← Sectigo cases
Bugzilla #1653504
Certificate Problem Report
Sectigo: Certificates with RSA keys where modulus is not divisible by 8
RESOLVED
FIXED
Sectigo
AI Summary
Sectigo identified an issue with certificates issued using RSA keys where the modulus was not divisible by 8. This problem was first reported by Jeremy from Digicert on July 17, 2020, leading to the discovery of two additional non-compliant certificates. Sectigo promptly revoked these certificates and has since implemented measures to prevent future occurrences, including a formal peer review process for incident responses. The issue was resolved, and the status is now marked as fixed.
Chronology
- Jeremy from Digicert reported certificates with non-compliant RSA key sizes.
- Sectigo identified and revoked two additional non-compliant certificates.
- Sectigo completed revocation of all identified non-compliant certificates.
Participants
Nick France
Ryan Sleevi
Rob Stradling
External References
Similar Local Cases
Sectigo: OCSP responses directly signed using root certificates without KU=digitalSignature
Sectigo: Non-revocation of certificates with subject:organizationalUnitName in DV certificates
Sectigo: CPR response issues
Sectigo: Failure to provide timely incident reports
Sectigo: DCV Reuse after 825 days
Sectigo: Mojibake in certificate Subject fields
Sectigo: invalid dnsName
Sectigo: "Some-State" in stateOrProvinceName