← Autoridad de Certificación (ANF AC) cases
Bugzilla #1970567 Policy Compliance

ANF AC: Finding #4 ETSI Audit - Missing one Revocation circumstance on CPS

RESOLVED FIXED Autoridad de Certificación (ANF AC)
AI Summary

The ANF AC faced a compliance issue during an ETSI audit due to the omission of an explicit clause in their Certification Policies and Practices document regarding certificate revocation when cryptography no longer ensures the binding between the subject and its public key. Although the compliance team believed this was implicitly covered in other sections, external auditors required explicit mention. The issue was identified on February 14, 2025, and resolved by updating the document on February 20, 2025. No certificates were affected as this was a documentation issue.

Model: gpt-4o-mini Generated: 2026-06-13 15:22 UTC Confidence: 0.90
Chronology
  1. Publication of version 3.9 of the Certification Policies and Practices document without the explicit revocation clause.
  2. Non-compliance detected by external auditors during the annual conformity assessment audit.
  3. Publication of version 3.10 of the Certification Policies and Practices document, adding the explicit revocation clause.
Participants
Yulier Nuñez CCADB Incident Reporting
External References
Original Bugzilla Case
Similar Local Cases
#1974325 RESOLVED Policy Compliance Opened 2025-06-26 · Closed 2025-07-16 · 57% similar
ANF AC: Test Certificates Non-Compliance
AI Summary CA Owner
#1970565 RESOLVED Policy Compliance Opened 2025-06-05 · Closed 2025-07-08 · 57% similar
ANF AC: Finding #2 ETSI Audit - Information security policy not updated on the website
AI Summary CA Owner
#1969842 RESOLVED Policy Compliance Opened 2025-06-02 · Closed 2025-07-16 · 53% similar
ANF AC: Finding #1 ETSI Audit - Missing log retention period in Terms and Conditions v1.9
AI Summary CA Owner
#1970559 RESOLVED Policy Compliance Opened 2025-06-05 · Closed 2025-07-08 · 52% similar
ANF AC: Finding #3 ETSI Audit - Improve documental explanation revocation request >24h on CPS
AI Summary CA Owner
#1969839 RESOLVED Policy Compliance Opened 2025-06-02 · Closed 2025-06-04 · 49% similar
ANF: Missing log retention period in Terms and Conditions v1.9
AI Summary CA Owner
#1530971 RESOLVED Policy Compliance Opened 2019-02-27 · Closed 2023-02-22 · 40% similar
HARICA: P-384,ecdsa-with-SHA256 Certificates
AI Summary CA Owner
#1713978 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 40% similar
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner
#1230797 RESOLVED Policy Compliance Opened 2015-12-06 · Closed 2022-11-14 · 40% similar
Distrust ISRG Subordinate Certificate and Remove It Until the CA is Compliant with Mozilla Policies
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action