← AC Camerfirma, S.A. cases
Bugzilla #1672423
Certificate Problem Report
Camerfirma: certificate for unregistered domain cuatis.net
RESOLVED
FIXED
AC Camerfirma, S.A.
AI Summary
Camerfirma issued a certificate for the unregistered domain cuatis.net, which was later revoked within hours. The incident was reported by Andrew Ayer, leading to an investigation by Camerfirma. The CA acknowledged that the error stemmed from a typo during the domain name submission process and implemented new controls to prevent similar issues in the future. Despite the swift revocation, concerns were raised regarding the adequacy of their validation processes and the potential for similar errors to occur again.
Chronology
- Camerfirma issued a certificate for mail.cuatis.net.
- The certificate was revoked shortly after issuance.
- Bug 1672423 was opened by Andrew Ayer.
- Camerfirma began investigating the incident.
- Camerfirma updated training for RA operators.
- Discussion on closing the bug began.
Participants
Andrew Ayer
Ana Lopes
Ryan Sleevi
Eusebio Herrera
External References
Similar Local Cases
Camerfirma: suspicious certificate for com.com
Camerfirma: Failure to revoke within 7 days: OCSP EKU issue
Camerfirma: Invalid stateOrProvinceName field
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate
Camerfirma: Incorrect OCSP Delegated Responder Certificate
Camerfirma: Unrevocation of MULTICERT SSL Certification Authority 001 certificate
Camerfirma: Invalid authorityKeyIdentifier - recurrent incident
Camerfirma: Certificates without CABForum OV Reserved Policy Identifier