← IdenTrust Services, LLC cases
Bugzilla #2025913
Policy Compliance
IdenTrust: Full Incident Report for Bug 2014609 was not published within 14 days of discovering the issue
RESOLVED
FIXED
IdenTrust Services, LLC
AI Summary
IdenTrust failed to publish a Full Incident Report for Bug 2014609 within the required 14 days of notification, as mandated by CCADB policy. The incident was identified on February 16, 2026, and the report was posted on February 17, 2026, but the required timeline was not adhered to. IdenTrust acknowledged the oversight, attributing it to a misunderstanding of the reporting guidelines. No customer impact was reported, and corrective actions have been implemented to ensure compliance in the future.
Chronology
- Non-compliance start date
- Full Incident report was posted
- Non-compliance identified
- Introduced reminders for reporting milestones
- All action items completed
Participants
IdenTrust
External References
Similar Local Cases
IdenTrust: Full Incident Report for bug 2016585 was not published within 14 days of discovering the issue
IdenTrust: Full Incident Report for bug 2014610 was not published within 14 days of discovering the issue
IdenTrust: Failure to disclose Unconstrained intermediate Within 7 Days
IdenTrust: basicConstraints not flagged "Critical" Per Certification Practices Statement
NETLOCK: did not file a preliminary incident report or respond to a third-party report within the 72-hour timeframe
Microsoft PKI Services: Failure to disclose Unconstrained Intermediate within 7 Days
Chunghwa Telecom: outdated and stale policy documents disclosed to the CCADB
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm