← Visa cases
Bugzilla #1391087 Certificate Problem Report

Visa: Non-BR-Compliant Certificate Issuance

RESOLVED FIXED Visa
AI Summary

Visa faced issues with the issuance of non-Baseline Requirements (BR) compliant certificates, particularly concerning invalid dnsNames and missing serverAuth key purposes. The problems were reported in the Mozilla security policy forum, prompting Visa to confirm that they ceased issuing such certificates and began remediation efforts. They provided a timeline for revocation and replacement of the problematic certificates, with commitments to improve their compliance processes. Visa acknowledged the need for better internal handling of problem reports and has since updated their procedures to ensure timely responses.

Model: gpt-4o-mini Generated: 2026-06-13 17:06 UTC Confidence: 0.90
Chronology
  1. Problems reported in Mozilla security policy forum.
  2. First problematic certificate revoked.
  3. Second problematic certificate scheduled for revocation.
Participants
Kathleen Wilson Marcelo B. Silva Jonathan Rudenberg Ryan Sleevi Jason Crawford Gervase Markham
External References
Original Bugzilla Case
Similar Local Cases
#1390977 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 71% similar
Camerfirma: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1390988 RESOLVED Certificate Problem Report Opened 2017-08-16 · Closed 2023-02-22 · 69% similar
Consorci AOC: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1398247 RESOLVED Certificate Problem Report Opened 2017-09-08 · Closed 2023-02-22 · 65% similar
DocuSign/Keynectis: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1393557 RESOLVED Certificate Problem Report Opened 2017-08-24 · Closed 2023-02-22 · 65% similar
GlobalSign: Non-BR-Compliant Certificate Issuance -- RSA key smaller than 2048 bits
AI Summary CA Owner
#1034834 RESOLVED Certificate Problem Report Opened 2014-07-05 · Closed 2022-11-14 · 65% similar
Visa: Issuing 1024 bit certificates
AI Summary CA Owner
#1368171 RESOLVED Certificate Problem Report Opened 2017-05-26 · Closed 2024-06-30 · 62% similar
Firmaprofesional: Non-audited, non-technically-constrained intermediate certificates
AI Summary CA Owner
#1330482 RESOLVED Certificate Problem Report Opened 2017-01-12 · Closed 2023-02-22 · 61% similar
GoDaddy: New GoDaddy incorrect issuance bug appears to be regression of 2010 issue
AI Summary CA Owner
#1398259 RESOLVED Certificate Problem Report Opened 2017-09-08 · Closed 2023-02-22 · 60% similar
SECOM: Non-BR-Compliant OCSP Responders
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action