← certSIGN cases
Bugzilla #1718675 Policy Compliance

certSIGN: CPS specifies md5 and sha1WithRSAEncryption as useable signature types

RESOLVED FIXED certSIGN
AI Summary

The certSIGN Certification Practice Statement (CPS) originally included md5 and sha1WithRSAEncryption as acceptable signature algorithms. This raised concerns due to the known weaknesses of these algorithms. Following a report, certSIGN confirmed that no certificates had been issued using these algorithms and took immediate steps to update the CPS. The problematic algorithms were removed in the updated CPS version 1.33, which was published on July 8, 2021.

Model: gpt-4o-mini Generated: 2026-06-13 21:25 UTC Confidence: 1.00
Chronology
  1. Issue reported regarding the inclusion of md5 and sha1 in CPS
  2. certSIGN conducted analysis and drafted a response
  3. Approvals obtained for the updated CPS
  4. Updated CPS version 1.33 published
Participants
Matthias Gabriel PETCU bwilson@mozilla.com
External References
Original Bugzilla Case www.certsign.ro
Similar Local Cases
#1709223 RESOLVED Policy Compliance Opened 2021-05-03 · Closed 2023-02-22 · 47% similar
Google Trust Services: Signing SHA-1 Hash for existing CA certificate with changes in Key Usage
AI Summary CA Owner
#1650234 RESOLVED Policy Compliance Opened 2020-07-02 · Closed 2023-02-22 · 47% similar
PKIoverheid / QuoVadis: CPS inconsistencies
AI Summary CA Owner
#1817023 RESOLVED Policy Compliance Opened 2023-02-15 · Closed 2024-05-09 · 47% similar
Microsoft PKI Services: Failure to modify policy documents within 365 days
AI Summary CA Owner
#1390979 RESOLVED Policy Compliance Opened 2017-08-16 · Closed 2023-02-22 · 47% similar
certSIGN: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1918427 RESOLVED Policy Compliance Opened 2024-09-12 · Closed 2024-10-11 · 46% similar
D-Trust: Non-compliance of issued root and intermediate S/MIME certificates
AI Summary CA Owner
#1649502 RESOLVED Policy Compliance Opened 2020-06-30 · Closed 2023-02-22 · 46% similar
Firmaprofesional: 2020 Audit Report Finding 1 out of 4
AI Summary CA Owner
#1850807 RESOLVED Policy Compliance Opened 2023-08-30 · Closed 2023-09-29 · 45% similar
IdenTrust: basicConstraints not flagged "Critical" Per Certification Practices Statement
AI Summary CA Owner
#1952639 RESOLVED Policy Compliance Opened 2025-03-08 · Closed 2025-05-25 · 45% similar
TWCA: Missing or Inconsistent Disclosure of S/MIME BR Audits
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action