← Actalis cases
Bugzilla #1670861
Delayed Revocation
Actalis: delayed revocation related to inaccurate value in stateOrProvinceName
RESOLVED
FIXED
Actalis
AI Summary
Actalis experienced a delay in revoking one certificate due to an inaccurate value in the stateOrProvinceName field. This delay was not in compliance with the Baseline Requirements, as the CA granted the customer additional time to replace the certificate. The issue arose from practical difficulties faced by the customer and the absence of significant security risks associated with the inaccurate value. Actalis has since implemented measures to improve automation in certificate issuance and has updated its Certificate Policy Statement to discourage practices that lead to revocation delays.
Chronology
- Bug reported regarding delayed revocation.
- Inquiry about the current Certificate Policy Statement.
- Update provided on automation progress and customer adoption of ACME.
- Notice of impending closure of the bug unless further issues arise.
Participants
Adriano Santoni
Ben Wilson
Ryan Sleevi
External References
Similar Local Cases
Actalis: Delayed revocation of non-BR-compliant CA Certificate within 7 days
Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident
SECOM: Delayed Revocation of CA Certificate with OCSP EKU Issue
SECOM: Delayed Revocation of non-technically constrained FUJIFILM Certificates
PKIoverheid: Failure to revoke within 7 days: OCSP EKU issue
DigiCert: Delay of revocation for EV audit inconsistency incident
Entrust: Late Revocation due to SHA-256 hash algorithm
Buypass: Delayed revocation of TLS certificates