Thank you for this report Fotis. On Thu, Oct 11, 2018 at 6:13 AM Fotis Loukos via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Summary > ------- > > A number of Qualified Web Authentication Certificates have been issued > with incorrect qcStatements encoding. A small survey displays that all > certificates issued by a specific SubCA are affected by this issue > (https://crt.sh/?CN=%25&iCAID=1481). The CA has been notified about > this, but more than a week has passed and it has not yet provided any > feedback, while it continues to issue such malformed certificates (e.g. > https://crt.sh/?id=816495298). > > Technical details > ----------------- > > According to ETSI EN 319 412-5 (Electronic Signature and Infrastructure > (ESI); Certificate Profiles; Part 5: QCStatements) section 4.2.3 > (QCStatement claiming that the certificate is a EU qualified certificate > of a particular type), the QCStatement QcType with OID > id-etsi-qcs-QcType (0.4.0.1862.1.6) declares that a certificate has been > issued for a particular purpose (e-sign, e-seal, qualified web > authentication certificate). Every certificate containing this > QCStatement must have a SEQUENCE OF OBJECT IDENTIFIER which declares the > purpose, e.g. id-etsi-qct-web (0.4.0.1862.1.6.3). > T-Systems International GmbH has failed to follow this specification, > and instead issues certificates having id-etsi-qct-web as a QCStatement. > Such a certificate can be found at https://crt.sh/?asn1=795148644. You > can compare this with https://crt.sh/?asn1=844599393 which has the > QcType QCStatement correctly encoded. > > Disclosure to CA timeline > ------------------------- > > - 2 October 2018: First notification to the CA, with a detailed > description of the issue. > - 2 October 2018: Reply by a CA representative that they will look at it. > - 8 October 2018: Second notification and request for feedback. > > No further communication has taken place. > > Impact to WebPKI > ---------------- > > Two issues can be identified. > > The first issue is the incorrect encoding of the QCStatement. My > assessment is that this problem does not affect the WebPKI, since as far > as I can tell, no browsers decode or utilize the QCStatements extension. > > The second issue is the failure of the CA to identify the problem, reply > in time, possibly revoke the problematic certificates and at least > momentarily pause the issuance of new certificates until the issue is > resolved. I consider this a serious issue that displays problematic > practices within the CA. > > I share your concern for the CA's responsiveness, but I'm not seeing anything that would make this a violation of the BRs or Mozilla's policies. Regards, > Fotis > > -- > Fotis Loukos, PhD > Director of Security Architecture > SSL Corp > e: fot...@ssl.com > w: https://www.ssl.com > > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
