AI Summary for Bugzilla #1524567

AI Summary

Telia Company reported an incident involving three invalid certificates issued in 2016, where IP values were incorrectly stored in the SAN DNS field instead of the SAN IP field. The issue was identified on January 29, 2019, and the certificates were revoked by January 31, 2019. Telia has since implemented automatic testing to prevent similar issues in the future. A mass scan of their certificates revealed additional errors, leading to further revocations and improvements in their certificate issuance process.

Model: gpt-4o-mini Generated: 2026-06-13 18:00 UTC Confidence: 0.95

Chronology

2019-01-29 Telia informed about invalid certificates
2019-01-31 Certificates revoked
2019-02-01 Preliminary incident report created
2019-02-04 Complete incident report submitted
2019-02-12 Mass zlint scan completed

Participants

pekka.lahtiharju@teliasonera.com jonathan@titanous.com wthayer@fastly.com

External References

Original Bugzilla Case crt.sh crt.sh crt.sh

Similar Local Cases

#1528264 RESOLVED Certificate Misissuance Opened 2019-02-15 · Closed 2023-02-22 · 71% similar

Telia: Misissued certificate - Invalid OU value "-"

AI Summary CA Owner

#1528263 RESOLVED Certificate Misissuance Opened 2019-02-15 · Closed 2023-02-22 · 69% similar

Telia: Misissued certificate - Invalid wildcard format

AI Summary CA Owner

#1612332 RESOLVED Certificate Misissuance Opened 2020-01-30 · Closed 2023-02-22 · 68% similar

Telia: Ambiguity on KeyUsage with ECC public key

AI Summary CA Owner

#1528259 RESOLVED Certificate Misissuance Opened 2019-02-15 · Closed 2023-02-22 · 65% similar

Telia: misissued certificate - FQDN value incorrectly in SAN rfc822 field

AI Summary CA Owner

#1528261 RESOLVED Certificate Misissuance Opened 2019-02-15 · Closed 2023-02-22 · 62% similar

Telia: Misissued certificate - FQDN without domain part (e_dnsname_not_valid_tld)

AI Summary CA Owner

#1828105 RESOLVED Certificate Misissuance Opened 2023-04-14 · Closed 2023-06-30 · 60% similar

Telia: Misissued certificate - wrong OrganizationName value "Hair 8 Brains"

AI Summary CA Owner

#1426247 RESOLVED Certificate Misissuance Opened 2017-12-19 · Closed 2023-02-22 · 56% similar

Telia: Non-BR-Compliant OCSP Responder

AI Summary CA Owner

#1859314 RESOLVED Certificate Misissuance Opened 2023-10-16 · Closed 2024-01-26 · 55% similar

Telia: TLS certificates issued in violation of TLS BR v2.0.1

AI Summary CA Owner

Telia: invalid IP value in SAN DNS field

Confirm action