← Microsoft Corporation cases
Bugzilla #2007221 Certificate Problem Report

Microsoft PKI Services: Improper Disclosure of CRL

RESOLVED FIXED Microsoft Corporation
AI Summary

Microsoft PKI Services disclosed CRL information in CCADB that did not fully match the CRL Distribution Point (CDP) URLs published in certificates issued by twelve newly created CAs. This resulted in non-compliance with Section 6.2 of the CCADB Policy. The issue was identified following a Certificate Problem Reporting email, leading to an update on December 19, 2025, where the correct JSON Array of Partitioned CRL URLs was disclosed. Microsoft has since committed to ongoing monitoring and validation processes to ensure compliance with CCADB Policy requirements.

Model: gpt-4o-mini Generated: 2026-06-13 21:24 UTC Confidence: 0.95
Chronology
  1. Microsoft PKI Services added 12 new CA certs to CCADB.
  2. Received a Certificate Problem Reporting email regarding CRL disclosure.
  3. Updated CCADB to include the correct JSON Array of Partitioned CRL URLs.
Participants
CentralPKI@microsoft.com
External References
Original Bugzilla Case www.ccadb.org bugzilla.mozilla.org
Similar Local Cases
#2009539 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-17 · 62% similar
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – Existing CAs
AI Summary CA Owner
#2009545 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-11 · 61% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Protocol Scheme
AI Summary CA Owner
#2009543 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-09 · 61% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Does Not Match CA Subject
AI Summary CA Owner
#2009542 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-17 · 61% similar
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – New CAs
AI Summary CA Owner
#2008847 RESOLVED Certificate Problem Report Opened 2026-01-06 · Closed 2026-02-17 · 60% similar
Microsoft PKI Services: Sample Site Certificates expired
AI Summary CA Owner
#2034251 RESOLVED Certificate Problem Report Opened 2026-04-22 · Closed 2026-05-13 · 59% similar
Microsoft PKI Services: Failure to Update Full Incident Report within 14 days of discovering new root cause
AI Summary CA Owner
#2009541 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-11 · 58% similar
Microsoft PKI Services: Failure to report within 72 hrs - Sample Site Certs Expired
AI Summary CA Owner
#1965612 RESOLVED Certificate Problem Report Opened 2025-05-10 · Closed 2026-05-04 · 57% similar
Microsoft PKI Services: Failure to Revoke in 5 Days for 1962829
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action