← Start Commercial (StartCom) Ltd. cases
Bugzilla #1386891 Certificate Misissuance

Certinomis: Cross-signing of StartCom intermediate certs, and delay in reporting it in CCADB

RESOLVED FIXED Start Commercial (StartCom) Ltd.
AI Summary

This case addresses the cross-signing of StartCom intermediate certificates by Certinomis and the significant delay in reporting this action in the Common CA Database (CCADB). Certinomis disclosed the certificates 111 days after issuance, which raised compliance concerns regarding the Baseline Requirements. The incident prompted discussions about accountability for misissued certificates and led to the decision to revoke the cross-signed intermediates. The case has been resolved with updates to the CCADB reflecting the revocation status.

Model: gpt-4o-mini Generated: 2026-06-13 17:02 UTC Confidence: 0.90
Chronology
  1. Certinomis disclosed two cross-signed ICAs for StartCom in CCADB.
  2. Revocation status updated in CCADB.
Participants
Kathleen Wilson Franck Leroy Ryan Sleevi Gervase Markham
External References
Original Bugzilla Case groups.google.com bugzilla.mozilla.org
Related Bugzilla IDs Mentioned
#1402158
Similar Local Cases
#1283498 RESOLVED Certificate Misissuance Opened 2016-06-30 · Closed 2022-11-14 · 67% similar
StartCom StartEncrypt vulnerability allowed issuance of fraudulent google.com, dropbox.com, etc certificates
AI Summary CA Owner
#1391056 RESOLVED Certificate Misissuance Opened 2017-08-16 · Closed 2023-02-22 · 64% similar
NetLock: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1369359 RESOLVED Certificate Misissuance Opened 2017-06-01 · Closed 2023-02-22 · 64% similar
StartCom: mis-issuance of certs with unvalidated domain names and bogus field values
AI Summary CA Owner
#1398428 RESOLVED Certificate Misissuance Opened 2017-09-09 · Closed 2023-02-22 · 63% similar
Amazon Trust Services: CAA Misissuances
AI Summary CA Owner
#1391055 RESOLVED Certificate Misissuance Opened 2017-08-16 · Closed 2023-02-22 · 62% similar
Microsec: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1390991 RESOLVED Certificate Misissuance Opened 2017-08-16 · Closed 2023-02-22 · 62% similar
Disig: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1315016 RESOLVED Certificate Misissuance Opened 2016-11-03 · Closed 2022-11-14 · 62% similar
SHA-1 issuance by Visa root
AI Summary CA Owner
#1369342 RESOLVED Certificate Misissuance Opened 2017-06-01 · Closed 2023-02-22 · 60% similar
StartCom: 'un-revoking' intermediate certificates
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action