← Entrust cases
Bugzilla #1890685
Certificate Problem Report
Entrust: Failure to revoke EV TLS certificates issued before CPS update
CLOSED
FIXED
Entrust
AI Summary
Entrust faced an incident involving the failure to revoke EV TLS certificates issued between March 18, 2024, and March 21, 2024, before an update to their Certificate Practice Statement (CPS). Initially, Entrust decided not to revoke these certificates due to perceived exceptional circumstances, which led to significant community backlash. After further consultation and feedback, Entrust acknowledged the need for revocation and completed the process by June 30, 2024. The incident highlighted gaps in Entrust's incident management and compliance processes, prompting a reorganization and commitment to improved practices moving forward.
Chronology
- Certificates issued with incorrect CPS.
- All affected certificates revoked.
- Incident report closure summary provided.
Participants
Bruce Morton
Ryan Dickson
Ben Wilson
Mike Shaver
Amir Aamidi
Paul Buonopane
Ngook Kong
External References
Similar Local Cases
Entrust: EV Certificate missing Issuer’s EV Policy OID
Entrust: S/MIME Certificate Issued with Incorrect Policy OID
Entrust: Failure to revoke a certificate
Entrust: clientAuth TLS Certificates without serverAuth EKU
Entrust: CRL non-conformance with the TLS BRs
Entrust: SSL Certificates issued with Un-verified IP Addresses
SSL.com: Entrust API and CAA checking
Entrust: Printable String Constraint Failure