← DigiCert cases
Bugzilla #1313872 · Certificate Misissuance
SHA-1 issuance by DigiCert roots
DigiCert · RESOLVED
AI Summary
This case addresses the issuance of SHA-1 certificates by DigiCert's roots, which is in violation of Mozilla's Baseline Requirements. The discussion highlights concerns regarding the control and compliance of issuing CAs, particularly those outside DigiCert's direct oversight. Despite the resolution being marked as WONTFIX, the case emphasizes the need for DigiCert to take robust action against further SHA-1 issuance.
Chronology
- Initial report of SHA-1 certificates issued by DigiCert
- DigiCert responds to inquiries about SHA-1 issuance
- Case marked as WONTFIX
Participants
Gervase Markham
Kathleen Wilson
Jeremy Rowley
Patrick Figel
External References
Similar Local Cases
DigiCert / Inteso San Paulo: Double dot characters
DigiCert: Verizon mis-issued test certificates
DigiCert / Verizon: Reserved/Intranet domain name
DigiCert / Wells Fargo: Invalid DNS names
DigiCert / Justica: Invalid DNS names
DigiCert / Terena: Metadata in OU fields
DigiCert: RapidSSL CAA Mis-Issuance: Lookup failure on DNSSEC-signed zone
DigiCert / Swiss Government: CommonName not in SANs