← Autoridad de Certificacion Firmaprofesional cases
Bugzilla #2055449 Ccadb Disclosure Issue Opened By Ca

Firmaprofesional: Delayed and inaccurate CCADB policy-document disclosures for SIGNE Autoridad de Certificacion - 2020 (CPS 4.0/4.1)

UNCONFIRMED Autoridad de Certificacion Firmaprofesional
This summary was auto-generated by AI and revised by me when needed — accuracy improves with each update. Always refer to the official Bugzilla thread as the authoritative source. If you spot an inaccuracy, let me know via the contact form.
AI Summary

Autoridad de Certificacion Firmaprofesional reported an incident involving the subordinate CA “SIGNE Autoridad de Certificacion - 2020” (CCADB record ID 0011J00001jt6LCQAY). On 2026-07-14 00:10 UTC, Firmaprofesional received an external report that crt.sh was showing Mozilla disclosure alerts for outdated policy-document metadata in the CCADB record. Firmaprofesional’s investigation found that SIGNE published CPS version 4.0 (effective 2025-10-17) and CPS version 4.1 (effective 2026-06-11) in its public repository, but the CCADB record still disclosed CPS version 3.7 (effective 2024-07-04) as an active policy document. The updated CPS versions were not submitted to CCADB within the required 14-calendar-day period. As initial remediation, Firmaprofesional added CPS version 4.1 to the CCADB record and noted that crt.sh no longer displays the corresponding document-age alert; they continued verifying effective/superseded dates and the final CCADB state. The incident was described as ongoing, with impact limited to outdated/inaccurate CCADB policy-document metadata for the subordinate CA record.

Model: gpt-5.4-nano Generated: 2026-07-16 19:56 UTC Confidence: 0.86 1 comment
Chronology
  1. SIGNE published CPS version 4.0 effective 2025-10-17.
  2. CCADB record disclosed CPS version 3.7 effective 2024-07-04 as active.
  3. SIGNE published CPS version 4.1 effective 2026-06-11.
  4. Firmaprofesional received an external report that crt.sh showed Mozilla disclosure alerts for outdated CCADB policy-document metadata for the SIGNE subordinate CA record.
  5. Firmaprofesional added CPS version 4.1 to the CCADB record as initial remediation.
Thread Activity
  1. Autoridad de Certificacion Firmaprofesional — Firmaprofesional submitted a preliminary incident report stating that CCADB policy-document metadata for SIGNE’s CPS was outdated due to delayed submission, and that they updated the CCADB record with CPS 4.1, with crt.sh no longer showing the related alert.
Participants
Autoridad de Certificacion Firmaprofesional Mozilla representative
Similar Local Cases
#2054450 UNCONFIRMED Ccadb Disclosure Issue Incident Repository Issue Opened 2026-07-13 Still Open · 85% similar
Firmaprofesional: Chrome Root Program Policy - Incorrect CCADB hierarchy associations
#2053948 ASSIGNED Self Reported Incident Ccadb Disclosure Issue Opened By Ca Single Ca Owner Opened 2026-07-09 Still Open · 70% similar
IdenTrust: Delayed disclosure of Intermediate CA in CCADB
#2055120 ASSIGNED Ccadb Disclosure Issue Opened By Ca Opened 2026-07-15 Still Open · 69% similar
Chunghwa Telecomm: Incomplete disclosure of CRL URLs in CCADB
#2007216 ASSIGNED Ca Certificate Compliance Incident Ccadb Disclosure Issue Problem Reporting Failure Opened 2025-12-20 Still Open · 68% similar
GoDaddy: CRL Disclosure in CCADB Mismatch with Issued Certificates
#2055250 ASSIGNED Ccadb Disclosure Issue Externally Reported Incident Opened 2026-07-15 Still Open · 60% similar
D-TRUST: Incomplete Disclosure of CRL URLs
#2051283 ASSIGNED Ccadb Disclosure Issue Self Reported Incident Remediation Tracking Opened 2026-06-29 Still Open · 59% similar
ANF AC : Delayed Reporting of 2026 Audit Findings
#2055047 ASSIGNED Ccadb Disclosure Issue Externally Reported Incident Opened 2026-07-14 Still Open · 58% similar
DigiCert: Incomplete disclosure of CRL URLs in CCADB
#2049012 ASSIGNED Ccadb Disclosure Issue Ccadb Metadata Update Repository Issue Opened 2026-06-19 Still Open · 58% similar
FNMT: Inaccuracy in CRL URL in CCADB

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action