← Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV) cases
Bugzilla #1886788
Certificate Problem Report
ACCV: Delayed revocation of TLS certificates affected by bug #1884532
RESOLVED
FIXED
Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV)
AI Summary
The Government of Spain's certification authority, ACCV, reported a delayed revocation of TLS certificates due to non-compliance with the Baseline Requirements. The delay stemmed from a failure to prioritize an email alerting them to the issue, resulting in revocation occurring beyond the mandated timeframe. All affected certificates have since been revoked, and ACCV has implemented measures to prevent future delays, including establishing a dedicated email for problem reporting.
Chronology
- External observer alerted ACCV to potential certificate issue.
- ACCV detected incorrectly issued certificates during routine review.
- All affected certificates were revoked.
Participants
Jose Amador
rdaurne77@gmail.com
bwilson@mozilla.com
External References
Similar Local Cases
ACCV: Delayed response to CPR
ACCV: Certificates issued with Policy qualifiers other than id-qt-cps
Entrust: Jurisdiction issue in some EV TLS & Code Signing certificates
GoDaddy: Intermittent unauthorized OCSP response when certificate is freshly issued
GoDaddy : CAA checks passed when records contained incorrect variants of godaddy.com or starfieldtech.com
GoDaddy : CAA checks did not properly handle issuewild tag allowing FQDN SANs to be added to wildcard certs
TWCA: Revocation delay for TLS certificates with non-critical basicConstraints
SECOM: Difference in upper and lower case between CN field and SAN