CCADB Update: Clearer task lists, less clutter, and better ICA document tracking

60 views
Skip to first unread message

CCADB Support

unread,
Apr 30, 2026, 8:06:57 AM (9 days ago) Apr 30
to CCADB Support, public

All,


We deployed a few updates to the CCADB to help streamline Non-Audit Document handling, clarify CA Task List reports, and manage older records. Here is a breakdown of what's new:


  1. Better Non-Audit Document Handling on ICA Records

Previously, if you updated an intermediate certificate record by removing a specific policy document and selecting "$Same as Parent," the system kept the old document associated with the certificate. We fixed this. Now, selecting "$Same as Parent" after removing the URL and effective date correctly disables the association with the old document.


To make this easier to track, we added a "Certificate Association Disabled?" column to the Non-Audit Documents view, and we renamed the "Show Superseded" checkbox to "Show All". We also updated the "$Same as Parent" tooltip to better explain how it handles document subsets, which should be especially helpful for multi-purpose roots cross-certifying single-purpose roots. There is a new CA Task List report “Non-Audit Document Without Active Certificate Associations,” that will display all Non-Audit Documents that have no active certificate associations along with instructions for how to supersede them. 


  1. Updates to the "Missing Information" Task List Report

The "Intermediate Certificates with Missing Information" report was causing some confusion, so we tweaked the logic and updated the name to "Intermediate Certificates with Missing or Inconsistent Information".


The most notable change is that the report will no longer flag your record if you provide both a standard CP/CPS and a Markdown/AsciiDoc version. We adjusted the detailed messages in the system to reflect this, meaning you will not get an error for providing both document types for Server Authentication Trust Bits.


  1. New Report for Missing Bugzilla Usernames

When public incident reports come up, we need a way to assign them to the right people. This is difficult when Primary POCs and POCs do not have a Bugzilla Username tied to their CCADB account.


To help CA Owners spot this gap, we added a new CA Task List report called "Contacts Missing a Bugzilla Username". This report triggers if a CA Owner does not have a single person in the CCADB with a registered Bugzilla Username tied to a contact record. If you see your organization on this list, please submit an “Add/Update Contact” case to add a Bugzilla username to at least one non-obsolete POC.


  1. Marking Root Certificates as Obsolete

We occasionally get requests to delete old, irrelevant, or never-included root certificates from the CCADB to reduce clutter. However, deleting a root is risky due to all the child records, case histories, and file archives tied to it.


To clean up the system without losing historical data, we introduced a new internal field: "Status in CCADB obsoleted?". This is an admin-only checkbox that allows obsolete roots to be removed from regular maintenance workflows. This keeps the data preserved but removes some of the clutter that makes it look like you still need to take action on those old certificates. We intend to continue refining this enhancement to further reduce clutter. 


If you have any questions or run into any unexpected behavior with these updates, please let us know at sup...@ccadb.org.


Best regards,

-CCADB Support


Reply all
Reply to author
Forward
0 new messages