← Amazon Trust Services cases
Bugzilla #1746945 Technical Compliance

Amazon Trust Services: Missing CAA Check For Test Website Certificates

RESOLVED FIXED Amazon Trust Services
AI Summary

Amazon Trust Services identified a failure to perform CAA checks for certificates issued for test websites during an internal audit on December 8, 2021. This oversight affected ten certificates, five of which were revoked shortly after issuance. The team recognized the need for CAA checks and halted further certificate issuance until the issue was resolved. The incident highlights the importance of compliance with technical requirements in certificate management.

Model: gpt-4o-mini Generated: 2026-06-13 15:29 UTC Confidence: 0.90
Chronology
  1. Internal audit reveals missing CAA check for test certificates.
  2. Five test certificates revoked due to missed CAA check.
Participants
Trevoli (Amazon Trust Services) Matthias Ben Wilson (Mozilla)
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1914893 RESOLVED Technical Compliance Opened 2024-08-26 · Closed 2024-09-18 · 60% similar
Amazon Trust Services: CRL not DER-encoded
AI Summary CA Owner
#1521623 RESOLVED Technical Compliance Opened 2019-01-21 · Closed 2024-05-09 · 60% similar
Amazon Trust Services: Failure to comply with RFC 5280
AI Summary CA Owner
#1428891 RESOLVED Technical Compliance Opened 2018-01-08 · Closed 2023-02-22 · 40% similar
Entrust: Non-BR-Compliant OCSP Responder
AI Summary CA Owner
#1772644 RESOLVED Technical Compliance Opened 2022-06-04 · Closed 2023-02-22 · 40% similar
Apple: CRL issuance frequency deviates from CPS in some cases
AI Summary CA Owner
#1398246 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 39% similar
Consorci AOC: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1398240 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 39% similar
Firmaprofesional: Non-BR-Compliant OCSP Responders
AI Summary CA Owner
#1436173 RESOLVED Technical Compliance Opened 2018-02-06 · Closed 2023-02-22 · 39% similar
DigiCert: SCEE / Justica: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1398261 RESOLVED Technical Compliance Opened 2017-09-08 · Closed 2023-02-22 · 38% similar
Visa: Non-BR-Compliant OCSP Responders
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action