I've finally found some time to analyse the data from last months scan to see what happens when additional roots are removed[1,2].
The scan took place between 11th and 19th of July 2014. Sites scanned are taken from Alexa top 1 million sites as of 11th of July. Overall, the certificate stats look like this: Statistics from 440559 chains provided by 585568 hosts Server provided chains Count Percent -------------------------+---------+------- complete 363296 62.0416 incomplete 29441 5.0278 untrusted 192831 32.9306 Trusted chain statistics ======================== Chain length Count Percent -------------------------+---------+------- 2 2385 0.5414 3 428839 97.3397 4 9314 2.1141 5 21 0.0048 CA key size in chains Count -------------------------+--------- ECDSA 256 3 ECDSA 384 3 RSA 1024 1718 RSA 2045 1 RSA 2048 868749 RSA 4096 17615 Chains with CA key Count Percent -------------------------+---------+------- ECDSA 256 3 0.0007 ECDSA 384 3 0.0007 RSA 1024 1708 0.3877 RSA 2045 1 0.0002 RSA 2048 438889 99.6209 RSA 4096 17235 3.9121 Signature algorithm (ex. root) Count ------------------------------+--------- ecdsa-with-SHA384 3 sha1WithRSAEncryption 384856 sha256WithRSAEncryption 49903 sha384WithRSAEncryption 12768 Eff. host cert chain LoS Count Percent -------------------------+---------+------- 80 385704 87.5488 112 54852 12.4505 128 3 0.0007 Removing the Thawte 1024 bit roots[1] causes following changes: Untrusted: +33 sites. Incomplete chain: +153, -2 sites. Complete chain: -184 sites. Sites that become untrusted: aclens.com@199.242.144.30 brillenplatz.de@83.141.56.30 copagloja.com.br@54.225.100.66 cqccms.com.cn@124.207.135.23 datatilsynet.no@80.232.122.99 drewag.de@77.75.249.212 easy-forex.com@64.14.56.6 fachverlag-computerwissen.de@78.111.65.215 foreverwedstore.com@208.77.51.191 gold-super-markt.de@94.186.152.196 gold-to-go.com@94.186.152.196 golf.de@194.97.154.131 gumball3000.com@134.0.19.106 jokerit.com@89.250.52.17 loytec.com@88.198.4.4 madeindesign.de@194.213.124.118 meventi.com@78.47.246.235 motor-talk.de@94.198.62.121 nct.ie@193.120.166.32 ncts.ie@193.120.166.32 now.cn@119.146.222.146 pctonline.com@66.181.99.28 recyclingtoday.com@66.181.99.26 santander.be@212.78.166.49 showoffimports.nl@91.216.34.51 slotastic.com@54.204.19.24 tcd.ie@134.226.14.90 todaynic.com@119.146.222.146 whitireia.ac.nz@202.2.11.59 www.cqccms.com.cn@125.35.1.213 www.now.cn@119.146.222.153 www.todaynic.com@119.146.222.153 www.uri.edu@131.128.1.19 Adding certificate from comment 13 from bugzilla[1] changes the stats compared to above results in very small way, only 6 hosts loose untrusted status: aclens.com@199.242.144.30 cqccms.com.cn@124.207.135.23 easy-forex.com@64.14.56.6 madeindesign.de@194.213.124.118 santander.be@212.78.166.49 www.cqccms.com.cn@125.35.1.213 So in total, removal of certificates referenced in [1] makes at least 27 hosts untrusted. Removal of the GTE root has bigger impact: complete -86 incomplete +17, -8 untrusted +77 since the list is so large I won't be quoting it here. As such, I'd say that removing those roots now would be premature. 1 - https://bugzilla.mozilla.org/show_bug.cgi?id=986014 2 - https://bugzilla.mozilla.org/show_bug.cgi?id=1047011 -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: hka...@redhat.comg Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy