← Autoridad de Certificacion Firmaprofesional cases
Bugzilla #2054450 Ccadb Disclosure Issue Incident Repository Issue

Firmaprofesional: Chrome Root Program Policy - Incorrect CCADB hierarchy associations

UNCONFIRMED Autoridad de Certificacion Firmaprofesional
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update. Always refer to the official Bugzilla thread as the authoritative source. If you spot an inaccuracy, let me know via the contact form.
AI Summary

The bug reports an incident involving Firmaprofesional’s CCADB hierarchy associations for subordinate CA certificates. On 2026-07-10, the Chrome Root Program notified Firmaprofesional that four unexpired and unrevoked subordinate CA certificates were improperly disclosed in CCADB because their records were associated only with the 2009 self-signed root record and not with the Chrome-included 2014 root record, despite the 2009 and 2014 roots sharing the same Subject and SPKI. During reconciliation, Firmaprofesional identified three additional unexpired and unrevoked subordinate CA certificates in the same situation, bringing the known affected CCADB subordinate CA records to seven. Firmaprofesional applied provisional remediation on 2026-07-10 by updating the `Parent CA Owner/Certificate` field of the seven existing unique records so they are associated with the 2014 root record. The broader CCADB corpus review remains in progress, and Firmaprofesional requested confirmation from the Chrome Root Program that the re-association matches the expected CCADB representation. The incident remains under investigation pending completion of the corpus review and confirmation.

Model: gpt-5.4-nano Generated: 2026-07-16 19:55 UTC Confidence: 0.82 1 comment
Chronology
  1. Chrome Root Program notified Firmaprofesional that seven subordinate CA certificates were improperly associated in CCADB hierarchy records (initially four, expanded to seven during reconciliation).
  2. Firmaprofesional applied provisional remediation by updating the `Parent CA Owner/Certificate` field for the seven affected CCADB records to associate them with the 2014 root record.
Thread Activity
  1. Community commenter — Chema (c**********z@firmaprofesional.com) posted a preliminary incident report describing the incorrect CCADB hierarchy associations, the seven affected subordinate CA records, and the provisional remediation plus ongoing corpus review and requested confirmation.
Participants
Autoridad de Certificacion Firmaprofesional Mozilla representative
External References
Similar Local Cases
#2055449 UNCONFIRMED Ccadb Disclosure Issue Opened By Ca Opened 2026-07-16 Still Open · 85% similar
Firmaprofesional: Delayed and inaccurate policy-document disclosures for SIGNE Autoridad de Certificacion - 2020
#2047866 ASSIGNED Ccadb Disclosure Issue Repository Issue Self Reported Incident Opened 2026-06-16 Still Open · 69% similar
certSIGN: incorrect URL in CCADB
#2050850 ASSIGNED Ccadb Disclosure Issue Repository Issue Problem Reporting Failure Opened 2026-06-26 Still Open · 68% similar
Asseco DS / Certum: HTTP 404 returned by CRL Distribution Point URLs for six pre-inclusion Root CAs
#2049012 ASSIGNED Ccadb Disclosure Issue Ccadb Metadata Update Repository Issue Opened 2026-06-19 Still Open · 68% similar
FNMT: Inaccuracy in CRL URL in CCADB
#2007216 ASSIGNED Ca Certificate Compliance Incident Ccadb Disclosure Issue Problem Reporting Failure Opened 2025-12-20 Still Open · 68% similar
GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates
#2015567 RESOLVED Ccadb Metadata Update Incident Ccadb Disclosure Issue Information Request Opened 2026-02-09 · Closed 2026-05-15 · 66% similar
Government of Saudi Arabia, NIC (SDAIA): Missing Contact Information in CCADB
#2055120 ASSIGNED Ccadb Disclosure Issue Opened By Ca Opened 2026-07-15 Still Open · 60% similar
Chunghwa Telecomm: Incomplete disclosure of CRL URLs in CCADB
#2055250 ASSIGNED Ccadb Disclosure Issue Externally Reported Incident Opened 2026-07-15 Still Open · 59% similar
D-TRUST: Incomplete Disclosure of CRL URLs

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action