Telia: S/MIME Misissuance incorrect AIA id-ca-caIssuer http:URI

Telia CA issued two S/MIME certificates that violated S/MIME Baseline Requirements regarding the Authority Information Access (AIA) extension. The misissuance was identified shortly after issuance, leading to the immediate revocation of both certificates. The root causes included reliance on incorrect values from a certificate signing request and insufficient validation processes. Telia has since implemented corrective measures, including custom pre-issuance linting and policy updates to prevent recurrence of similar issues.

1. 2025-05-08 CSR request received for the first certificate
2. 2025-05-09 Misissuance identified and certificates revoked
3. 2025-05-23 Full incident report disclosed
4. 2025-07-07 Final call for comments on incident report