← IdenTrust Services, LLC cases
Bugzilla #1542082
Policy Compliance
IdenTrust: Failure to disclose Unconstrained intermediate Within 7 Days
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust Services, LLC failed to disclose an Intermediate CA certificate within the required seven days as stipulated by Mozilla Policy. The issue was identified on March 28, 2019, following a prompt from Mozilla. IdenTrust acknowledged the oversight and has since disclosed all relevant intermediate certificates to the CCADB. They have implemented procedural changes to ensure compliance with disclosure requirements in the future.
Chronology
- IdenTrust became aware of the failure to disclose an Intermediate CA certificate.
- IdenTrust attempted to replace a previously disclosed non-ssl issuing CA.
- Bug filed regarding the failure to disclose.
- Remediation confirmed complete.
Participants
IdenTrust
Mozilla Release Management
Mozilla Bug Husbandry
External References
Similar Local Cases
HARICA: P-384,ecdsa-with-SHA256 Certificates
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm
NETLOCK: did not file a preliminary incident report or respond to a third-party report within the 72-hour timeframe
TWCA: Missing or Inconsistent Disclosure of S/MIME BR Audits
QuoVadis: Recap of BR Compliance in 2018 issuance by external subCAs
DigiCert: Inconsistent EV audits
SECOM: Non-BR-Compliant Certificate Issuance
Amazon Trust Services: CP/CPS does not specify key compromise methods