← Telia Company cases
Bugzilla #1896553
Certificate Problem Report
Telia: Delayed revocation of seven (7) certificates related to incident 1896108
CLOSED
FIXED
Telia Company
AI Summary
Telia CA faced a delayed revocation of seven misissued certificates, which was a violation of CA/Browser Forum Baseline Requirements. The delay was attributed to a combination of internal procedural challenges and subscriber reluctance to act promptly. Telia has since revoked the certificates and committed to improving its revocation policies to prevent future incidents. The root cause was identified as a misjudgment in risk assessment regarding the urgency of the revocation.
Chronology
- Incident reported regarding delayed revocation of certificates.
- Three certificates successfully revoked.
- One more certificate revoked.
- Final two certificates revoked.
- Incident report closure summary provided.
Participants
Antti Backman
Dimitris Zacharopoulos
JR Moir
Tim Callan
Mike Shaver
Ben Wilson
External References
Similar Local Cases
DigiCert: Late incident report for bug 1925106
Telekom Security: CRL-Entries with wrong CRL Reason Codes
Telia: Disallowed curve (P-521) in leaf certificate
certSIGN: Missing certificate from the list of bad order subject attributtes
Digicert: SMIME certificate with unvalidated information
DigiCert: Encoded HTML entities in attribute values
Telia: TLS OV certificate with subject countryName and localityName mismatch
Telia: Findings in 2025 ETSI Audit - Incident Report #1 – Vulnerability management