← Deutsche Telekom Security GmbH cases
Bugzilla #1825780 Certificate Problem Report

Telekom Security: Improper use of a domain validation method

RESOLVED FIXED Deutsche Telekom Security GmbH
AI Summary

During an annual ETSI audit, Telekom Security identified that a domain validation method intended for internal customers was also accessible to external customers. This misunderstanding stemmed from misleading documentation, leading to immediate actions including halting certificate issuance and revoking affected certificates. After further investigation, it was confirmed that the validation method was not compliant with the Baseline Requirements, prompting a commitment to improve auditing processes. The case was resolved with the method being permanently discontinued.

Model: gpt-4o-mini Generated: 2026-06-13 21:25 UTC Confidence: 0.90
Chronology
  1. Non-conformity identified during annual ETSI audit.
  2. Last affected certificate revoked.
  3. Final consultation with auditor; misunderstanding clarified.
  4. Bug closed.
Participants
Arnold Essing Jan Voelkel Ben Wilson
External References
Original Bugzilla Case
Similar Local Cases
#1914383 RESOLVED Certificate Problem Report Opened 2024-08-22 · Closed 2024-12-11 · 65% similar
Telekom Security: CRL-Entries with wrong CRL Reason Codes
AI Summary CA Owner
#1675314 RESOLVED Certificate Problem Report Opened 2020-11-04 · Closed 2023-02-22 · 60% similar
Telekom Security: Wrong jurisdiction entries in certificates
AI Summary CA Owner
#1705791 RESOLVED Certificate Problem Report Opened 2021-04-16 · Closed 2023-02-22 · 58% similar
Telekom Security: Multiple commonName in certificates
AI Summary CA Owner
#1703528 RESOLVED Certificate Problem Report Opened 2021-04-07 · Closed 2023-02-22 · 58% similar
Telekom Security: Key Encipherment in two ECC SAN TLS certificates
AI Summary CA Owner
#1655698 RESOLVED Certificate Problem Report Opened 2020-07-28 · Closed 2023-02-22 · 58% similar
Telekom Security: CRL also contained unrevoked certificates
AI Summary CA Owner
#1875820 RESOLVED Certificate Problem Report Opened 2024-01-22 · Closed 2024-08-03 · 57% similar
Telekom Security: TLS certificates with basicConstraints not marked as critical
AI Summary CA Owner
#1651447 RESOLVED Certificate Problem Report Opened 2020-07-08 · Closed 2023-02-22 · 50% similar
GlobalSign: Failure to revoke noncompliant ICA within 7 days
AI Summary CA Owner
#2011238 RESOLVED Certificate Problem Report Opened 2026-01-19 · Closed 2026-03-17 · 49% similar
Telekom Security / DFN: CRL of “DFN-Verein Certification Authority 2“ contains empty revoked certificate list
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action