← Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT) cases
Bugzilla #1875942 Certificate Problem Report

FNMT: Certificates issued included Policy qualifiers other than id-qt-cps

RESOLVED FIXED Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT)
AI Summary

On January 22, 2024, FNMT identified that it had issued 712 TLS certificates since September 15, 2023, which included Policy Qualifiers other than the required id-qt-cps, violating BR 7.1.2.7.9. The affected certificates were suspended, and a notification process was initiated for subscribers. All affected certificates were revoked within five days. The root cause was a failure in the compliance review process, exacerbated by reliance on a single reviewer and outdated tools. FNMT has since implemented corrective actions, including a checklist for reviews and improved monitoring tools.

Model: gpt-4o-mini Generated: 2026-06-13 21:13 UTC Confidence: 0.95
Chronology
  1. FNMT detects non-compliance issue regarding issued certificates.
  2. FNMT submits incident report detailing affected certificates.
  3. All affected certificates revoked.
  4. FNMT updates on action items and implementation of compliance measures.
  5. FNMT confirms successful remediation and requests closure of the bug.
Participants
Amaya Espinosa Ben Wilson
External References
Original Bugzilla Case
Similar Local Cases
#1828717 RESOLVED Certificate Problem Report Opened 2023-04-18 · Closed 2023-09-29 · 63% similar
FNMT: CRL problems displayed during the monitoring
AI Summary CA Owner
#2014833 RESOLVED Certificate Problem Report Opened 2026-02-05 · Closed 2026-03-02 · 57% similar
FNMT: Delayed response to CPR sender related bug 2012326
AI Summary CA Owner
#1963778 RESOLVED Certificate Problem Report Opened 2025-05-01 · Closed 2025-11-20 · 56% similar
FNMT: CP/CPS, Revocation Requests Mechanism, Certificate Problem Report, CRL and OCSP disruption
AI Summary CA Owner
#1881364 RESOLVED Certificate Problem Report Opened 2024-02-21 · Closed 2024-03-29 · 50% similar
Digicert: SMIME certificate with unvalidated information
AI Summary CA Owner
#1705832 RESOLVED Certificate Problem Report Opened 2021-04-16 · Closed 2023-02-22 · 50% similar
KIR S.A.: DV certificates with locality name, organization name and stateOrProvinceName
AI Summary CA Owner
#1907949 RESOLVED Certificate Problem Report Opened 2024-07-15 · Closed 2024-08-28 · 50% similar
iTrusChina: CRL Reason Codes
AI Summary CA Owner
#1693304 RESOLVED Certificate Problem Report Opened 2021-02-17 · Closed 2023-02-22 · 50% similar
FNMT: Issuance of QCP-n certificates without verifying identity
AI Summary CA Owner
#1820174 RESOLVED Certificate Problem Report Opened 2023-03-03 · Closed 2023-07-28 · 49% similar
NETLOCK: SSL certificates with OU field
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action