← AC Camerfirma, S.A. cases
Bugzilla #1549861
Policy Compliance
Camerfirma: Outdated audit statements for intermediate certs
RESOLVED
FIXED
AC Camerfirma, S.A.
AI Summary
Camerfirma, S.A. was found to have outdated audit statements for several intermediate certificates. The issue was reported on May 7, 2019, prompting a request for immediate updates to the CCADB and an incident report regarding the overdue statements. After updating the audit statements on June 5, 2019, Camerfirma faced delays in providing the required incident report, which raised concerns about their oversight of subCAs. The incident report was eventually submitted, detailing the steps taken to prevent future occurrences, including the implementation of a new internal tool for audit management.
Chronology
- Issue reported regarding outdated audit statements.
- Camerfirma updated the audit statements in CCADB.
- Awaiting incident report regarding the delay.
- Incident report submitted detailing corrective actions.
- All questions answered and remediation complete.
Participants
Kathleen Wilson
Eusebio Herrera
Ryan Sleevi
Martin Ja
W. Thayer
External References
Similar Local Cases
Camerfirma: Govern d'Andorra audits
Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA
GoDaddy: inconsistent disclosure of externally-operated intermediate
Entrust: Non-BR-Compliant Certificate Issuance
QuoVadis: Non-BR-Compliant Certificate Issuance
SwissSign: BRs require full annual audits
Izenpe: Non-BR-Compliant Certificate Issuance
Actalis: Non-BR-Compliant Certificate Issuance