← Deutsche Telekom Security GmbH cases
Bugzilla #2011238 Certificate Problem Report

Telekom Security / DFN: CRL of “DFN-Verein Certification Authority 2“ contains empty revoked certificate list

RESOLVED FIXED Deutsche Telekom Security GmbH
AI Summary

The CRL for 'DFN-Verein Certification Authority 2' was found to contain an empty sequence for revoked certificates, which violates RFC 5280. This issue was reported by a third party and was identified on January 16, 2026. The non-compliance was addressed by issuing a compliant CRL on January 22, 2026, after the software responsible for generating the CRL was updated. The root causes included insufficient software specifications and the lack of CRL linting. All action items related to the incident have been completed, and the case is now resolved.

Model: gpt-4o-mini Generated: 2026-06-13 21:29 UTC Confidence: 1.00
Chronology
  1. First non-compliant CRL created
  2. Non-compliance identified
  3. Compliant CRL issued
  4. Case resolved
Participants
Stefan Kirch DFN PCA
External References
Original Bugzilla Case
Similar Local Cases
#2004668 RESOLVED Certificate Problem Report Opened 2025-12-08 · Closed 2026-01-20 · 59% similar
Telekom Security: Root-CA certificates published in PEM encoded format
AI Summary CA Owner
#1655698 RESOLVED Certificate Problem Report Opened 2020-07-28 · Closed 2023-02-22 · 59% similar
Telekom Security: CRL also contained unrevoked certificates
AI Summary CA Owner
#1914383 RESOLVED Certificate Problem Report Opened 2024-08-22 · Closed 2024-12-11 · 57% similar
Telekom Security: CRL-Entries with wrong CRL Reason Codes
AI Summary CA Owner
#1875820 RESOLVED Certificate Problem Report Opened 2024-01-22 · Closed 2024-08-03 · 57% similar
Telekom Security: TLS certificates with basicConstraints not marked as critical
AI Summary CA Owner
#1705791 RESOLVED Certificate Problem Report Opened 2021-04-16 · Closed 2023-02-22 · 53% similar
Telekom Security: Multiple commonName in certificates
AI Summary CA Owner
#1675314 RESOLVED Certificate Problem Report Opened 2020-11-04 · Closed 2023-02-22 · 51% similar
Telekom Security: Wrong jurisdiction entries in certificates
AI Summary CA Owner
#1266944 RESOLVED Certificate Problem Report Opened 2016-04-23 · Closed 2022-11-14 · 51% similar
Deutsche telekom: no localityName or stateOrProvinceName
AI Summary CA Owner
#1825780 RESOLVED Certificate Problem Report Opened 2023-03-31 · Closed 2023-07-05 · 49% similar
Telekom Security: Improper use of a domain validation method
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action