← GlobalSign nv-sa cases
Bugzilla #1650018 Technical Compliance

GlobalSign: Cross Certificate with non-conforming CABF Policy OIDs

RESOLVED FIXED GlobalSign nv-sa
AI Summary

GlobalSign identified issues with a cross certificate issued to Google that does not comply with the Baseline Requirements (BR) regarding Certificate Policy Object Identifiers. The certificate, issued on June 17, 2020, presents conflicts between including both Domain Validation (DV) and Organization Validation (OV) identifiers in the Subject field. GlobalSign raised this issue transparently, noting that the current BR language may not adequately address the requirements for Subordinate CA certificates. The matter has been resolved with acknowledgment of the need for clarifications in the BRs.

Model: gpt-4o-mini Generated: 2026-06-13 21:23 UTC Confidence: 0.90
Chronology
  1. GlobalSign reports the issue with the cross certificate.
  2. Discussion on the interpretation of BR section 7.1.6.1.
  3. Intention to close the matter unless further issues arise.
Participants
Arvid Vermote Brett Wilson
External References
Original Bugzilla Case github.com github.com
Similar Local Cases
#1662810 RESOLVED Technical Compliance Opened 2020-09-02 · Closed 2023-02-22 · 50% similar
GoDaddy: DV certificates with organizationalUnit field in subject
AI Summary CA Owner
#1793441 RESOLVED Technical Compliance Opened 2022-10-03 · Closed 2023-02-22 · 48% similar
GlobalSign: CRL contains invalid signature algorithm
AI Summary CA Owner
#1873739 RESOLVED Technical Compliance Opened 2024-01-09 · Closed 2024-02-09 · 40% similar
Google Trust Services: uses "DNSSec-mostly" and DTPs for DNS resolution
AI Summary CA Owner
#1398261 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 40% similar
Visa: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1428891 RESOLVED Technical Compliance Opened 2018-01-08 · Closed 2023-02-22 · 40% similar
Entrust: Non-BR-Compliant OCSP Responder
AI Summary CA Owner
#1398246 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 40% similar
Consorci AOC: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1732745 RESOLVED Technical Compliance Opened 2021-09-27 · Closed 2023-02-22 · 40% similar
Certainly: Root CRL validity period exceeds maximum by one second
AI Summary CA Owner
#1973034 RESOLVED Technical Compliance Opened 2025-06-19 · Closed 2025-07-02 · 39% similar
Certigna: Finding #3 ETSI Audit – Event log protection beyond seven years shall be improved
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action