← NAVER Cloud Trust Services cases
Bugzilla #1908130 Certificate Misissuance

NAVER Cloud Trust Services: Incorrect keyUsage for ECC certificate

RESOLVED FIXED NAVER Cloud Trust Services
AI Summary

NAVER Cloud Trust Services issued three ECDSA certificates with an incorrect keyUsage of keyEncipherment, violating the Baseline Requirements. Upon discovery, the certificates were revoked within 30 minutes. The root cause was identified as missing lint sources in the pre-linting process, which allowed the mis-issuance to occur. The CA has since suspended certificate issuance and implemented corrective actions to prevent future occurrences.

Model: gpt-4o-mini Generated: 2026-06-13 20:55 UTC Confidence: 0.95
Chronology
  1. Three ECDSA certificates issued with incorrect keyUsage.
  2. Certificates revoked within 30 minutes of discovery.
  3. Lint sources added to prevent future mis-issuance.
  4. Improvements to certificate issuance system completed.
Participants
Hogeun Yoo Sooyoung Eo B. Wilson
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1908128 RESOLVED Certificate Misissuance Opened 2024-07-16 · Closed 2024-08-28 · 66% similar
NAVER Cloud Trust Services: Certificate issued with incorrect OCSP URI in AIA
AI Summary CA Owner
#1785865 RESOLVED Certificate Misissuance Opened 2022-08-18 · Closed 2024-05-09 · 63% similar
NAVER Cloud Trust Services: DV certificate issued with no subject alternative name extension
AI Summary CA Owner
#1676352 RESOLVED Certificate Misissuance Opened 2020-11-10 · Closed 2023-02-22 · 54% similar
Microsec: Certificate validity period greater than 398 days
AI Summary CA Owner
#1884532 RESOLVED Certificate Misissuance Opened 2024-03-09 · Closed 2024-07-11 · 53% similar
ACCV: Certificates issued with cRLIssuer in CDP extension
AI Summary CA Owner
#1843268 RESOLVED Certificate Misissuance Opened 2023-07-13 · Closed 2024-05-09 · 53% similar
NAVER Cloud Trust Services: OV certificate issued with OU field
AI Summary CA Owner
#1845269 RESOLVED Certificate Misissuance Opened 2023-07-25 · Closed 2023-09-29 · 53% similar
NAVER Cloud Trust Services: commonName not in SAN
AI Summary CA Owner
#1876775 RESOLVED Certificate Misissuance Opened 2024-01-26 · Closed 2024-03-04 · 51% similar
Sectigo: Wrong usage of LEI records for the issuance of SMIME Certificates
AI Summary CA Owner
#1866448 RESOLVED Certificate Misissuance Opened 2023-11-24 · Closed 2024-02-14 · 51% similar
NAVER Cloud Trust Services: DV Certificate issued with improperly validated
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action