← Start Commercial (StartCom) Ltd. cases
Bugzilla #1269183 Policy Compliance

StartCom: Certificates using secp256k1

RESOLVED Start Commercial (StartCom) Ltd.
AI Summary

This case addresses the use of secp256k1 certificates by StartCom, which are not compliant with the allowed curves under the Baseline Requirements. The issue was raised by Kurt Roeckx, highlighting non-compliance with the established standards. StartCom acknowledged the issue and committed to replacing and revoking non-compliant certificates. The case was ultimately resolved with a WONTFIX status, indicating that no further action was taken at that time.

Model: gpt-4o-mini Generated: 2026-06-13 14:03 UTC Confidence: 0.90
Chronology
  1. Initial report of secp256k1 certificate usage
  2. StartCom's response regarding compliance and future actions
  3. Case resolution noted by Mozilla representative
Participants
Kurt Roeckx Eddy Nigg (StartCom) Gervase Markham
External References
Original Bugzilla Case crt.sh
Related Bugzilla IDs Mentioned
#1029147
Similar Local Cases
#1037907 RESOLVED Policy Compliance Opened 2014-07-12 · Closed 2022-11-14 · 56% similar
GoDaddy: Valid 1024 certificates
AI Summary CA Owner
#1374381 RESOLVED Policy Compliance Opened 2017-06-19 · Closed 2023-02-22 · 48% similar
SwissSign: BRs require full annual audits
AI Summary CA Owner
#1315018 RESOLVED Policy Compliance Opened 2016-11-03 · Closed 2022-11-14 · 48% similar
SHA-1 issuance by GlobalSign root
AI Summary CA Owner
#1230797 RESOLVED Policy Compliance Opened 2015-12-06 · Closed 2022-11-14 · 48% similar
Distrust ISRG Subordinate Certificate and Remove It Until the CA is Compliant with Mozilla Policies
AI Summary CA Owner
#1713978 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 41% similar
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner
#1015767 RESOLVED Technical Compliance Opened 2014-05-25 · Closed 2022-11-14 · 41% similar
startcom: still issuing < 2048 bit certificates
AI Summary CA Owner
#1596931 RESOLVED Policy Compliance Opened 2019-11-15 · Closed 2024-06-30 · 40% similar
DigiCert: Verizon CPS lacks CPR problem reporting instructions
AI Summary CA Owner
#1713976 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 39% similar
Amazon Trust Services: CP/CPS does not specify key compromise methods
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action