← Telia Company cases
Bugzilla #1674536
Certificate Problem Report
Telia: Certificates with RSA keys where modulus is not divisible by 8
RESOLVED
FIXED
Telia Company
AI Summary
Telia Company identified an issue where certificates with RSA keys had a modulus not divisible by 8, leading to the issuance of two invalid certificates. The problem was detected through a nightly zlint script on October 19, 2020, and the production team initiated a response the following day. Both certificates were revoked, and steps were taken to prevent future occurrences, including software fixes and improved monitoring. The case was resolved with a commitment to enhance quality checks and reporting processes.
Chronology
- First problematic certificate created; zlint script reported issue.
- Production team initiated response; second problematic certificate created.
- Both invalid certificates revoked.
- All applications updated to handle divisible-by-8 requirement.
Participants
pekka.lahtiharju@teliasonera.com
george@fozzie.dev
bwilson@mozilla.com
External References
Similar Local Cases
Telia: Invalid email contact address was used for few domains
Telia: Delayed revocation of 5 EE certificates in connection to id=1736020
Telia: Issued three precertificates with non-NIST EC curve
Telia: AIA CA Issuer field pointing to PEM encoded cert
Telia: Two Intermediate CA certificates not listed in audit report
Microsec: Expired Certificates on test Pages for Revocation
Telia: Disallowed curve (P-521) in leaf certificate
Telia: TLS OV certificate with subject countryName and localityName mismatch