External Issuing CAs

Public Disclosure of External Issuing CAs

Issuing CAs chaining to a publicly trusted QuoVadis Root must either be technically constrained, or undergo an independent audit and be publicly disclosed in the Repository on the QuoVadis website.

The following public disclosure includes external Issuing CAs that are not technically constrained and are covered by their own independent audits.

DigitalTrust LLC (previously part of DarkMatter LLC)

The DarkMatter CAs were previously hosted and operated by QuoVadis, and included in the QuoVadis WebTrust audits through 2017. In November 2017, the CAs were transitioned to DarkMatter’s own control following disclosure to browser root programs. The CAs have been continuously audited per Mozilla requirements. The migration was audited by DarkMatter’s auditors KPMG, and QuoVadis auditors EY were also present for the Bermuda aspects of the migration. DarkMatter had a point-in-time and an initial period-of-time WebTrust in place for their environment, and the CAs are now in scope for DarkMatter’s ongoing WebTrust audits. DarkMatter have been logging all TLS/SSL issuance to CT since the transfer.


Audit Reports Seals for WebTrust for Certification Authorities, WebTrust for Baseline Requirements, WebTrust for Extended Validation



Audit Reports ETSI TS 102042 V2.4.1