Hi, The german bar association has a software for secure communication between lawyers called "besonderes elektronisches Anwaltspostfach" (beA).
They used a local https server run on the client with a valid certificate for bealocalhost.de (the domain resolves to 127.0.0.1). This means the private key is part of the software, so this is a key compromise. This has been reported by Markus Drenger to the CA and it got revoked. Here's the cert: https://crt.sh/?id=285821301 What happened after that is no longer relevant for the PKI as a whole, but is even worse for the users of beA: They used a self-signed certificate and asked the users to import that into the Windows root certificate store. Thus the same problem appears as with Superfish, edell and similar: Everyone can now sign certificates for arbitrary hosts and use them to perform man in the middle attacks against the users who followed these instructions. Starting January 1st all lawyers in Germany have to use this beA software. Article in German: https://www.golem.de/news/bea-bundesrechtsanwaltskammer-verteilt-https-hintertuere-1712-131845.html -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy