Certificate Revocation and Problem Reporting
Certificate revocation and certificate problem reporting are an important part of online trust. Certificate revocation is used to prevent the use of certificates with compromised private keys, reduce the threat of malicious websites, and address system-wide attacks and vulnerabilities. As a member of the online community, you play an important role in helping maintain online trust by requesting certificate revocations when needed.
Any revocation request reported to QuoVadis will be acknowledged promptly, and raised to a validation supervisor or QuoVadis management as appropriate.
QuoVadis revokes certificates for the reasons stated in the relevant QuoVadis CP/CPS, including the following:
- The subscriber requests in writing that QuoVadis revoke the certificate;
- The subscriber notifies QuoVadis that the original certificate request was not authorised and does not retroactively grant authorisation;
- QuoVadis obtains evidence that the subscriber’s private key corresponding to the public key in the certificate suffered a key compromise, or that the certificate was misused;
- QuoVadis is made aware that a subscriber has violated one or more of its material obligations under its agreement with QuoVadis;
- If QuoVadis determines that any of the information appearing in the certificate is not accurate;
- A determination, in QuoVadis’ sole discretion, that the certificate was not issued in accordance with the terms and conditions of QuoVadis’ Policies;
- Any other reason listed in the CA/Browser Forum Baseline Requirements along with other applicable industry standards.
Certificate Problem Reporting
Subscribers, relying parties, application software vendors, and other third parties can send emails to email@example.com reporting complaints or suspected private key compromise, certificate misuse, or other types of fraud, compromise, misuse, or inappropriate conduct related to certification.
If you wish to have a certificate revoked for any of the reasons listed above, please send an email to firstname.lastname@example.org. Make sure to include a thorough description of the reason for the certificate revocation.
QuoVadis will begin investigation of a certificate problem report within 24 hours of receipt and decide whether revocation or other appropriate action is warranted based on the relevant regulations or industry standards.
Qualified Certificate Revocation
Subscribers for Qualified and PKIoverheid certificates may revoke their own certificates via https://tl.quovadisglobal.com or by contacting the QuoVadis Qualified Registration Authority at +31 (0) 30 232 4320 during CET office hours or at +1 651 229 3456 outside of CET office hours.