← Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) cases
Bugzilla #1596949 Policy Compliance

FNMT: CP/CPS lack CAA processing details

RESOLVED FIXED Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
AI Summary

The Government of Spain's CA, FNMT, was found to have deficiencies in its Certificate Policy (CP) and Certification Practice Statement (CPS) regarding CAA record processing. Specifically, the documents did not specify the Issuer Domain Names recognized in CAA 'issue' records, which is a requirement under BR 2.2. Following an internal audit, FNMT acknowledged this oversight and committed to updating their CPS to include the necessary details. The issue was resolved with the publication of the updated CPS documents.

Model: gpt-4o-mini Generated: 2026-06-13 20:17 UTC Confidence: 0.90
Chronology
  1. Initial report of missing CAA processing details in CP/CPS.
  2. FNMT provided links to the updated CPS documents addressing the issue.
  3. Bug resolved after FNMT's incident report and updates.
Participants
Andrew Ayer Alain Ryan Sleevi Wayne Thayer
External References
Original Bugzilla Case www.sede.fnmt.gob.es www.sede.fnmt.gob.es wiki.mozilla.org
Similar Local Cases
#1596923 RESOLVED Policy Compliance Opened 2019-11-15 · Closed 2024-06-30 · 65% similar
PKIoverheid: KPN CPS lacks CPR problem reporting instructions
AI Summary CA Owner
#1713976 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 62% similar
Amazon Trust Services: CP/CPS does not specify key compromise methods
AI Summary CA Owner
#1705904 RESOLVED Policy Compliance Opened 2021-04-17 · Closed 2023-02-22 · 60% similar
KIR S.A.: CP/CPS contains noncompliant DV method, does not specify CAA domains
AI Summary CA Owner
#1545208 RESOLVED Policy Compliance Opened 2019-04-17 · Closed 2023-02-22 · 60% similar
Sectigo: Missing Changelog in CPS
AI Summary CA Owner
#1713978 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 60% similar
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner
#1705480 RESOLVED Policy Compliance Opened 2021-04-15 · Closed 2023-02-22 · 58% similar
SECOM: CP/CPS does not clearly specify domain validation methods
AI Summary CA Owner
#1688215 RESOLVED Policy Compliance Opened 2021-01-22 · Closed 2023-02-22 · 56% similar
Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant
AI Summary CA Owner
#1567061 RESOLVED Policy Compliance Opened 2019-07-18 · Closed 2023-02-22 · 56% similar
GoDaddy: inconsistent disclosure of externally-operated intermediate
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action