← Entrust cases
Bugzilla #1914999
Certificate Misissuance
Entrust: S/MIME OrgID Country not matching C field
CLOSED
FIXED
Entrust
AI Summary
Entrust identified three S/MIME certificates that were mis-issued due to a mismatch between the organization identifier's jurisdiction and the country field in the subject name. This inconsistency violated S/MIME Baseline Requirements, necessitating the revocation of the certificates. The issue arose from a verification process that did not check for consistency between these fields. Entrust has since updated their validation system and implemented pre-sign linting to prevent future occurrences. All action items related to this incident have been completed, and the incident report has been closed.
Chronology
- Post-issuance linting logged a certificate error.
- Incident report detailing root cause and remediation steps completed.
- Incident report closure confirmed.
Participants
Bruce Morton
B Wilson
External References
Similar Local Cases
Entrust: S/MIME certificates lacking OU verification
Entrust: S/MIME mailbox address not in subjectAltName
Entrust: Issued Certificates to incorrect Organization
Entrust: Certificate issued with validity greater than 825-days
Entrust: Jurisdiction Locality Wrong in EV Certificate
Entrust: Late mis-issue certificate revocation
Entrust: Business Entity not permitted in CPS
Entrust: CPS typographical (text placement) error