← Entrust cases
Bugzilla #1890896
Certificate Misissuance
Entrust: CPS typographical (text placement) error
RESOLVED
FIXED
Entrust
AI Summary
Entrust identified a typographical error in their Certificate Practice Statement (CPS) which incorrectly required the policyQualifier for OV certificates. This error affected 6,008 OV TLS certificates issued between March 22 and March 26, 2024. The issue was corrected in a subsequent CPS version, and Entrust decided not to revoke the affected certificates, citing that re-issuance would result in identical certificates. The incident report was filed late, and Entrust has committed to improving their procedures to prevent similar issues in the future.
Chronology
- CPS version 3.17 posted.
- CPS version 3.18 introduced a new clientAuth only certificate profile.
- CPS version 3.20 corrected the typographical error.
- Incident report filed.
Participants
Bruce Morton
Jeremy Rowley
Ryan Dickson
Amir Aamidi
Clint Wilson
Mike Shaver
External References
Similar Local Cases
Entrust: Failure to revoke OV TLS - CPS typographical (text placement) error
Entrust: EV TLS Certificate cPSuri missing
Entrust: Subscriber provides private key with CSR
Entrust: Issued Certificates to incorrect Organization
Entrust: Business Entity not permitted in CPS
Entrust: S/MIME certificates lacking OU verification
Entrust: Late mis-issue certificate revocation
Entrust: SHA-256 hash algorithm used with ECC P-384 key