← Microsoft Corporation cases
Bugzilla #2009539 Certificate Problem Report

Microsoft PKI Services: Improper Disclosure of CRLs – IDP – Existing CAs

RESOLVED FIXED Microsoft Corporation
AI Summary

Microsoft PKI Services (MPS) identified syntax issues with Certificate Revocation List (CRL) URLs in the CCADB while investigating improper CRL disclosures. The issue arose during the transition of existing CAs from full CRLs to partitioned CRLs, leading to a case mismatch between the URLs in CCADB and those in the CRLs. MPS has since updated the CCADB entries to ensure compliance with CCADB Policy Section 6.2. All action items related to this incident have been completed, and MPS has implemented measures to prevent recurrence.

Model: gpt-4o-mini Generated: 2026-06-13 21:26 UTC Confidence: 1.00
Chronology
  1. First CA transitioned to partitioned CRLs, CRL Watch reported issue.
  2. CCADB updated with correct partitioned CRL URLs.
  3. Closure report submitted.
Participants
CentralPKI@microsoft.com incident-reporting@ccadb.org
External References
Original Bugzilla Case www.ccadb.org bugzilla.mozilla.org
Related Bugzilla IDs Mentioned
#2007221
Similar Local Cases
#2009543 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-09 · 71% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Does Not Match CA Subject
AI Summary CA Owner
#2008847 RESOLVED Certificate Problem Report Opened 2026-01-06 · Closed 2026-02-17 · 67% similar
Microsoft PKI Services: Sample Site Certificates expired
AI Summary CA Owner
#2009545 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-11 · 64% similar
Microsoft PKI Services: Improper Disclosure of CRLs – Protocol Scheme
AI Summary CA Owner
#2007221 RESOLVED Certificate Problem Report Opened 2025-12-20 · Closed 2026-03-02 · 62% similar
Microsoft PKI Services: Improper Disclosure of CRL
AI Summary CA Owner
#2009542 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-17 · 61% similar
Microsoft PKI Services: Improper Disclosure of CRLs – IDP – New CAs
AI Summary CA Owner
#2034251 RESOLVED Certificate Problem Report Opened 2026-04-22 · Closed 2026-05-13 · 58% similar
Microsoft PKI Services: Failure to Update Full Incident Report within 14 days of discovering new root cause
AI Summary CA Owner
#2009541 RESOLVED Certificate Problem Report Opened 2026-01-10 · Closed 2026-02-11 · 58% similar
Microsoft PKI Services: Failure to report within 72 hrs - Sample Site Certs Expired
AI Summary CA Owner
#1970968 RESOLVED Certificate Problem Report Opened 2025-06-06 · Closed 2025-07-08 · 58% similar
Microsoft PKI Services: Incorrect Revocation Reason Code
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action