← IdenTrust Services, LLC cases
Bugzilla #1853783
Certificate Problem Report
IdenTrust: S/MIME certificates issued in violation of New S/MIME Baseline Requirements v1.0
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust Services, LLC issued 114 S/MIME certificates that violated the CA/B Forum S/MIME Baseline Requirements v1.0, which took effect on September 1, 2023. The violations included insufficient entropy in 68 certificates and incorrect subject DN attributes in others. Upon discovery on September 6, 2023, IdenTrust halted issuance, revoked the affected certificates, and implemented a hotfix to address the issues. They are also on track to deploy an updated S/MIME linting tool by January 2024 to prevent future occurrences.
Chronology
- New S/MIME Baseline Requirements v1.0 took effect.
- IdenTrust discovered the issuance of 114 problematic S/MIME certificates.
- Issuance of certificates was stopped.
- All affected certificates were revoked.
- IdenTrust implemented the updated S/MIME linting tool.
Participants
IdenTrust
External References
Similar Local Cases
IdenTrust: Failure to provide OCSP responses for valid ICA certificates
IdenTrust: Bad OCSP Responses
IdenTrust: Invalid OrganizationIdentifier in S/MIME certificates
IdenTrust: Discrepancy in values of address fields within CN of SSL Certificates
IdenTrust: Incorrect Subject Details for HydrantId
IdenTrust: Certificates with Invalid values for stateOrProvinceName
IdenTrust: Intermittent issuance/validation failures and website outage
IdenTrust: Expired CRLs