← DigiCert cases
Bugzilla #1397954 · Certificate Misissuance
DigiCert / Siemens: Insufficient Serial Number Entropy
DigiCert · RESOLVED
AI Summary
This case involves DigiCert's handling of insufficient serial number entropy in certificates issued by Siemens. Following a certificate problem report, it was determined that Siemens failed to revoke affected certificates within the required timeframe. Consequently, a revocation was scheduled, and measures were taken to ensure compliance with best practices moving forward. The issue has since been resolved, with all problematic certificates revoked.
Chronology
- Bug reported regarding insufficient serial number entropy.
- Scheduled revocation of affected certificates.
- All certificates from the CA issued after a specific date were revoked.
Participants
Jeremy Rowley
Kathleen Wilson
Ryan Sleevi
Rufus Buschardt
Markus Wichmann
External References
Similar Local Cases
DigiCert / Swiss Government: CommonName not in SANs
DigiCert / Telecom Italia: Several Problems
DigiCert: DigiCert issued cert with CN too long
DigiCert / Wells Fargo: Invalid DNS names
DigiCert / Inteso San Paulo: Double dot characters
DigiCert: Verizon mis-issued test certificates
DigiCert / Justica: Invalid DNS names
DigiCert: "Some-State" in stateOrProvinceName