Re: New undisclosed intermediates

Fri, 09 Jun 2017 08:38:01 -0700 

On 09/06/2017 12:29, Rob Stradling wrote:

On 09/06/17 11:16, Jakob Bohm via dev-security-policy wrote:
<snip>

What in the policy says they become in-scope from a certificate chain
that isn't "anchored" at a Mozilla trusted root?
And would someone please post those alleged certificate chains *explicitly* here, not just say they saw it "somehow". 

Hi Jakob.  Let me run through one of them as an example:
https://crt.sh/?id=12977063 is a self-signed root certificate that is also an NSS built-in trust anchor.
https://crt.sh/?id=149444544 is a self-signed root certificate that is _not_ an NSS built-in trust anchor. 



Ah, that wasn't clear from the previous posts in this thread.

So basically, this is *identical* to one of the trusted roots, but with
a different self-signature hash algorithm (and for at least this pair, a
different serial number).

This seems to directly violate the often proposed (but apparently not
yet enacted) rule that different root certs must have different keys
(if that rule has been incorporated into a current policy).

It's also risky cryptographic practice, although for RSA, the PKCS#1
padding ensures no direct collision risk (but still, once the weaker
hash is broken, each of the certs previously signed with that hash
become a reason to distrust the root in software that does not filter
the hash algorithm for each issued certificate).  The safer design would
have been to create a new key pair and subject name, then set it up as a
cross-signed root, which would be a SubCA for those only trusting the
the older root.

Without the no-reuse rule, the most reasonable interpretation of such a
certificate is as a refresh of the same root CA, which must be disclosed
in the same way as any other such refresh (such as a change in the date
fields).  Both certificates must be subjected to the same audits,
disclosures and trust bits.  Both certificates must be somehow listed
in the entry for that root CA.




Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to