← Buypass cases
Bugzilla #1595113 Certificate Problem Report

Buypass: Intermediate certificates not listed in audit reports

RESOLVED FIXED Buypass
AI Summary

Buypass reported an incident involving eight intermediate certificates that were not included in their audit reports. The issue was first identified through a discussion on mozilla.dev.security.policy. Following investigations, Buypass decided to revoke six of the certificates, while two remained under further investigation due to their extensive use. The situation highlighted a misunderstanding of the relationship between intermediate certificates and their associated issuing CAs regarding audit requirements.

Model: gpt-4o-mini Generated: 2026-06-13 20:17 UTC Confidence: 0.90
Chronology
  1. Issue identified in discussion on mozilla.dev.security.policy
  2. Revocation of six intermediate certificates initiated
  3. Revocation date set for the last two intermediate certificates
Participants
Mads Henriksveen Wayne Thayer Ryan Sleevi
External References
Original Bugzilla Case
Similar Local Cases
#1626078 RESOLVED Certificate Problem Report Opened 2020-03-30 · Closed 2023-02-22 · 75% similar
Buypass: Missing NCA identifier in cabfOrganizationIdentifier in PSD2 QWACs
AI Summary CA Owner
#1539307 RESOLVED Certificate Problem Report Opened 2019-03-27 · Closed 2023-02-22 · 70% similar
Buypass: Insufficient Serial Number Entropy
AI Summary CA Owner
#1598319 RESOLVED Certificate Problem Report Opened 2019-11-21 · Closed 2023-02-22 · 69% similar
Buypass: intermediate certificates not revoked within BR time period
AI Summary CA Owner
#1654216 RESOLVED Certificate Problem Report Opened 2020-07-21 · Closed 2023-02-22 · 67% similar
Buypass: PSD2 QWAC with RSA modulus not divisible by 8
AI Summary CA Owner
#1632632 RESOLVED Certificate Problem Report Opened 2020-04-23 · Closed 2023-02-22 · 66% similar
Buypass: Illegal Business Category in a PSD2 QWAC
AI Summary CA Owner
#1628292 RESOLVED Certificate Problem Report Opened 2020-04-08 · Closed 2023-02-22 · 66% similar
Buypass: Failure to revoke PSD2 QWACs within mandated 5 days
AI Summary CA Owner
#1598277 RESOLVED Certificate Problem Report Opened 2019-11-21 · Closed 2024-06-30 · 63% similar
Asseco DS / Certum: Intermediate CA certificates not listed in audit report
AI Summary CA Owner
#1839305 RESOLVED Certificate Problem Report Opened 2023-06-20 · Closed 2024-06-30 · 58% similar
Buypass: Domain validation method using externally operated DNS tools
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action