← Apple Inc. cases
Bugzilla #1659316
Certificate Problem Report
Apple: EV Certificate Approver Authorization
RESOLVED
FIXED
Apple Inc.
AI Summary
Apple Inc. identified an issue where EV Certificates were approved by Certificate Approvers lacking proper authorization. This was discovered during a self-audit on August 13, 2020, leading to the identification of six affected certificates. Immediate actions were taken to block further EV Certificate issuance until the issue was resolved. All impacted certificates were revoked by August 17, 2020, and a solution was implemented to ensure that Contract Signer approvals are enforced before Certificate Approver configurations. The case has been resolved with no further complications reported.
Chronology
- Issue identified during self-audit
- All impacted certificates revoked
- Solution implemented to enforce approval process
Participants
certification_authority@apple.com
ryan.sleevi@gmail.com
bwilson@mozilla.com
External References
Similar Local Cases
Apple: OCSP availability 2020-11-12
Apple: TLS certificates issued outside the TTL of the CAA record
Apple: Revocation Delay for TLS certificates issued outside the TTL of the CAA record
Apple: Public Key Reuse
Apple: Test website certificates expired
Apple: CRLs for dormant CAs will not be populated in CCADB
Apple: OCSP responders return responses with incorrect issuer
iTrusChina: verification errors for the roots' CRLs(ARL)