← D-TRUST cases
Bugzilla #1599561
Certificate Problem Report
D-TRUST: EV certificates with incorrectly used businessCategory entry
RESOLVED
FIXED
D-TRUST
AI Summary
D-TRUST identified an issue with EV certificates that were issued with an incorrectly used 'businessCategory' entry, specifically the 'Non-Commercial Entity' classification. The problem was reported by a third party on November 25, 2019, leading to an investigation and the suspension of affected user accounts. A total of four certificates were found to be impacted, with the first issued on March 1, 2018, and the last on July 23, 2019. D-TRUST has since revoked the affected certificates and revised their internal validation guidelines to prevent future occurrences.
Chronology
- Initial report received from third party
- Investigation started and user accounts suspended
- Affected certificates revoked
Participants
Enrico Entschew
Ryan Sleevi
External References
Similar Local Cases
D-TRUST: incorrectly formatted businessCategory entry
D-TRUST: Wrong key usage (Key Encipherment)
D-TRUST: Non-BR-Compliant Certificate Issuance
D-TRUST: Precertificate OU > 64 Characters
D-TRUST: Certificate with RSA key where modulus is not divisible by 8
D-Trust: Issuance of an EV certificate containing a mixup of the Subject's postalCode and localityName
D-Trust: "unknown" OCSP response for issued certificates
D-TRUST: Private Key Disclosed by Customer as Part of CSR