← Chunghwa Telecom cases
Bugzilla #1532436
Certificate Misissuance
Chunghwa Telecom: Test certificate with unregistered domain name
RESOLVED
FIXED
Chunghwa Telecom
AI Summary
Chunghwa Telecom reported a mis-issued certificate with an unregistered domain name discovered during an internal audit. The incident occurred on February 15, 2019, leading to immediate revocation of the affected certificates. The CA implemented an automatic FQDN-checking function to prevent future occurrences and has since enhanced its validation processes. The CA has communicated with its auditor regarding the incident and has taken steps to ensure compliance with industry standards.
Chronology
- Mis-issued certificate discovered and revoked.
- Automatic FQDN-checking function implemented.
- New validation methods went live.
Participants
Li-Chun Chen
Wayne Thayer
Ryan Sleevi
External References
Similar Local Cases
SECOM: Mis-issued EV Certificates
Entrust: Certificate issued with validity greater than 825-days
DigiCert: "Some-State" in stateOrProvinceName
Camerfirma: Infocert misissued certificates
QuoVadis: Multiple unreported misissuances in 2018
Microsoft PKI Services: Certificate Mis-Issuance, Locality Missing
Telia: "Some-State" in stateOrProvinceName
DigiCert: Domain validation skipped