← Microsoft Corporation cases
Bugzilla #1962829
Certificate Problem Report
Microsoft PKI Services: Policy document bug
CLOSED
FIXED
Microsoft Corporation
AI Summary
This incident involved a typographical error in the Microsoft Public TLS CPS, where it incorrectly stated that the keyEncipherment key usage was not present in Subscriber certificates with RSA public keys. This mismatch led to a discrepancy between the CPS language and the actual issuance of Organization Validated TLS Subscriber Certificates. The error was identified during a review process and has since been addressed through various remediation actions, including formalizing review processes and updating documentation. All action items related to this incident have been completed, and Microsoft PKI Services is committed to ongoing improvements to prevent recurrence.
Chronology
- Non-compliance start date
- Non-compliance end date
- Incident identified by third-party researcher
- All action items completed
Participants
Microsoft PKI Services
Third-party researcher
External References
Similar Local Cases
Microsoft: improper disclosure of CRL
Microsoft PKI Services: Subscriber certificate change made that was not compliant with CPS
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – Existing CAs
Microsoft PKI Services: Incorrect Revocation Reason Code
Microsoft PKI Services: CA Certificates not published in DER Encoded Format
Microsoft PKI Services: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy
Microsoft PKI Services: Null Character Bug and Microsoft Root CAs
Microsoft PKI Services: Malformed ICAs (missing certificate policy extensions)