← DigiCert cases
Bugzilla #1942455
Certificate Problem Report
DigiCert: inconsistent revocation / OCSP / CRL behavior
RESOLVED
DigiCert
AI Summary
This case addresses issues related to DigiCert's revocation process, specifically concerning OCSP and CRL responses for certificates with compromised private keys. The reporter initially identified multiple inconsistencies, including an expired certificate still being reported as 'good' by OCSP and discrepancies between OCSP and CRL statuses. After further investigation, it was concluded that these issues did not constitute policy violations, leading to the case being marked as invalid.
Chronology
- Initial report of certificate issues with DigiCert
- DigiCert confirms issues are not policy violations
- Case scheduled for closure
- Case closed as invalid
Participants
Hanno Boeck
DigiCert
Mozilla
External References
Similar Local Cases
DigiCert: DCV logging issue
DigiCert: Re-use of WHOIS validation shortly after deadline
DigiCert: localbattle.net certificate with private key in software / issued by Digicert
DigiCert: Subject Serial Numbers for Non-Commercial Entities
DigiCert: Some certificates issued with CRLDPs that don’t exactly match CCADB disclosures
DigiCert: Several non-functioning AIA URLs
DigiCert: IP in dnsName
DigiCert / ADACOM: published expired CRLs