← e-tugra cases
Bugzilla #1582601
Certificate Misissuance
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit
RESOLVED
FIXED
e-tugra
AI Summary
E-Tugra issued a certificate with an invalid country name exceeding the length limit defined in RFC 5280. The issue was identified through Bugzilla, and E-Tugra acknowledged the problem, stating that they had rebuilt their compliance controls in January 2019. Following the discovery, E-Tugra revoked the problematic certificates and implemented new procedures to prevent future occurrences. The case is now resolved, with no further certificates issued that violate the RFC.
Chronology
- Main problem reported in Bugzilla regarding incompatible certificates.
- E-Tugra completed the rebuilding of RFC 5280 compliance controls.
- Certificate reported as incompatible with RFC 5280.
- E-Tugra provided a detailed incident report.
- All questions answered and remediation confirmed complete.
Participants
Ryan Sleevi
Davut Tokgöz
Wayne Thayer
External References
Similar Local Cases
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString
SECOM: Failure to disclose Unconstrained Intermediate within 7 Days
Kamu SM: "Some-State" in stateOrProvinceName
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString
Entrust: Certificate issued with validity greater than 825-days
NetLock: CN not in SAN
certSIGN: "Some-State" in stateOrProvinceName
SwissSign: Invalid DNSName in SAN