← Amazon Trust Services cases
Bugzilla #1713976 Policy Compliance

Amazon Trust Services: CP/CPS does not specify key compromise methods

RESOLVED FIXED Amazon Trust Services
AI Summary

Amazon Trust Services was found to have a compliance issue regarding their Certificate Policy (CP) and Certificate Practice Statement (CPS), specifically that they did not specify methods for demonstrating private key compromise as required by Mozilla's Root Store Policy. The issue was acknowledged by Amazon, and they committed to updating their documents by July 30, 2021. Following the updates, it was noted that while some changes were made, further clarification was needed to fully meet compliance expectations. Ultimately, Amazon updated their CPS to include clearer instructions for reporting key compromise by August 20, 2021.

Model: gpt-4o-mini Generated: 2026-06-13 15:27 UTC Confidence: 1.00
Chronology
  1. Initial bug reported regarding CP/CPS compliance.
  2. Amazon Trust Services committed to updating CP/CPS.
  3. Amazon updated CPS to include preferred information for key compromise reporting.
Participants
Andrew Ayer Trevoli (Amazon Trust Services) Ben Wilson Ryan Sleevi
External References
Original Bugzilla Case github.com www.amazontrust.com www.amazontrust.com wiki.mozilla.org
Similar Local Cases
#1713978 RESOLVED Policy Compliance Opened 2021-06-02 · Closed 2023-02-22 · 79% similar
Amazon Trust Services: Forbidden Domain Validation Method 3.2.2.4.6
AI Summary CA Owner
#1454102 RESOLVED Policy Compliance Opened 2018-04-13 · Closed 2022-12-08 · 61% similar
Amazon Trust Services - BR Self Assessment and CP/CPS Updates
AI Summary CA Owner
#1567061 RESOLVED Policy Compliance Opened 2019-07-18 · Closed 2023-02-22 · 58% similar
GoDaddy: inconsistent disclosure of externally-operated intermediate
AI Summary CA Owner
#1525082 RESOLVED Policy Compliance Opened 2019-02-04 · Closed 2022-11-14 · 55% similar
Ernst & Young Poland: KIR OCSP "unknown" status for revoked certificate
AI Summary CA Owner
#1397830 RESOLVED Policy Compliance Opened 2017-09-07 · Closed 2023-02-22 · 55% similar
EDICOM: Signing SHA-1 OCSP responses with unconstrained certificate
AI Summary CA Owner
#1545208 RESOLVED Policy Compliance Opened 2019-04-17 · Closed 2023-02-22 · 51% similar
Sectigo: Missing Changelog in CPS
AI Summary CA Owner
#1596931 RESOLVED Policy Compliance Opened 2019-11-15 · Closed 2024-06-30 · 49% similar
DigiCert: Verizon CPS lacks CPR problem reporting instructions
AI Summary CA Owner
#1518560 RESOLVED Policy Compliance Opened 2019-01-08 · Closed 2023-02-22 · 47% similar
Asseco DS / Certum: Use of forbidden subjectPublicKeyInfo algorithm
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action