← Asseco Data Systems S.A. cases
Bugzilla #2002281
Certificate Problem Report
Asseco DS / Certum: Irregularities in Xinchacha/Xcc Brand SSL Certificates
RESOLVED
INVALID
Asseco Data Systems S.A.
AI Summary
The case involves a report of irregularities concerning SSL certificates issued by Asseco Data Systems S.A. (Certum) for the Xinchacha/Xcc brand. The report raised concerns about the validation process for OV certificates, suggesting that certificates were issued without proper verification of organizational identity. Certum responded by stating that their validation processes adhere to the CA/Browser Forum Baseline Requirements and that they found no evidence of irregularities. The case was ultimately marked as invalid due to a lack of verifiable evidence supporting the claims.
Chronology
- Initial report of irregularities submitted.
- Certum begins verification process.
- No updates provided on the issue.
- Case marked as invalid.
Participants
Hai Vo Chi
Wojciech Trapczyński
Kateryna Aleksieieva
Martijn Katerbarg
External References
Similar Local Cases
Asseco DS / Certum: CP/CPS, Revocation Requests Mechanism, Certificate Problem Report, CRL and OCSP disruption
Asseco DS / Certum: IP in dnsName
Asseco DS / Certum: CRL non-conformance with the TLS BRs
Asseco DS / Certum: Finding in Routine WebTrust Audit – S/MIME certificates issued with mailbox validation older than 30 days
Asseco DS / Certum: Unallowed key usage for EC public key (Key Encipherment)
Asseco DS / Certum: Intermediate CA certificates not listed in audit report
Asseco DS / Certum: Failure to revoke intermediate certificates within the BR time period
Asseco DS / Certum: Failure to provide a preliminary report within 24 hours.