← SwissSign AG cases
Bugzilla #1691704
Certificate Misissuance
SwissSign: Certificate with key length 4098 bit
RESOLVED
FIXED
SwissSign AG
AI Summary
SwissSign AG reported a certificate misissuance involving a key length of 4098 bits, which violated Mozilla's root store policy effective July 1, 2018. The issue was identified after a third-party notification on August 5, 2019. Following the acknowledgment of the misissuance, the affected certificates were revoked on February 12, 2021. SwissSign has since implemented technical controls to prevent similar issues from occurring in the future.
Chronology
- Third-party informed SwissSign of the misissued certificate.
- Certificates were revoked.
Participants
Mike Guenther
Julien Cristau
Ben Wilson
External References
Similar Local Cases
SwissSign: Certificate with key length 16258
SwissSign: Misissuance with mispellings in Location for a number of Certificates
SwissSign: Mis-Issuance of S/MIME certificates
SwissSign: S/MIME LCP: CN with values other than email address
SwissSign: LDAP URL still in CRL distribution point (CDP)
SwissSign: S/MIME certificates deviate from CPR
SwissSign: Invalid DNSName in SAN
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier