← D-TRUST cases
Bugzilla #1691117
Certificate Problem Report
D-TRUST: Certificate with RSA key where modulus is not divisible by 8
RESOLVED
FIXED
D-TRUST
AI Summary
D-TRUST reported an incident involving a certificate issued with an RSA key whose modulus was not divisible by 8, violating Mozilla Root Store Policy and CA/Browser Forum Baseline Requirements. The issue was identified through a third-party report, leading to an immediate investigation and subsequent revocation of the affected certificate. D-TRUST has implemented measures to prevent future occurrences, including pre-issuance checks and updates to their specification documents. The affected certificate was issued on February 14, 2019, and was the only one identified with this problem.
Chronology
- Initial report received
- Investigation started
- Preliminary internal feedback received
- Subscriber informed about the incident
- Affected certificate revoked
- Final incident report published
Participants
Enrico Entschew
Matthias
B. Wilson
External References
Similar Local Cases
D-TRUST: Wrong key usage (Key Encipherment)
D-Trust: Notice to affected Subscriber and person filing CPR not sent within 24 hours
D-Trust: Missed Revocation of TLS certificates affected by Bugzilla 1884714
D-Trust: CRL-Entries without required CRL Reason Code
D-TRUST: incorrectly formatted businessCategory entry
D-TRUST: EV certificates with incorrectly used businessCategory entry
D-Trust: Expired certificate provided on the CA TLS test website for demonstration of valid certificates
D-TRUST: Wrong key usage (Key Agreement)