complete.
Participants
Jonathan Rudenberg
Pekka Lahtiharju
Ryan Sleevi
Wayne Thayer
External References
Similar Local Cases
Telia: "Some-State" in stateOrProvinceName
Telia: Failure to disclose Unconstrained Intermediate within 7 Days
Camerfirma: failure to revoke underscores
Asseco DS / Certum: Invalid value in SAN dNSName
KIR S.A.: Misissuance - missing OCSP AIA, Validity > 825 days
Entrust: IP in dnsName
Telia: Non-BR-Compliant OCSP Responder
SwissSign: Invalid DNSName in SAN