← EDICOM cases
Bugzilla #1397830 Policy Compliance

EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate

RESOLVED FIXED EDICOM
AI Summary

EDICOM was found to be signing OCSP responses with SHA-1 using an unconstrained certificate, violating Mozilla's Root Store Policy. Despite previous communications stating they would cease this practice, technical challenges prevented them from disabling SHA-1. Consequently, EDICOM decided to stop supporting their old Certification Authority Root and initiated the process to remove it from the trusted PKI Root. The case has been resolved with a plan to remove the old root certificate.

Model: gpt-4o-mini Generated: 2026-06-13 17:08 UTC Confidence: 1.00
Chronology
  1. Bug reported regarding SHA-1 OCSP responses.
  2. EDICOM acknowledged technical issues with disabling SHA-1.
  3. Request filed to remove the old ACEDICOM root certificate.
  4. Discussion on removing the Security Issue flag.
Participants
Andrew Ayer Raúl Santisteban Kathleen Wilson Gervase Markham Ryan Sleevi
External References
Original Bugzilla Case ccadb-public.secure.force.com www.mail-archive.com bugzilla.mozilla.org bugzilla.mozilla.org
Similar Local Cases
#1391066 RESOLVED Policy Compliance Opened 2017-08-16 · Closed 2023-02-22 · 61% similar
SwissSign: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1391054 RESOLVED Policy Compliance Opened 2017-08-16 · Closed 2023-02-22 · 61% similar
Izenpe: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1374381 RESOLVED Policy Compliance Opened 2017-06-19 · Closed 2023-02-22 · 60% similar
SwissSign: BRs require full annual audits
AI Summary CA Owner
#1391064 RESOLVED Policy Compliance Opened 2017-08-16 · Closed 2023-02-22 · 55% similar
SECOM: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1713976 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 55% similar
Amazon Trust Services: CP/CPS does not specify key compromise methods
AI Summary CA Owner
#1567061 RESOLVED Policy Compliance Opened 2019-07-18 · Closed 2023-02-22 · 54% similar
GoDaddy: inconsistent disclosure of externally-operated intermediate
AI Summary CA Owner
#1230797 RESOLVED Policy Compliance Opened 2015-12-06 · Closed 2022-11-14 · 54% similar
Distrust ISRG Subordinate Certificate and Remove It Until the CA is Compliant with Mozilla Policies
AI Summary CA Owner
#1713978 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 54% similar
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action