← SSL.com cases
Bugzilla #1752636
Delayed Revocation
SSL.com: Delayed revocation of 53 certificates affected by bug #1750631
RESOLVED
FIXED
SSL.com
AI Summary
SSL.com experienced a delayed revocation of 53 certificates due to a failure in their bulk revocation script. The issue was identified during an internal audit related to Bug #1750631, which revealed that these certificates were not revoked within the required timeline. SSL.com took immediate action to revoke the certificates upon discovery, but the revocation did not meet the applicable timeline requirements. The CA has since implemented an independent verification step in their bulk revocation process to prevent future occurrences.
Chronology
- Potential security event detected regarding issuance of 4 TLS certificates.
- Revocation of 2 affected active certificates.
- Follow-up check reveals 53 active certificates were not revoked.
- All affected active certificates confirmed as revoked.
- Final Bugzilla report filed.
Participants
secauditor@ssl.com
External References
Similar Local Cases
Asseco DS / Certum: Delayed revocation of SSL.COM cross certificate
Asseco DS / Certum: Delayed revocation of S/MIME certificates issued with mailbox validation older than 30 days
Firmaprofesional: Delayed revocation of TLS certificates affected by bug #2009941
Asseco DS / Certum: Delayed revocation of SHECA cross certificate
D-Trust: Delay beyond 5 days in revoking misissued certificate
Entrust: Late Revocation due to SHA-256 hash algorithm
NetLock: Delayed revocation report connected to ticket 1680378
DigiCert: Delayed revocation of IV certificates