← IdenTrust Services, LLC cases
Bugzilla #1796715
Certificate Misissuance
IdenTrust: Mis-Issued EV Code Signing Certificate
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust Services, LLC reported a mis-issued EV Code Signing certificate for HydrantID, which contained an incorrect jurisdiction serial number. The certificate was issued on October 18, 2022, and upon post-issuance validation, the discrepancy was identified. The CA took immediate action by revoking the certificate and updating their validation processes to prevent future occurrences. The issue was resolved and the case was closed after discussions within the community.
Chronology
- Issued the EV Code Certificate
- Discovered and reported the discrepancy to internal compliance team
- Updated the details for the HydrantID organization DB record
- Updated the Registration EV Validation process to prevent a recurrence
- Replaced/Revoked the EV Code Signing certificate
- Case closed after community discussions
Participants
roots@identrust.com
bwilson@mozilla.com
corey.bonnell@digicert.com
External References
Similar Local Cases
IdenTrust: unintended creation of a Root CA certificate
IdenTrust: Cross-signed root certificate mis-issuance
IdenTrust: Issuance of certificates greater than 398 days
IdenTrust: Issuance of Subordinate CA’s Without EKU
IdenTrust: Validation Source for EV Certificates not Publicly Disclosed
IdenTrust: Mis-Issued EV Certificates
IdenTrust: Internal names / failure to report
IdenTrust: Invalid special characters in S/MIME Certificates