← DigiCert cases
Bugzilla #1566162 · Certificate Problem Report
DigiCert: Failure to supervise ABB Subordinate CA
DigiCert · RESOLVED
AI Summary
This case addresses DigiCert's oversight of the ABB Subordinate CA, which failed to revoke misissued certificates in a timely manner. Despite commitments to accelerate the replacement of affected certificates, progress was slow, leading to concerns about compliance with industry standards. The incident prompted discussions on improving oversight and communication regarding subordinate CAs. Ultimately, ABB CA 5 was revoked, and DigiCert has committed to enhancing their monitoring and reporting processes.
Chronology
- Initial report of oversight failure
- ABB CA 5 revoked
- Incident resolved
Participants
Wayne Thayer
Jeremy Rowley
External References
Similar Local Cases
DigiCert: CAA Checking Issue
DigiCert: BR 3.2.5 Validation of Authority Failure for OV Certs
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension
DigiCert: Verizon: "Default City" in Subject:localityName
DigiCert: Microsoft: Incident report for Microsoft Dynamics incident
DigiCert: Symantec non-constrained/non-disclosed intermediate CA certificates
DigiCert: Non-BR-Compliant OCSP Responders
DigiCert: Failure to disclose Unconstrained Intermediate within 7 Days