← Microsec Ltd. cases
Bugzilla #1952519
Certificate Problem Report
Microsec: Inconsistent Disclosure of S/MIME BR Audit Information in CCADB
RESOLVED
FIXED
Microsec Ltd.
AI Summary
Microsec Ltd. reported an issue regarding the inconsistent disclosure of S/MIME BR audit information in the CCADB. A doppelganger root certificate was found that lacked the necessary audit details, which is a requirement for all CA Owners issuing S/MIME certificates. The problem arose from the existence of multiple records for the same root certificate, leading to confusion and potential compliance issues. Microsec has communicated with CCADB operators and proposed the removal of the duplicate certificate to resolve the issue. The case has been marked as resolved after the necessary updates were made.
Chronology
- Rob Stradling reported the issue to the CCADB Public mailing list.
- Microsec opened a Bugzilla ticket regarding the issue.
- Microsec submitted an update to CCADB with the current audit information.
- Final call for comments on the incident report.
- Bug resolved and marked as fixed.
Participants
dr. Sándor SZŐKE
Rob Stradling
Ben Wilson
External References
Similar Local Cases
SSL.com: Entrust API and CAA checking
Microsec: Incorrect OCSP Delegated Responder Certificate
Microsec: Issuance of 2 IVCP precertificates without givenName, surName, localityName fields
Microsec: Late response to a CPR
Microsec: "DV valid" test website certificate issued under incorrect root
Microsec: Disallowed subject attribute field in DV certificate
Microsec: CT Logging mistakes
Digicert: Preview certificate uploaded to CCADB instead of the actual certificate