← DigiCert cases
Bugzilla #1531817
Certificate Misissuance
DigiCert: in-addr.arpa Misissuance
RESOLVED
DigiCert
AI Summary
DigiCert experienced a misissuance of certificates for the in-addr.arpa domain due to improper validation processes. A validation agent incorrectly set the scope of domain control validation, allowing certificates to be issued for domains that the requester did not control. Following the incident, DigiCert revoked the misissued certificates and implemented changes to their validation procedures to prevent similar occurrences in the future.
Chronology
- Customer reported misissuance to DigiCert
- Manual upload of WHOIS documents disabled for non-managers
- Incident reported to Mozilla
- Incident report submitted by DigiCert
- Case marked as resolved
Participants
Wayne Thayer
Jeremy Rowley
Cynthia Revström
External References
Similar Local Cases
DigiCert: Internal Domain Name cert mis-issuance
DigiCert: Domain validation skipped
DigiCert: "Some-State" in stateOrProvinceName
DigiCert: Incorrectly issued EV Certificate
DigiCert: Mis-issuance of certificate with https in CN/SAN
DigiCert: RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone
DigiCert: Verizon mis-issued test certificates
DigiCert: DigiCert issued cert with CN too long