← SwissSign AG cases
Bugzilla #1990275
CCADB Compliance
SwissSign: recommendation on publication process for CA related data
RESOLVED
FIXED
SwissSign AG
AI Summary
The audit report for SwissSign recommended improvements to the publication process for CA-related data in its public repository. This includes ensuring the accuracy of PKI chains and relevant certificates. The report identified that the current manual construction of the repository page increased the risk of inconsistencies. SwissSign has since completed action items to address these issues, including reviewing and correcting identified inconsistencies and exploring automation options to enhance the process. All action items have been completed, and SwissSign is committed to maintaining compliance with ETSI requirements and Mozilla expectations.
Chronology
- Audit report containing recommendations published
- Action item completed and reviewed by auditors
Participants
Sandy Balzer
External References
Similar Local Cases
SwissSign: recommendation on firewall review
SwissSign: recommendation on log review process
SwissSign: recommendation on review of key pair generation implementation
SwissSign: recommendation on linting software updates
SwissSign: recommendation on BIA/BCP test coverage
SwissSign: Audit Letter Validation failures on intermediate certificates
Chunghwa Telecom: Delayed Annual Audit Report 2024
IdenTrust: Temporary Errors in Test Website Certificates