← Deutsche Telekom Security GmbH cases
Bugzilla #1705791
Certificate Problem Report
Telekom Security: Multiple commonName in certificates
RESOLVED
FIXED
Deutsche Telekom Security GmbH
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update.
Always refer to the official Bugzilla thread as the authoritative source.
If you spot an inaccuracy, let me know via the contact form.
AI Summary
This case involves Deutsche Telekom Security GmbH, which was reported for issuing certificates containing multiple 'commonName' fields, a practice deemed non-compliant with Mozilla's policies. The issue was identified on April 16, 2021, and the CA acknowledged the problem, stating that they had misunderstood the requirements regarding the use of multiple CNs. Following discussions, they implemented changes to their issuance system to prevent future occurrences and revoked the affected certificates. The incident was resolved by April 24, 2021, with no remaining action items.
Chronology
- Bug report created regarding multiple commonName fields.
- Deutsche Telekom Security acknowledges the issue and begins investigation.
- System changes implemented to prevent issuance of certificates with multiple CNs.
- All affected certificates revoked.
Participants
Michel Le Bihan
Arnold Essing
Ryan Sleevi
Jürgen Brauckmann
External References
Similar Local Cases
Telekom Security / DFN: CRL of “DFN-Verein Certification Authority 2“ contains empty revoked certificate list
Telekom Security: Root-CA certificates published in PEM encoded format
Deutsche telekom: no localityName or stateOrProvinceName
Microsoft PKI Services: Underscore in SAN
DigiCert: Invalid localityName
CFCA: Wrong SerialNumber encoding
KIR S.A.: Invalid organizationName
CFCA: O > 64 characters