← AC Camerfirma, S.A. cases
Bugzilla #1672029
Policy Compliance
Camerfirma: Failure to abide by Section 8 of Mozilla Policy: Unauthorized, improperly disclosed Subordinate CA
RESOLVED
FIXED
AC Camerfirma, S.A.
AI Summary
Camerfirma was found to have violated Section 8 of the Mozilla Policy by improperly disclosing a subordinate CA that was not approved through the required public discussion. This incident raised concerns about Camerfirma's compliance with Mozilla's expectations regarding the issuance of subordinate CAs, particularly in relation to their association with Multicert. Despite Camerfirma's claims of following procedures, the situation highlighted significant misunderstandings and miscommunications regarding the control and operation of the CA certificates. Ultimately, Camerfirma decided to revoke the problematic subordinate CA to address the compliance issues.
Chronology
- MULTICERT SSL Certification Authority 005 revoked
Participants
Ryan Sleevi
Ana Lopes
Eusebio Herrera
Ben Wilson
External References
Similar Local Cases
Camerfirma: CP/CPS of Intesa Sanpaolo Sub-CA is Non-Compliant
Camerfirma: Govern d'Andorra audits
Camerfirma: No disclosure of verification sources
Camerfirma: Incorrect disclosure of Intesa Sanpaolo sub-CA
Camerfirma: SMIME Improvement Plan
Camerfirma: Outdated audit statements for intermediate certs
Camerfirma: Decision not to revoke certificates with authorityKeyIdentifier that violates Mozilla Policy
NetLock: Replacement of enduser certificates after the EVGL 1.7.4 self-audit