← SwissSign AG cases
Bugzilla #1995252
Policy Compliance
SwissSign: Attribute Change process did not revoke single-domain certificates
RESOLVED
FIXED
SwissSign AG
AI Summary
SwissSign AG reported an incident where their system failed to send revocation emails and did not revoke single-domain TLS OV certificates during an attribute change process, while multi-domain certificates were revoked as expected. This issue was identified after customer feedback and resulted in a temporary suspension of the attribute change procedure. The root cause was linked to an update in their pricing model that inadvertently affected the links to their production CA system. SwissSign has since implemented corrective actions to prevent future occurrences.
Chronology
- Attribute change initiated by RAO
- Issue escalated to Compliance team
- Initial Bugzilla report created
- Fix pushed to production
- Closure summary prepared
Participants
Sandy Balzer
Roman Fischer
External References
Similar Local Cases
SwissSign: recommendation on risk assessment
SwissSign: recommendation on evaluation of cloud service providers
SwissSign: Missed deadline of publication of 6 CPs and 1 CP/CPS
SwissSign: Non-BR-Compliant Certificate Issuance
SwissSign: BRs require full annual audits
IdenTrust: basicConstraints not flagged "Critical" Per Certification Practices Statement
Actalis: Issuance of intermediates after 2019-01-01 that do not comply with Mozilla Policy
Entrust: Improperly Verified Business Category