← IdenTrust Services, LLC cases
Bugzilla #1653680
Certificate Problem Report
IdenTrust: OCSP Responder missing id-pkix-ocsp-nocheck
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust identified a missing 'id-pkix-ocsp-nocheck' extension in its delegated OCSP signing certificate on July 14, 2020, following a report received via their problem reporting mechanism. The issue was promptly resolved the same day by reverting to a compliant certificate. An incident report was initially expected by July 24, but was delayed, with a final report detailing the incident and corrective actions provided later. IdenTrust has since modified its processes to include additional reviews to prevent similar issues in the future.
Chronology
- Received report of missing OCSP extension
- Resolved issue by reverting to compliant certificate
- Delayed completion of incident report
- Submitted incident report detailing the issue
Participants
IdenTrust
Ryan Sleevi
B. Wilson
External References
Similar Local Cases
IdenTrust: OCSP Signer Certificate Missing No-Check Extension
IdenTrust: Incorrect Subject Details for HydrantId
IdenTrust: EV TLS certificate with wrong jurisdiction state for private organization
IdenTrust: Service Degradation
IdenTrust: duplicate Certificate in error flagged by OCSP Watch
IdenTrust: Missing Revocation Reasons in CRL
IdenTrust: Temporarily Expired CRLs
IdenTrust: Failure to provide OCSP responses for valid ICA certificates