← SwissSign AG cases
Bugzilla #1849364
Certificate Misissuance
SwissSign: Missed revocation and opening Bugzilla
RESOLVED
FIXED
SwissSign AG
AI Summary
SwissSign AG reported a missed revocation deadline for mis-issued certificates and the failure to open a corresponding Bugzilla ticket. The incident was linked to a prior Bugzilla case, and the CA acknowledged the oversight in their revocation process. A timeline of actions taken was provided, detailing the steps to address the issue and prevent future occurrences. The CA has since updated their processes and retrained involved personnel to ensure compliance.
Chronology
- Informed about mis-issued certificates
- Finished root cause analysis and prepared Bugzilla report
- Re-trained involved parties on unified revocation process
Participants
Mike Guenther
Roman Fischer
B. Wilson
External References
Similar Local Cases
SwissSign: S/MIME LCP: CN with values other than email address
SwissSign: S/MIME wrong key Usage
SwissSign: wrong address in EV certificate
SwissSign: S/MIME certificates deviate from CPR
SwissSign: Mis-Issuance of S/MIME certificates
SwissSign: Misissuance with mispellings in Location for a number of Certificates
SwissSign: EV JurisdictionStateOrProvinceName - one certificate not selected for revocation
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier