← e-commerce monitoring GmbH cases
Bugzilla #1862004
Delayed Revocation
e-commerce monitoring GmbH: Delayed revocation
RESOLVED
WONTFIX
e-commerce monitoring GmbH
AI Summary
The case involves e-commerce monitoring GmbH's failure to revoke multiple certificates in a timely manner, which violated the Baseline Requirements. The CA was required to submit an incident report detailing the reasons for the delay and the actions taken to prevent future occurrences. Despite acknowledging the need for improvements, the CA faced criticism for insufficient documentation and understanding of revocation requirements. As a result, browsers have decided to remove e-commerce monitoring GmbH from their Root Programs effective June 30, 2024, while the CA commits to restructuring its processes to regain compliance.
Chronology
- Multiple signed data structures issued with duplicate serial numbers.
- Certificates were revoked after a delay.
- Removal from Root Programs effective.
Participants
Ben Wilson
Daniel Zens
Hans Zeger
Aaron Gable
R. Daurne
J. Moir
External References
Similar Local Cases
Telekom Security: Revocation delay for TLS certificates with basicConstraints not marked as critical
NETLOCK: Policy Qualifiers other than id-qt-cps is included in TLS certificates - delayed revocation
Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident
Entrust: Delayed revocation of clientAuth TLS Certificates without serverAuth EKU
Buypass: Delayed revocation of TLS certificates
SECOM: Delayed Revocation of CA Certificate with OCSP EKU Issue
SECOM: Delayed Revocation of non-technically constrained FUJIFILM Certificates
eMudhra emSign PKI Services: Delayed Revocation of SSL/TLS Certificates