← DigiCert cases
Bugzilla #1865235
Policy Compliance
DigiCert: Late background refreshment check
RESOLVED
DigiCert
AI Summary
DigiCert reported a late background refreshment check for trusted role staff, which was noted during a recent Webtrust audit. While their CPS states checks should occur every five years, three of six sampled checks were completed slightly late. This issue does not impact public PKI systems as the BR’s and root programs do not require this frequency. DigiCert plans to update their CPS to remove this requirement.
Chronology
- DigiCert's auditors provided draft reports for Annual Webtrust.
- Discussion with auditors about background check tracking.
- Case scheduled for closure unless further questions arise.
Participants
Martin Sullivan
Ben Wilson
External References
Similar Local Cases
DigiCert: Inconsistent EV audits
DigiCert: Verizon CPS lacks CPR problem reporting instructions
SECOM: Failed an annual CPS update of Cybertrust Japan (CTJ)
Sectigo: Incomplete Subscriber Agreement provisions
NETLOCK: CPS 1.5.2. problem and contact information update
Amazon Trust Services: CP/CPS does not specify key compromise methods
iTrusChina: Failure to Respond to May 2022 Survey
NAVER Cloud Trust Services: Failure to Respond to May 2022 Survey