← DarkMatter LLC cases
Bugzilla #1624504
Certificate Problem Report
QuoVadis: Failure to revoke certificates with compromised private keys
RESOLVED
FIXED
DarkMatter LLC
AI Summary
QuoVadis faced a significant incident involving the failure to revoke certificates that were issued with compromised private keys. The issue was first reported on March 20, 2020, leading to a series of actions including the revocation of affected certificates within 24 hours. Challenges included the inability to search by SPKI in their systems, which delayed the identification of all compromised certificates. Improvements have since been implemented, including enhanced searching capabilities and the establishment of a central blocklist for compromised keys. The case was resolved with the confirmation that necessary measures were taken to prevent future occurrences.
Chronology
- Initial report of compromised keys received.
- Affected certificates were revoked.
- SPKI searching capability implemented.
- Integration with DigiCert's central blocklist completed.
Participants
Stephen Davidson
Ryan Sleevi
Jeremy Rowley
External References
Similar Local Cases
QuoVadis: use of Organisationidentifier field in EV (Pre CABF Ballot SC17)
QuoVadis: EV serialNumber with "none"
QuoVadis: failure to reply to CPR in a timely manner
QuoVadis: Incorrect EV jurisdiction of incorporation information
QuoVadis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy or the BRs
QuoVadis: Incorrect keyUsage for ECC certificate
QuoVadis: N/A in EV serialNumber field
QuoVadis: Incorrect OCSP Delegated Responder Certificate