← AC Camerfirma, S.A. cases
Bugzilla #1609828
Policy Compliance
Camerfirma: Decision not to revoke certificates with authorityKeyIdentifier that violates Mozilla Policy
RESOLVED
FIXED
AC Camerfirma, S.A.
AI Summary
Camerfirma issued SSL and S/MIME certificates that contained an authorityKeyIdentifier violating Mozilla policy prior to updates made in 2019. Although these certificates were not revoked, Camerfirma has developed a comprehensive revocation plan to address future compliance with CA/B Forum and Root Programs policies. The plan includes steps for identifying affected certificates, notifying clients, and executing revocations. All questions regarding the situation have been addressed, and remediation efforts are considered complete.
Chronology
- Initial determination of policy violation and documentation of non-revocation.
- Camerfirma presents a detailed revocation plan.
- Confirmation that all questions have been answered and remediation is complete.
Participants
Wayne Thayer
Juan Angel Martin
Ana Lopes
External References
Similar Local Cases
Camerfirma: Govern d'Andorra audits
Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA
Camerfirma: SMIME Improvement Plan
Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant
Camerfirma: Incorrect disclosure of Intesa Sanpaolo sub-CA
Camerfirma: No disclosure of verification sources
Sectigo: Failure to revoke certificate with previously-compromised key within 24 hours
PKIoverheid: Compliance issues CIBG TLS certificates