← Government of Korea, KLID cases
Bugzilla #2032478
Certificate Misissuance
Government of Korea: Misissuance detected by PKIMetal
CLOSED
Government of Korea, KLID
AI Summary
The Government of Korea investigated certificate profile issues related to misissued OV TLS Subscriber Certificates under the legacy GPKIRootCA1 hierarchy. The investigation revealed that certain certificates contained non-compliant profile values, including prohibited key usage and improper CRL distribution points. Following the identification of these issues, the Government initiated revocation actions, ultimately revoking all affected certificates. The incident highlighted the need for improved internal controls and automated linting processes to prevent future occurrences.
Chronology
- Bugzilla Bug 2032478 was opened, reporting certificate profile issues.
- Government of Korea's engineering team became aware of the shared profile issue.
- Government of Korea revoked the initially identified certificates.
- Government of Korea revoked additional certificates.
- Final certificate with relevant non-compliant profile values was revoked.
- All remaining valid affected certificates were confirmed revoked.
Participants
Ji Eun Seong
incident-reporting@ccadb.org
External References
Similar Local Cases
Firmaprofesional: Misissuance of TLS Subordinate CA "AC Firmaprofesional - Secure Web 2024"
Actalis: Issuance of certificate using keys previously reported as compromised
OATI: Misissuance detected by PKIMetal
CCA India: Misissuance detected by PKIMetal
VISA: Misissuance detected by PKIMetal
Certisign: Misissuance detected by PKIMetal
TunTrust: SSL OV mis-issuance against CP/CPS (Email attribute)
Microsoft PKI Services: Misissuance detected by PKIMetal