← e-tugra cases
Bugzilla #1462797
Certificate Misissuance
E-Tugra: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString
RESOLVED
FIXED
e-tugra
AI Summary
E-Tugra faced a certificate misissuance issue where a certificate contained an invalid character (underscore) in the serialNumber field, violating RFC 5280. The CA acknowledged the problem and initiated a revocation process for the affected certificate. They conducted a thorough review of their certificate issuance process, implemented new controls, and confirmed that no additional certificates with similar issues were found. The incident report was submitted, detailing the steps taken to prevent future occurrences.
Chronology
- Initial report of the issue by Ryan Sleevi.
- E-Tugra provided a detailed incident report outlining their response.
- E-Tugra confirmed that all identified issues were resolved and new controls were implemented.
Participants
Ryan Sleevi
Davut Tokgöz
W. Thayer
External References
Similar Local Cases
E-Tugra: Invalid DER results in failure to comply with RFC 5280 - Violating string length limit
GoDaddy: Improper DER results in failure to comply with RFC 5280 - Invalid characters in PrintableString
SwissSign: Misissuance of Intermediate Certificates because of incorrect organizationIdentifier
Disig: Non-BR-Compliant Certificate Issuance
Entrust: Late mis-issue certificate revocation
SwissSign: Misissuance of Leaf Certificates because of incorrect postcode
Entrust: Certificate Issued with Incorrect Country Code
Amazon Trust Services: No Space In Private Organization