← Chunghwa Telecom cases
Bugzilla #2055120 Ccadb Disclosure Issue Opened By Ca

Chunghwa Telecom: Incomplete disclosure of CRL URLs in CCADB

ASSIGNED Chunghwa Telecom
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update. Always refer to the official Bugzilla thread as the authoritative source. If you spot an inaccuracy, let me know via the contact form.
AI Summary

The bug reports that the CRL URLs disclosed in CCADB for Chunghwa Telecom’s CAs are not comprehensive. The reporter cites CCADB Policy Section 6.2, stating that for any unexpired and unrevoked CA certificate disclosed to CCADB, the CA Owner must disclose the complete set of distinct HTTP URLs appearing in the certificate’s crlDistributionPoints extension, matching exactly as in the issued certificates. The reporter also states that the source of the incident disclosure is a third party, and that a full incident report will be submitted before 2026-07-27 8:25 AM (UTC+8). No additional remediation steps or final resolution are included in the thread content provided.

Model: gpt-5.4-nano Generated: 2026-07-16 19:56 UTC Confidence: 0.82 1 comment
Chronology
  1. A bug was opened reporting incomplete CRL URL disclosure in CCADB for Chunghwa Telecom CAs.
Thread Activity
  1. Cht representative — Submitted a preliminary incident report stating CCADB-disclosed CRL URLs are not comprehensive, referenced CCADB Policy §6.2 requirements, noted third-party disclosure, and said a full incident report would be submitted by 2026-07-27 8:25 AM (UTC+8).
Participants
Cht representative
External References
Similar Local Cases
#2053948 ASSIGNED Self Reported Incident Ccadb Disclosure Issue Opened By Ca Single Ca Owner Opened 2026-07-09 Still Open · 72% similar
IdenTrust: Delayed disclosure of Intermediate CA in CCADB
#2055449 UNCONFIRMED Ccadb Disclosure Issue Opened By Ca Opened 2026-07-16 Still Open · 69% similar
Firmaprofesional: Delayed and inaccurate policy-document disclosures for SIGNE Autoridad de Certificacion - 2020
#2055047 ASSIGNED Ccadb Disclosure Issue Externally Reported Incident Opened 2026-07-14 Still Open · 69% similar
DigiCert: Incomplete disclosure of CRL URLs in CCADB
#2007216 ASSIGNED Ca Certificate Compliance Incident Ccadb Disclosure Issue Problem Reporting Failure Opened 2025-12-20 Still Open · 69% similar
GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates
#2055250 ASSIGNED Ccadb Disclosure Issue Externally Reported Incident Opened 2026-07-15 Still Open · 62% similar
D-TRUST: Incomplete Disclosure of CRL URLs
#2054450 UNCONFIRMED Ccadb Disclosure Issue Incident Repository Issue Opened 2026-07-13 Still Open · 60% similar
Firmaprofesional: Chrome Root Program Policy - Incorrect CCADB hierarchy associations
#2050850 ASSIGNED Ccadb Disclosure Issue Repository Issue Problem Reporting Failure Opened 2026-06-26 Still Open · 60% similar
Asseco DS / Certum: HTTP 404 returned by CRL Distribution Point URLs for six pre-inclusion Root CAs
#2047866 ASSIGNED Ccadb Disclosure Issue Repository Issue Self Reported Incident Opened 2026-06-16 Still Open · 60% similar
certSIGN: incorrect URL in CCADB

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action