← DigiCert cases
Bugzilla #2055047
Ccadb Disclosure Issue
Externally Reported Incident
DigiCert: Incomplete disclosure of CRL URLs in CCADB
ASSIGNED
DigiCert
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update.
Always refer to the official Bugzilla thread as the authoritative source.
If you spot an inaccuracy, let me know via the contact form.
AI Summary
The bug concerns DigiCert’s disclosure of CRL URLs in the Common CA Database (CCADB). DigiCert states that the URLs disclosed in CCADB are not comprehensive for the CRLs of certain DigiCert CAs. DigiCert cites CCADB Policy Section 6.2, including requirements that the complete set of distinct HTTP URLs be disclosed and that disclosed URLs match exactly as they appear in the certificates issued. DigiCert also notes that the incident disclosure was based on a third-party report. The bug is currently in ASSIGNED status, and no resolution is recorded in the thread provided.
Chronology
- DigiCert opened a bug reporting incomplete CRL URL disclosure in CCADB for certain DigiCert CAs.
Thread Activity
- DigiCert — DigiCert submitted a preliminary incident report stating CCADB-disclosed CRL URLs are not comprehensive for certain DigiCert CAs and referenced CCADB Policy Section 6.2 requirements, noting the disclosure was triggered by a third-party report.
Participants
DigiCert
External References
Similar Local Cases
D-TRUST: Incomplete Disclosure of CRL URLs
Chunghwa Telecomm: Incomplete disclosure of CRL URLs in CCADB
IdenTrust: Delayed disclosure of Intermediate CA in CCADB
DigiCert: Delayed response to problem report related to Bug 2055539
Asseco DS / Certum: HTTP 404 returned by CRL Distribution Point URLs for six pre-inclusion Root CAs
ANF AC : Delayed Reporting of 2026 Audit Findings
FNMT: Inaccuracy in CRL URL in CCADB
certSIGN: incorrect URL in CCADB