← Sectigo cases
Bugzilla #1718771 Certificate Problem Report

Sectigo: DCV Reuse after 825 days

RESOLVED FIXED Sectigo
AI Summary

Sectigo identified issues related to Domain Control Validation (DCV) reuse beyond the maximum period of 825 days, leading to the revocation of over 96,000 certificates. The investigation revealed complexities in tracking DCV methods due to multiple factors, including the nature of certificate requests from resellers and hosting providers. Sectigo undertook a comprehensive review of its DCV processes, resulting in the implementation of an audit script to identify affected certificates. The case highlights the challenges of ensuring compliance with best practices in certificate issuance and domain control.

Model: gpt-4o-mini Generated: 2026-06-13 20:57 UTC Confidence: 0.95
Chronology
  1. Initial awareness of DCV reuse issues announced.
  2. Revocation of 96,002 certificates with DCV reuse beyond 825 days.
  3. Completion of DCV misissuance research with no additional revocations pending.
Participants
Rob Stradling Tim Callan Ryan Sleevi Matthias
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1714193 RESOLVED Certificate Problem Report Opened 2021-06-02 · Closed 2023-02-22 · 73% similar
Sectigo: Incorrect locality information
AI Summary CA Owner
#1650845 RESOLVED Certificate Problem Report Opened 2020-07-06 · Closed 2024-06-30 · 72% similar
Sectigo: CPR response issues
AI Summary CA Owner
#1563579 RESOLVED Certificate Problem Report Opened 2019-07-04 · Closed 2023-02-22 · 72% similar
Sectigo: Failure to provide timely incident reports
AI Summary CA Owner
#1741777 RESOLVED Certificate Problem Report Opened 2021-11-18 · Closed 2023-02-22 · 71% similar
Sectigo: OCSP responses directly signed using root certificates without KU=digitalSignature
AI Summary CA Owner
#1645686 RESOLVED Certificate Problem Report Opened 2020-06-14 · Closed 2023-02-22 · 70% similar
Sectigo: Lack of input validation in stateOrProvinceName
AI Summary CA Owner
#1715024 RESOLVED Certificate Problem Report Opened 2021-06-07 · Closed 2023-02-22 · 67% similar
Sectigo: Misspellings in stateOrProvince or localityName fields
AI Summary CA Owner
#1740493 RESOLVED Certificate Problem Report Opened 2021-11-10 · Closed 2023-02-22 · 67% similar
Sectigo: Failure to block disallowed LDH labels in domain names
AI Summary CA Owner
#1694233 RESOLVED Certificate Problem Report Opened 2021-02-22 · Closed 2023-02-22 · 66% similar
Sectigo: Inadequate DCV
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action