← DarkMatter LLC cases
Bugzilla #1540315
Certificate Problem Report
QuoVadis: LLB insufficient Serial Number Entropy
RESOLVED
FIXED
DarkMatter LLC
AI Summary
The case involves QuoVadis and LLB's handling of insufficient entropy in certificate serial numbers. LLB was informed by QuoVadis on March 8, 2019, about potential issues with 64-bit entropy in their S/MIME certificates. Following this, LLB ceased issuing certificates and upgraded their PKI configuration to use 20-octet serials. By June 8, 2019, all affected certificates had been revoked, and the remediation was deemed complete.
Chronology
- QuoVadis informs LLB about potential entropy issues.
- Last affected S/MIME certificates revoked by LLB.
Participants
Stephen Davidson
Ryan Sleevi
Wayne Thayer
External References
Similar Local Cases
QuoVadis: EV JOI Issue
QuoVadis: N/A in EV serialNumber field
QuoVadis: Incorrect OCSP Delegated Responder Certificate
QuoVadis: Incorrect EV jurisdiction of incorporation information
QuoVadis: EV serialNumber with "none"
QuoVadis: Failure to revoke certificates with compromised private keys
QuoVadis: failure to reply to CPR in a timely manner
QuoVadis: OCSP handling of Certificate Transparency Pre-certs