← Government of The Netherlands, PKIoverheid (Logius) cases
Bugzilla #1983262 Policy Compliance

PKIoverheid: TSP KPN Findings in 2025 ETSI Audit - Incident Report #2 – Compliance Management

RESOLVED FIXED Government of The Netherlands, PKIoverheid (Logius)
AI Summary

The PKIoverheid KPN TSP subCA was found to have minor non-conformities during the 2025 ETSI audit, specifically regarding compliance with ETSI EN 319 401 v3.1.1 and NIS2 requirements. The audit revealed that not all new requirements were implemented in time due to a lack of structured processes for tracking changes. KPN has since developed a corrective action plan, which has been approved, and has committed to maintaining a proactive compliance tracking approach. All action items related to the incident have been completed.

Model: gpt-4o-mini Generated: 2026-06-13 21:15 UTC Confidence: 0.90
Chronology
  1. Effective date of ETSI EN 319 401 v3.1.1
  2. Non-compliance identified by CAB
  3. Completion of corrective action items
  4. Final call for comments on incident report
Participants
Policy Authority PKIoverheid
External References
Original Bugzilla Case
Related Bugzilla IDs Mentioned
#1983271 #1983273 #1983274
Similar Local Cases
#1983275 RESOLVED Policy Compliance Opened 2025-08-15 · Closed 2025-12-24 · 54% similar
PKIoverheid: TSP KPN Findings in 2025 ETSI Audit - Incident Report #15 – Outdated Software
AI Summary CA Owner
#1983267 RESOLVED Policy Compliance Opened 2025-08-15 · Closed 2026-03-30 · 54% similar
PKIoverheid: TSP KPN Findings in 2025 ETSI Audit - Incident Report #7 – Change Management
AI Summary CA Owner
#1596923 RESOLVED Policy Compliance Opened 2019-11-15 · Closed 2024-06-30 · 50% similar
PKIoverheid: KPN CPS lacks CPR problem reporting instructions
AI Summary CA Owner
#1609706 RESOLVED Policy Compliance Opened 2020-01-16 · Closed 2024-06-30 · 49% similar
PKIoverheid: Missing Intermediate CA from audit statement
AI Summary CA Owner
#1586125 RESOLVED Policy Compliance Opened 2019-10-03 · Closed 2024-06-30 · 48% similar
PKIoverheid: No BR Audit for Intermediate CAs technically capable of issuing TLS certs
AI Summary CA Owner
#1719451 RESOLVED Policy Compliance Opened 2021-07-07 · Closed 2023-02-22 · 48% similar
PKIoverheid: KPN CPS Lists Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner
#1391864 RESOLVED Policy Compliance Opened 2017-08-19 · Closed 2023-02-22 · 47% similar
Staat der Nederlandend / PKIoverheid: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1578809 RESOLVED Policy Compliance Opened 2019-09-04 · Closed 2023-02-22 · 47% similar
PKIoverheid: Compliance issues CIBG TLS certificates
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action