← Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) cases
Bugzilla #1744722
Certificate Problem Report
FNMT: Invalid localityName
RESOLVED
FIXED
Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
AI Summary
The Government of Spain's FNMT identified an issue with a certificate issued containing an invalid localityName. The problem was reported on December 6, 2021, leading to the revocation of the certificate the following day. Subsequent investigations revealed that a total of 11 certificates had been issued with incorrect locality values due to mis-validation by a specialist. The FNMT has since implemented technical controls to prevent future occurrences and has revoked all affected certificates.
Chronology
- FNMT received a certificate problem report.
- The problematic certificate was revoked.
- FNMT identified 10 additional affected certificates.
- Technical controls for locality correctness were successfully installed.
Participants
alain@fnmt.es
santiago.brox@fnmt.es
bwilson@mozilla.com
External References
Similar Local Cases
FNMT: Issuance of QCP-n certificates without verifying identity
D-TRUST: Private Key Disclosed by Customer as Part of CSR
IdenTrust: EV TLS certificate with invalid Jurisdiction state for government entity
Firmaprofesional: incorrect reserved CA/B Forum OIDs in certificates
FNMT: Delayed response to CPR sender related bug 2012326
FNMT: CRL problems displayed during the monitoring
Telia: Invalid email contact address was used for few domains
SSL.com: Issuance of 3 EV TLS certificates without 2-person validation of the organization information