Resolved -
We identified an issue related to an update deployed to TrustedForm Certify on June 3 at approximately 8:30 AM CT. The update introduced behavior that caused TrustedForm assets to be blocked on some websites with restrictive Content Security Policies (CSPs). As a result, certificates created on those websites during the affected period may not have captured consent language correctly, which could have caused downstream verification requests to fail.
The update was rolled back on June 4 at approximately 1:00 PM CT, and newly created certificates are no longer affected by this issue. It is important to note that TrustedForm certification has always required all necessary web assets to be accessible to TrustedForm resources. Implementations that restrict TrustedForm through CSP or other security controls may result in certificates with incomplete data and unexpected verification outcomes.
