← D-TRUST cases
Bugzilla #1924385 Certificate Problem Report

D-Trust: Missed Revocation of TLS certificates affected by Bugzilla 1884714

RESOLVED FIXED D-TRUST
AI Summary

D-Trust issued TLS certificates containing an LDAP-URL in the Subscriber Certificate Authority Information Access field after September 15, 2023. Upon discovery, D-Trust revoked 2,601 affected certificates within five days. However, four certificates issued on January 26 and March 1, 2024, went undetected during the mass revocation. The root cause was identified as communication issues between the Nexus CM and CSM, which were not detected during testing. D-Trust has since implemented measures to prevent future occurrences, including an error-tolerant data synchronization system.

Model: gpt-4o-mini Generated: 2026-06-13 21:31 UTC Confidence: 1.00
Chronology
  1. Entry into force of the provisions from Ballot SC62
  2. All affected TLS certificates were revoked
  3. Discovery of 4 undetected affected certificates
  4. Revocation of the 4 undetected certificates
  5. Installation of error-tolerant data synchronization system in production
Participants
Enrico Entschew Ryan Dickson B. Wilson
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1893610 RESOLVED Certificate Problem Report Opened 2024-04-26 · Closed 2024-06-30 · 71% similar
D-Trust: Notice to affected Subscriber and person filing CPR not sent within 24 hours
AI Summary CA Owner
#1884714 RESOLVED Certificate Problem Report Opened 2024-03-11 · Closed 2024-09-13 · 70% similar
D-Trust: LDAP-URL in Subscriber Certificate Authority Information Access field
AI Summary CA Owner
#1647468 RESOLVED Certificate Problem Report Opened 2020-06-22 · Closed 2023-02-22 · 67% similar
D-TRUST: Wrong key usage (Key Encipherment)
AI Summary CA Owner
#1691117 RESOLVED Certificate Problem Report Opened 2021-02-05 · Closed 2023-02-22 · 67% similar
D-TRUST: Certificate with RSA key where modulus is not divisible by 8
AI Summary CA Owner
#1913310 RESOLVED Certificate Problem Report Opened 2024-08-15 · Closed 2025-12-19 · 67% similar
D-Trust: CRL-Entries without required CRL Reason Code
AI Summary CA Owner
#1509512 RESOLVED Certificate Problem Report Opened 2018-11-23 · Closed 2023-02-22 · 64% similar
D-TRUST: syntax error in one tls certificate
AI Summary CA Owner
#1896190 RESOLVED Certificate Problem Report Opened 2024-05-10 · Closed 2024-11-06 · 63% similar
D-Trust: Issuance of an EV certificate containing a mixup of the Subject's postalCode and localityName
AI Summary CA Owner
#1939809 RESOLVED Certificate Problem Report Opened 2025-01-03 · Closed 2025-03-21 · 61% similar
D-Trust: QCStatement with http link of PKI Disclosure Statements
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action