← Entrust cases
Bugzilla #1658794
Delayed Revocation
Entrust: Late Revocation for Invalid State/Province Issue
RESOLVED
FIXED
Entrust
AI Summary
Entrust faced a late revocation issue involving 395 certificates due to a customer's inability to replace them within the required 5-day timeframe. The organization cited strict change management processes and the potential severe impact on their infrastructure as reasons for the delay. Entrust allowed additional time for the customer to manage the revocation, ultimately revoking all affected certificates by the agreed deadline of September 5, 2020. The case highlights the challenges of balancing compliance with operational realities in certificate management.
Chronology
- Entrust discovers customer cannot revoke 395 certificates before deadline.
- Initial revocation deadline passes; 384 certificates remain unrevoked.
- All certificates related to the incident are revoked.
Participants
Dathan Demone
External References
Similar Local Cases
Entrust: Delayed revocation of clientAuth TLS Certificates without serverAuth EKU
Entrust: Delayed revocation of EV TLS certificates with missing cPSuri
Entrust: Late Revocation due to SHA-256 hash algorithm
Entrust: Delayed revocation of certificates affected by Jurisdiction issue in some EV TLS & Code Signing certificates
Entrust: Delayed Revocation for EV TLS Certificate incorrect jurisdiction
CFCA: Delayed revocation of TLS certificates(basicConstraints extension not marked as critical)
Camerfirma: Delayed revocations related to Invalid stateOrProvinceName field
DigiCert: Delay of revocation for EV audit inconsistency incident