← DigiCert cases
Bugzilla #1853463
Certificate Misissuance
DigiCert: SMIME certificates issued inconsistent with BR’s
RESOLVED
DigiCert
AI Summary
DigiCert reported a small number of S/MIME certificates issued in violation of the S/MIME Baseline Requirements (BRs). The investigation revealed that fewer than 40 certificates were affected, and DigiCert took immediate action to revoke them. The issue stemmed from a combination of system bugs and timing errors during the implementation of new compliance rules. All identified misissued certificates have been revoked, and no new incidents have occurred since.
Chronology
- DigiCert became aware of misissued S/MIME certificates.
- DigiCert confirmed all remediations are in place.
Participants
Martin Sullivan
External References
Similar Local Cases
DigiCert: Incorrect case in Business Category
DigiCert: Org-JOI type mismatch
DigiCert: Mis-Issuance Rekey certificates
DigiCert / Siemens: Insufficient Serial Number Entropy
DigiCert: Domain validation skipped
DigiCert / ABB: greater than 825 day cert issuance
DigiCert / Symantec: EV JOI Issue
DigiCert / Wells Fargo: Invalid DNS names