← D-TRUST cases
Bugzilla #1862082
Delayed Revocation
D-Trust: Delay beyond 5 days in revoking misissued certificate
RESOLVED
FIXED
D-TRUST
AI Summary
D-Trust experienced a delay in revoking a misissued DV certificate, which was not revoked within the expected timeframe of 5 days. The certificate was successfully revoked on October 31, 2023, after being identified during an incident report. The root cause was attributed to a manual revocation process that led to oversight. D-Trust has since implemented a technical check to ensure all certificates are verified as revoked in future incidents.
Chronology
- Discovery of misissued DV certificates.
- 14 DV certificates revoked; 1 certificate remained unrevoked.
- The unrevoked certificate was successfully revoked.
- End of root cause analysis.
Participants
Enrico Entschew
External References
Similar Local Cases
D-TRUST: Delayed revocation of EV certificates
SSL.com: Delayed revocation of 53 certificates affected by bug #1750631
Camerfirma: Delayed revocations related to Invalid authorityKeyIdentifier - recurrent incident
Asseco DS / Certum: Delayed revocation of S/MIME certificates issued with mailbox validation older than 30 days
Asseco DS / Certum: Delayed revocation of SHECA cross certificate
HARICA: delayed revocation for bug 1943596
Hongkong Post: Delayed revocation of TLS certificates with Certificate Policies extension problem
GDCA: Delayed revocation of SSL/TLS certificates with Non-critical Basic Constraints