← IdenTrust Services, LLC cases
Bugzilla #2048444 Self Reported Incident Certificate Misissuance

IdenTrust self-reported TLS end-entity certificate mis-issuance involving extra certificate policy OIDs

ASSIGNED IdenTrust Services, LLC
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update. Always refer to the official Bugzilla thread as the authoritative source. If you spot an inaccuracy, let me know via the contact form.
AI Summary

IdenTrust reported an internal review finding a compliance issue in its TrustID TLS CP/CPS related to issuance of TLS end-entity certificates. The issue was that TLS certificates were issued with additional IdenTrust certificate policy OIDs, even though the CP/CPS had a scheduled date for removing inclusion of those certificate policy OIDs. After confirmation, IdenTrust halted issuance and then resumed issuance after remediation was completed. IdenTrust stated that all impacted certificates will be revoked within 5 days. The bug was opened as a self-reported preliminary incident report referencing TrustID TLS CP/CPS v5.0.3 sections 7.1.2.3 and 7.1.6.

Model: gpt-5.4-nano Generated: 2026-06-19 19:38 UTC Confidence: 0.86 1 comment
Chronology
  1. IdenTrust self-disclosed a TrustID TLS CP/CPS compliance issue where TLS end-entity certificates were issued with additional certificate policy OIDs, then halted and later resumed issuance after remediation.
Thread Activity
  1. roots@identrust.com — Posted a preliminary incident report stating that an internal review found TLS end-entity certificates were issued with additional certificate policy OIDs contrary to a CP/CPS removal date; issuance was halted, remediation completed, issuance resumed, and impacted certificates would be revoked within 5 days.
Participants
roots@identrust.com
External References
Original Bugzilla Case
Similar Local Cases
#2026351 RESOLVED Self Reported Incident Certificate Misissuance Opened 2026-03-25 · Closed 2026-05-18 · 90% similar
Identrust: Root CrossSign, of dedicated Roots, missing EKU
AI Summary CA Owner
#1930029 RESOLVED Self Reported Incident Certificate Misissuance Opened 2024-11-08 · Closed 2025-02-19 · 88% similar
IdenTrust: Approval of TLS certificate renewal without domain validation
AI Summary CA Owner
#2014609 RESOLVED Self Reported Incident Certificate Misissuance Opened 2026-02-05 · Closed 2026-04-11 · 88% similar
IdenTrust: Cross-signed root certificate mis-issuance
AI Summary CA Owner
#1500593 RESOLVED Self Reported Incident Certificate Misissuance Opened 2018-10-19 · Closed 2023-02-22 · 88% similar
IdenTrust: Internal names / failure to report
AI Summary CA Owner
#1853783 RESOLVED Ca Certificate Compliance Certificate Misissuance Self Reported Incident Opened 2023-09-18 · Closed 2025-03-20 · 87% similar
IdenTrust: S/MIME certificates issued in violation of New S/MIME Baseline Requirements v1.0
AI Summary CA Owner
#1910195 RESOLVED Certificate Misissuance Self Reported Incident Opened 2024-07-26 · Closed 2024-09-06 · 87% similar
IdenTrust: Invalid special characters in S/MIME Certificates
AI Summary CA Owner
#1991215 RESOLVED Self Reported Incident Opened 2025-09-26 · Closed 2025-11-21 · 81% similar
IdenTrust: ICA with invalid CDP
AI Summary CA Owner
#2006483 RESOLVED Self Reported Incident Opened 2025-12-16 · Closed 2026-01-20 · 81% similar
IdenTrust: CT Logging Mistakes
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action