Re: A modest proposal for a better BR 7.1

[okaphone.elektronika--- via dev-security-policy]

On Saturday, 9 March 2019 03:44:12 UTC+1, Matthew Hardeman  wrote:
> I know this isn't the place to bring a BR ballot, but I'm not presently a
> participant there.
> 
> I present alternative language along with notes and rationale which, I put
> forth, would have resulted in a far better outcome for the ecosystem than
> the issues which have arisen from the present BR 7.1 subsequent to ballot
> 164.
> 
> I humbly propose that this would have been a far better starting point, for
> reasons I discuss in notes below.
> 
> Effective as of Month Day, Year, CAs shall generate a certificate serial
> numbers as herein specified:
> 
> 
>1. The ASN.1 signed integer encoded form of the certificate serial
>number value must be represented as not less than 9 bytes and not more than
>20 bytes.  [Note 1]
>2. The hexadecimal value of the first byte of the certificate serial
>number shall be 0x75.  [Note 2]
>3. The consecutive 64 bits immediately following the first byte of the
>encoded serial number shall be the first 64 bits of output of an AES-128
>random session key generation operation, said operation having been seeded
>within random data to within its design requirements. [Note 3]
>4. The remaining bytes of the encoded serial number (the 10th through
>20th bytes of the encoded serial number), to the extent any are desired,
>may be populated with any values. [Note 4]

Is it still important that the random bits are not all zero? Because that seems 
to be omitted here.

And if it is then the next question is: is it still important that the entropy 
of the whole thing is at least 64 bits? For if that is the case then you will 
need at least one more bit in the random part because of the exclusion of the 
all zeroes value, which reduces entropy to slightly below 64 bits.

CU Hans
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Peter Gutmann via dev-security-policy]

Dimitris Zacharopoulos via dev-security-policy 
 writes:

>If we have to count every CA that had this interpretation, then I suppose all
>CAs that were using EJBCA with the default configuration have the same
>interpretation.

There's also an unknown number of CAs not using EJBCA that may have even
further interpretations.  For example my code, which I'll point out in advance
has nothing to do with the BR and predates the existence of the CAB Forum
itself, may or may not be compliant with whatever Mozilla's interpretation of
7.1 is.  I literally have no idea whether it meets Mozilla's expectations.  It
doesn't do what EJBCA does, so at least it's OK there, but beyond that I have
no idea whether it does what Mozilla wants or not.  

I assume any number of other CAs are in the same position, and given that if
they guessed wrong they have to revoke an arbitrarily large number of certs,
it's in their best interests to keep their heads down and wait for this to
blow over.

So perhaps instead of trying to find out which of the hundreds of CAs in the
program aren't compliant, we can check which ones are.  Would any CA that
thinks it's compliant let us know, and indicate why they think they're
compliant?  For example "we take 64 bits of CSPRNG output, pad it with a
leading , and use that as the serial number", in other words what
Matthew Hardeman suggested, would seem to be OK.

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Dimitris Zacharopoulos via dev-security-policy]

Adding to this discussion, and to support that there were -in fact- 
different interpretations (all in good faith) please check the issue I 
had created in Dec 2017 https://github.com/awslabs/certlint/issues/56.


My simple interpretation of the updated requirement in 7.1 at the time 
was that "no matter what, the resulting serial number should be at least 
64 bits long". However, experts like Peter Bowen, Rob Stradling and Matt 
Palmer, paying attention to details of the new requirement, gave a 
different interpretation. According to their explanation, if you take 
64-bits from a CSPRNG, there is a small but existing probability that 
the resulting serialNumber will be something smaller.  So, "shorter" 
serial numbers were not considered a violation of the BRs as long as the 
64-bits came out of a CSPRNG.


I am personally shocked that a large part of this community considers 
that now is the time for CAs to demonstrate "agility to replace 
certificates", as lightly as that, without considering the significant 
pain that Subscribers will experience having to replace hundreds of 
thousands of certificates around the globe. It is very possible that 
Relying parties will also suffer availability issues.


As discussed before, automation is one of the goals (other opinions had 
been raised, noting security concerns to this automation). Centralized 
systems like large web hosting providers or single large Subscribers 
like the ones already mentioned in current incident reports, can build 
automation easier. However, simple/ordinary Subscribers that don't have 
the technical skills to automate the certificate replacement, that 
struggled to even install certificates in their TLS servers in the first 
place, will create huge burden for no good reason.


I don't know if others share the same view about the interpretation of 
7.1 but it seems that some highly respected members of this community 
did. If we have to count every CA that had this interpretation, then I 
suppose all CAs that were using EJBCA with the default configuration 
have the same interpretation.


BTW, the configuration in EJBCA that we are talking about, as the 
default number of bytes, had the number "8" in the setting, resulting in 
64-bits, not 63. So, as far as the CA administrator was concerned, this 
setting resulted in using 64 random bits from a CSPRNG. One would have 
to see the internal code to determine that the first bit was replaced by 
a zero.


IMO, Mozilla should also treat this as an incident and evaluate the 
specific parameters (strict interpretation of section 7.1, CAs did not 
deliberately violate the requirement, a globally-respected software 
vendor and other experts had a different allowable interpretation of a 
requirement, the security impact on Subscribers and Relying Parties for 
1 bit of entropy is negligible), and consider treating this incident at 
least as the underscore issue. In the underscore case, there was a SCWG 
ballot with an effective date where CAs had to ultimately revoke all 
certificates that included an underscore.



Thanks,
Dimitris.

On 9/3/2019 6:32 π.μ., Peter Bowen via dev-security-policy wrote:

On Fri, Mar 8, 2019 at 7:55 PM Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:


On Fri, Mar 8, 2019 at 9:49 PM Ryan Sleevi  wrote:


I consider that only a single CA has represented any ambiguity as being
their explanation as to why the non-compliance existed, and even then,
clarifications to resolve that ambiguity already existed, had they simply
been sought.


Please contemplate this question, which is intended as rhetorical, in the
most generous and non-judgmental light possible.  Have you contemplated the
possibility that only one CA attempted to do so because you've stated your
interpretation and because they're subject to your judgement and mercy,
rather than because the text as written reflects a single objective
mechanism which matches your own position?


Matthew,

I honestly doubt so.  It seems that one CA software vendor had a buggy
implementation but we know this is not universal.  For example, see
https://github.com/r509/r509/blob/05aaeb1b0314d68d2fcfd2a0502f31659f0de906/lib/r509/certificate_authority/signer.rb#L132
  and https://github.com/letsencrypt/boulder/blob/master/ca/ca.go#L511 are
open source CA software packages that clearly do not have the issue.
Further at least one CA has publicly stated their in-house written CA
software does not have the issue.

I know, as the author of cablint, that the main reason I didn't have any
confusion.  I didn't add more checks because of the false positive rate
issue; if I checked for 64 or more bits, it would be wrong 50% of the
time.  The rate is still unacceptable with even looser rules; in 1/256
cases the top 8 bits will all be zero, leading to a whole the serial being
a whole byte shorter.

I do personally think that the CAs using EJBCA should not be faulted here;
their vendor added an option to be 

Re: EJBCA defaulting to 63 bit serial numbers

[Peter Bowen via dev-security-policy]

On Fri, Mar 8, 2019 at 7:55 PM Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On Fri, Mar 8, 2019 at 9:49 PM Ryan Sleevi  wrote:
>
> > I consider that only a single CA has represented any ambiguity as being
> > their explanation as to why the non-compliance existed, and even then,
> > clarifications to resolve that ambiguity already existed, had they simply
> > been sought.
> >
>
> Please contemplate this question, which is intended as rhetorical, in the
> most generous and non-judgmental light possible.  Have you contemplated the
> possibility that only one CA attempted to do so because you've stated your
> interpretation and because they're subject to your judgement and mercy,
> rather than because the text as written reflects a single objective
> mechanism which matches your own position?
>

Matthew,

I honestly doubt so.  It seems that one CA software vendor had a buggy
implementation but we know this is not universal.  For example, see
https://github.com/r509/r509/blob/05aaeb1b0314d68d2fcfd2a0502f31659f0de906/lib/r509/certificate_authority/signer.rb#L132
 and https://github.com/letsencrypt/boulder/blob/master/ca/ca.go#L511 are
open source CA software packages that clearly do not have the issue.
Further at least one CA has publicly stated their in-house written CA
software does not have the issue.

I know, as the author of cablint, that the main reason I didn't have any
confusion.  I didn't add more checks because of the false positive rate
issue; if I checked for 64 or more bits, it would be wrong 50% of the
time.  The rate is still unacceptable with even looser rules; in 1/256
cases the top 8 bits will all be zero, leading to a whole the serial being
a whole byte shorter.

I do personally think that the CAs using EJBCA should not be faulted here;
their vendor added an option to be compliant with the BRs and it was very
non-obvious that it had a bug in the implementation.  Based on my
experience with software development, we should be encouraging CAs to use
well tested software rather than inventing their own, when possible.

Thanks,
Peter
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 10:54 PM Matthew Hardeman 
wrote:

>
>
> On Fri, Mar 8, 2019 at 9:49 PM Ryan Sleevi  wrote:
>
>> I consider that only a single CA has represented any ambiguity as being
>> their explanation as to why the non-compliance existed, and even then,
>> clarifications to resolve that ambiguity already existed, had they simply
>> been sought.
>>
>
> Please contemplate this question, which is intended as rhetorical, in the
> most generous and non-judgmental light possible.  Have you contemplated the
> possibility that only one CA attempted to do so because you've stated your
> interpretation and because they're subject to your judgement and mercy,
> rather than because the text as written reflects a single objective
> mechanism which matches your own position?
>

I consider the matter more than settled, based on the clear historic
evidence, so I see no value in engaging further.

>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Matthew Hardeman via dev-security-policy]

On Fri, Mar 8, 2019 at 9:49 PM Ryan Sleevi  wrote:

> I consider that only a single CA has represented any ambiguity as being
> their explanation as to why the non-compliance existed, and even then,
> clarifications to resolve that ambiguity already existed, had they simply
> been sought.
>

Please contemplate this question, which is intended as rhetorical, in the
most generous and non-judgmental light possible.  Have you contemplated the
possibility that only one CA attempted to do so because you've stated your
interpretation and because they're subject to your judgement and mercy,
rather than because the text as written reflects a single objective
mechanism which matches your own position?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 10:29 PM Matthew Hardeman 
wrote:

> I would appreciate your thoughts on it.
>

I consider the matter more than settled, based on the clear historic
evidence, so I see no value in engaging further. The amount of time and
energy necessary to evaluate and reason about it seems extremely wasteful,
given the ease at which alternative and plainly obvious solutions to comply
with the existing language exist. I consider that only a single CA has
represented any ambiguity as being their explanation as to why the
non-compliance existed, and even then, clarifications to resolve that
ambiguity already existed, had they simply been sought.

I do appreciate the effort, even though I believe it misspent. I do
sincerely hope that this thoroughly beaten horse corpse may be left alone
for some time. Of all the things to improve in the BRs that can have real
and meaningful improvement to the ecosystem, this does not rate on my Top
100.

>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Matthew Hardeman via dev-security-policy]

On Fri, Mar 8, 2019 at 8:52 PM Ryan Sleevi  wrote:

I appreciate the attention to detail, but I find it difficult to feel that
> it is a good faith effort that is designed to produce results consistent
> with the goals that many of this community have and share, and thus don't
> think it would be a particularly valuable thing to continue discussing.
> While there is certainly novelty in the approach, which is not at all
> unfamiliar in the legal profession [3], care should be taken to make sure
> that we are making forward progress, rather than beating dead horses.
>

In the spirit of demonstrating good faith, looking forward, and perhaps
even making a useful contribution), I have started a new thread [1] in
which I propose alternative language which might replace the specification
presently in BR 7.1.  I would appreciate your thoughts on it.

[1]
https://groups.google.com/d/msg/mozilla.dev.security.policy/PDzNNsxhzLU/F0uxY6qmCAAJ

>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: A modest proposal for a better BR 7.1

[Matthew Hardeman via dev-security-policy]

On Fri, Mar 8, 2019 at 8:57 PM Peter Gutmann 
wrote:

> Matthew Hardeman via dev-security-policy <
> dev-security-policy@lists.mozilla.org> writes:
>
> >shall be 0x75
>
> Not 0x71?
>

:-)  In truth, I think any particular chosen single value for the first
byte which has the high order bit set to 0 and is not 0x00, 0x01, or 0x7F
is probably fine.  0x00 is avoided for obvious encoding reasons.  0x01 and
0x7F should be avoided as they seem likely to be the most common values
people would utilize in that position when they have the goal of avoiding
variable length.  One of the benefits of choosing a particular fixed value
for the entire first byte is that it creates a significant probability
(127/128) that a random value (save for a fixed high order bit set to 0) in
the first byte by a CA who hasn't updated their behavior to conform will be
rapidly and obviously revealed.


> Sounds good, and saves me having to come up with something (the
> bitsort(CSPRNG64()) nonsense took enough time to type up).  The only thing
> I
> somewhat disagree with is #3, since this is now very concise and requires
> "the
> first 64 bits of output" you can just make it a CSPRNG, which is well-
> understood and presumably available to any CA, since it's a standard
> feature
> of all HSMs.


I don't necessarily have strong opinions about it, but I did consider it
and still came to the conclusion that it should be specified as a symmetric
key generation operation.  My reason for this change arises from my own
experiences in a variety of languages and platforms on various hardware
over the years.  CSPRNG ought to be enough, but sometimes some environments
will spoil a developer with choice.  And if the developer isn't necessarily
a cryptographer, they could easily choose the wrong type or initialize it
incorrectly.  Conversely, through the years various programming languages
and runtime environments have gotten better and better about the default or
most prevalent routines for key generation on those platforms.  It is
therefore belief that specifying the entropy source as a standardized
symmetric key generation operation improves the odds that a less than
expert developer will accidentally get it right.  I kind of cringe at that
idea, but I still think it deserves a look.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: A modest proposal for a better BR 7.1

[Peter Gutmann via dev-security-policy]

Matthew Hardeman via dev-security-policy 
 writes:

>shall be 0x75

Not 0x71?

>If anyone thinks any of this has merit, by all means run with it.

Sounds good, and saves me having to come up with something (the
bitsort(CSPRNG64()) nonsense took enough time to type up).  The only thing I
somewhat disagree with is #3, since this is now very concise and requires "the
first 64 bits of output" you can just make it a CSPRNG, which is well-
understood and presumably available to any CA, since it's a standard feature
of all HSMs.

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 7:22 PM Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> Pursuant to the plain language of 7.1 as written, that circumstance --
> regardless of how it would occur -- would appear to be a misissuance.
>

I've already addressed this line of reasoning several times now as to what
the expectations are. Indeed, the very message you're replying to has
already addressed the scenario and the expectations, so I'm not sure
repeating it is furthering much new insight.

The rule as written requires that the output bits have come from a CSPRNG.
> But it doesn't say that they have to come from a single invocation of a
> CSPRNG or that they have to be collected as a contiguous bit stream from
> the CSPRNG with no bits of output from the CSPRNG discarded and replaced by
> further invocation of the CSPRNG.  Clearly a technicality, but shouldn't
> the rules be engineered with the assumption that implementers (or their
> software vendors) might take a different interpretation?
>

We can only do so much to defend against the jackass genie [1]. Likewise,
there is no defensible interpretation that an algorithm that, say, takes
bits from a CSPRNG and either keeps or discards them based on some
non-CSPRNG algorithm, and then outputs them, still represents a CSPRNG,
just as we cannot say that we sample bits from RFC 3514 [2] and only keep
the good ones, and thus ensuring we never corrupt our machine with evil.
The substance of this argument is quite literally haggling over what
"output" and "contains" is, and that, frankly, is obnoxious.

I appreciate the attention to detail, but I find it difficult to feel that
it is a good faith effort that is designed to produce results consistent
with the goals that many of this community have and share, and thus don't
think it would be a particularly valuable thing to continue discussing.
While there is certainly novelty in the approach, which is not at all
unfamiliar in the legal profession [3], care should be taken to make sure
that we are making forward progress, rather than beating dead horses.

I'm not going to tell you to stop talking about this, as I think it'd be
improper to police such a thread given my involvement in it. However, I
want to highlight that nothing productive has emerged from it, and the
creative interpretations being advocated. We are no further in
understanding any of the questions being proposed by those applying
creative interpretations, because the principles have not changed. Every
time a CA has tried to apply such problematic logic, it has worked out
poorly for them in this community. whether arguing it was "ambiguous" that
MITM was prohibited, even though there was a requirement to validate (and
ensure validation of) all domain names in a certificate or that it's not
"misissuance", even though no evidence can be provided that the
requirements were followed, nothing good has come of that.

Indeed, I think advocating this line of reasoning is doing more active
harm, to this community and to CAs, and I hope it's abundantly clear as to
why that is.

[1] https://tvtropes.org/pmwiki/pmwiki.php/Main/JackassGenie
[2] https://www.ietf.org/rfc/rfc3514.txt
[3] https://en.wikipedia.org/wiki/Monkey_selfie_copyright_dispute
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

A modest proposal for a better BR 7.1

[Matthew Hardeman via dev-security-policy]

I know this isn't the place to bring a BR ballot, but I'm not presently a
participant there.

I present alternative language along with notes and rationale which, I put
forth, would have resulted in a far better outcome for the ecosystem than
the issues which have arisen from the present BR 7.1 subsequent to ballot
164.

I humbly propose that this would have been a far better starting point, for
reasons I discuss in notes below.

Effective as of Month Day, Year, CAs shall generate a certificate serial
numbers as herein specified:


   1. The ASN.1 signed integer encoded form of the certificate serial
   number value must be represented as not less than 9 bytes and not more than
   20 bytes.  [Note 1]
   2. The hexadecimal value of the first byte of the certificate serial
   number shall be 0x75.  [Note 2]
   3. The consecutive 64 bits immediately following the first byte of the
   encoded serial number shall be the first 64 bits of output of an AES-128
   random session key generation operation, said operation having been seeded
   within random data to within its design requirements. [Note 3]
   4. The remaining bytes of the encoded serial number (the 10th through
   20th bytes of the encoded serial number), to the extent any are desired,
   may be populated with any values. [Note 4]

Notes / Rationale:

Note 1.  The first bullet point sets out a structure which necessarily
requires that the encoded form of the serial number for all cases be at
least 9 bytes in length.  As many CAs would have been able to immediately
see that their values, while random, don't reach 9 bytes, each CA in that
case would have had an easy hint that further work to assess compliance
with this BR change would be necessary and would definitely result in
changes.  I believe that would have triggered the necessary investigations
and remediations.  To the extent that it did not do so, the CAs which
ignored the change would be quickly identifiable as a certificate with an 8
byte serial number encoding would not have been valid after the effective
date.

Note 2.  A fixed value was chosen for the first byte for a couple of
reasons.  First, by virtue of not having a value of 1 in the highest order
bit, it means that ASN.1 integer encoding issues pertaining to sign are
mooted.  Secondarily, with each certificate issuance subsequent to the
effective date of the proposal, a CA which has not updated their systems to
accommodate this ballot but does use random number generation to populate
the certificate serial has a probability of 127/128 of revealing that they
have not implemented the changes specified in this ballot.

Note 3.  CAs and their software vendors are quite familiar with
cryptographic primitives, cryptographic keys, key generation, etc.  Rather
than using ambiguous definitions of randomness or bits of entropy or output
of a CSPRNG, the administration of a CA and their software vendors should
be able to be relied upon to understand the demands of symmetric key
generation in actual practice.  By choosing to specify a symmetric block
cipher type and key size in common use, the odds of an appropriate
algorithm being selected from among the large body of appropriate
implementations of such algorithms greatly reduces odds of low quality
"random" data for the serial number.

Note 4.  Note 4 makes clear that plenty of space remains for the CA to
populate other information, be it further random data or particular data of
interest to the CA, such as sequence numbers, date/time, etc.

Further notes / rationale:

In supporting systems whose databases may support only a 64 bit serial
number in database storage, etc, it is noteworthy that the serial number
rules I specified here only refer to the encoded form which occurs in the
certificate itself, not any internal representation in an issuance
database.  Because the first byte is hard coded to 0x75 in my proposal,
this doesn't need to be reflected in a legacy system database, it can just
be implemented as part of the certificate encoding process.

Strategically, certificates which would conform to the proposal I've laid
out here would obviously and facially be different from any previously
deployed system which routinely utilized 8 byte encodings, meaning that
every CA previously generating 8 byte serials would have an obvious signal
that they needed to dig into their serial number generation methodologies.

By tying the generation of high quality random data to fill the serial
number to algorithms and procedures already well known to CAs and to their
vendors, auditors, etc, my proposal enhances the odds that the required
amount of random unpredictable bits actually be backed by a mechanism
appropriate for the use of cryptography.

If anyone thinks any of this has merit, by all means run with it.  I
disclaim any proprietary interest (copyright, etc) that I might otherwise
have had by statute and declare that I'm releasing this to the public
domain.

Thanks,

Matt

Re: Why BR 7.1 allows any serial number except 0

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 9:27 PM Peter Gutmann 
wrote:

> Ryan Sleevi  writes:
>
> >I'm not sure this will be a very productive or valuable line of
> discussion.
>
> What I'm pointing out is that beating up CAs over an interpretation of the
> requirements that didn't exist until about a week ago


I'm not sure if there's any value in continuing to highlight that you're
factually misrepresenting things, rather significantly, and thus
undermining much of your contribution.

Several times now, multiple people have pointed out the discussions related
to this that happened prior to, during, and following the introduction of
this requirement. Your choice to ignore or deny such evidence is extremely
counter-productive.


> If you're going to impose a
> specific interpretation on them then get it added to the BRs at a future
> date
> and enforce it then, don't retroactively punish CAs for something that
> didn't
> exist until a week or two ago.


This framing is factually and materially false. There is no retroactive
punishment occurring, just as the guidance was long-existing.

I don't see there being any opportunity to productively engage, given the
good-faith effort to correct your misunderstanding, which you still persist
in advocating. Similarly, I do not think it at all helpful that you
continue to ignore the objectives and goals of the incident response
process, the value and importance it serves the community, and the
expectations of the CAs.

Perhaps there's an argument to be made that we should litigate what "the"
means. It would be a fantastic spectacle, but it would be both thoroughly
unproductive and fail to achieve any of the goals or objectives of a
healthy Web PKI. Such exercises can and should be conducted elsewhere,
while the rest of us try to make progress on improving how CAs respond to
incidents caused by behaviours long-documented as incompatible with the
requirements.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Why BR 7.1 allows any serial number except 0

[Peter Gutmann via dev-security-policy]

Ryan Sleevi  writes:

>I'm not sure this will be a very productive or valuable line of discussion.

What I'm pointing out is that beating up CAs over an interpretation of the
requirements that didn't exist until about a week ago when it was pointed out
in relation to DarkMatter is unfair on the CAs.  If you're going to impose a
specific interpretation on them then get it added to the BRs at a future date
and enforce it then, don't retroactively punish CAs for something that didn't
exist until a week or two ago.

>Of course, there are quite glaring flaws in the argument, particularly that
>"all" of these are compliant. None of them are compliant under any reasonable
>reading.

Again, it's your definition of "reasonable".  A number of CAs, who applied
their own reasonable reading of the same requirements, seem to think
otherwise.  They're now being punished for the fact that their reasonable
reading differs from Mozilla's reasonable reading.

>I would strongly caution CAs against adopting any of these interpretations,
>and suggest it would be best for CAs to wholly ignore the message referenced.

"Pay no attention to the message behind the curtain".

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 8:26 PM Peter Gutmann via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> Daymion Reynolds via dev-security-policy <
> dev-security-policy@lists.mozilla.org> writes:
>
> >Our goal is to reissue all the certificates within the next 30 days.
>
> Before everyone goes into an orgy of mass revocation, see the message I
> just
> posted "Why BR 7.1 allows any serial number except 0".  As long as your
> serial
> number isn't zero, there's no such thing as a non-compliant serial number,
> so
> no need to revoke and replace great masses of certificates.
>

(Posting in an official capacity)

I would strongly caution CAs against adopting any of these interpretations,
and suggest it would be best for CAs to wholly ignore the message
referenced.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Why BR 7.1 allows any serial number except 0

[Peter Gutmann via dev-security-policy]

I wrote:

>So the immediate application of this observation is to make any 64-bit value
>comply with the ASN.1 encoding rules: If the first bit is 1 (so the sign bit
>is set), swap it with any convenient zero bit elsewhere in the value.
>Similarly, if the first 9 bits are zero, swap one of them with a one bit from
>somewhere else.  Fully compliant with BR 7.1, and now also fully compliant
>with ASN.1 DER.

Oops, need to clarify that: Note the specific use of "swap one of them".  You
can't just drop in a zero bit you made up yourself, you have to use one of the
original zero bits that came from the CSPRNG or you won't be compliant with BR
7.1 any more.  So you need to swap in a genuine zero bit from elsewhere in the
value, not just replace it with your own made-up zero bit.

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Why BR 7.1 allows any serial number except 0

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 8:11 PM Peter Gutmann via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> I didn't post this as part of yesterday's message because I didn't want to
> muddy the waters even further, but let's look at the exact wording of BR
> 7.1:
>


> All fully compliant with the requirement that:
>
>   CAs SHALL generate non-sequential Certificate serial numbers greater than
>   zero (0) containing at least 64 bits of output from a CSPRNG
>

I'm not sure this will be a very productive or valuable line of discussion.

As best I can tell, you're discussing pathological interpretations,
implicitly, it seems, with a critique of the current language. Complaining
about things "as they are" doesn't really help anyone, other than perhaps
the speaker, but if there is a positive suggestion that you believe
addresses the concerns you see, it may be useful to just make that argument
and make it clearly. It may be that you don't know what the proposed
language should be, in which case, you should clearly state that.

Alternatively, you're attempting to explore "What would happen if I was a
CA and I gave these answers". As you seem to acknowledge, silly answers get
silly results. It's well known in this community that attempting to hem and
haw through creative interpretations of language, rather than trying to
operate beyond reproach (and thus actively try to avoid silly answers),
tend to be less likely to gain or retain trust. The world is fully of silly
answers from silly people, and while that's great, it doesn't seem very
worthwhile or productive to discuss - all that really matters is whether
expected-to-be-smart people, CAs, are the ones giving silly answers.

Of course, there are quite glaring flaws in the argument, particularly that
"all" of these are compliant. None of them are compliant under any
reasonable reading. None of those are defensible outputs of a CSPRNG, they
are outputs of Peter's Silly Algorithm, a non-cryptographically strong
non-pseudo-random-number-generator.

The reason we can see these arguments as silly as the burden of proof rests
on demonstrating how it complies. Language lawyering as whether "contains"
allows "As input to my Silly Algorithm" is a tactic we can take as a
thought experiment, but it's not productive, because all that matters is
whether or not a CA is silly enough to make such a silly argument. And if
they are that silly, they are unlikely to find such a silly answer
well-received.

Of course, all of this is understandable, when you consider that the 'how'
you respond to an incident is just as important as the 'what' of the
incident response. A CA that responds to incidents using silly examples is
not doing themselves favors. Focusing on the fact that someone "could" give
silly answers is to simply ignore whether or not it would be wise or
defensible to do so, or whether there are alternatives that avoid silliness
entirely.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Matt Palmer via dev-security-policy]

On Fri, Mar 08, 2019 at 09:35:21PM +, Jeremy Rowley via
> dev-security-policy wrote: If they need some help with large scale
> replacement, I know some people who did that recently.  Joking of
> course, but really - with Godaddy, Google, and Apple reporting a large
> number of certs that have what seems to be a minor compliance issue in
> light of the certs all being SHA2, does Mozilla want to require a complete
> revocation and replacement?  Seems like a lot of effort and disruption for
> little value to the Mozilla community.

On the contrary, I think this incident provides a *lot* of value to the
Mozilla community -- and also to CAs and certificate users.

Horstman's Christmas Rule says, "anything important that you don't do very
often, you will do poorly".  It's the reason why militaries drill regularly,
why firefighters practice rolling and bowling hoses, and why commercial
airline pilots spend time in simulators -- because those things need to be
done well.  A closer-to-home equivalent might be something like the "simian
army" (sometimes known as the "chaos monkey") concept popularised by Netflix
-- you don't know if your disaster-recovery systems will work unless you
test them, so why not test them regularly?

Similarly, revoking (and potentially re-issuing) certificates en masse needs
to be done well, because there is the distinct chance that at some point,
a(nother) *very* serious security problem is going to be found that will
require that a large volume of certificates be revoked and reissued, for
real, with practically zero notice.  I think at this point we have enough
data to say with some confidence that, when CAs have to do this
out-of-the-blue, the results are not what we might hope for.  Whether it's
because CA systems and processes aren't where they should be, or because
certificate end-users are insufficiently willing and able, there are
definite problems that should be addressed.

I've previously suggested, somewhat tongue-in-cheek, that Mozilla should
provide for "spontaneous revocation" in its CA program requirements -- that
on a random basis, a CA should be handed a list of a certain percentage of
their certificates, chosen at random, and be told, "you must consider the
following certificates compromised, and handle it appropriately".  I don't
expect such a rule to be adopted any time soon, because the general appetite
for wanton destruction does not match my own, but it is my platonic ideal of
ensuring, for real and certain, that CAs either are able to do what may very
well become necessary, or else they are shown, in clear and unambiguous
terms, that things are not up to scratch, and figure out what went wrong so
it can be fixed.

Essentially, situations like this insufficiently-random serial number issue,
or the previous underscore situation, are self-inflicted drills around
mass-revocation.  They're drills, rather than the "real thing", because I
agree that there is very little short-term harm that will result if these
certificates are not revoked strictly within the mandated timeframes. 

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Delegated Credentials and the Web PKI

[Ryan Sleevi via dev-security-policy]

(Sending from the right e-mail this time)

Thanks for the responses! I think this is a great thing to bring here,
because there are some interplays with policy and implications that can
affect the design, as I discuss below. I'm trying to be mindful of
proffering solutions outside of the TLS-WG, so mostly, I'm trying to
provide context and framing and create some supporting paper trail. Totally
happy to engage in the TLS-WG if there are substantive technical changes to
address the specific policy concerns.

On Fri, Mar 8, 2019 at 7:16 PM watson--- via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
> > I ask, because in the context of HTTP Signed Exchanges
> >
> https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html
> > ,
> > there was an effort to introduce additional validation requirements, most
> > notably, the explicit consent and opt-in by a site (via CAA) and a policy
> > expectation encoded in the spec that CAs SHALL NOT issue unless that CAA
> > constraint is satisfied. While in the case of HTTP Signed Exchanges,
> these
> > represent an extension of capability, and especially the ability to be
> used
> > in the absence of a direct connection to the authoritative origin (as
> > determined by DNS), it would be useful to know what sort of
> considerations
> > have been made - whether it's ruling out particular concerns or including
> > particular concerns (e.g. the inclusion within Section 3.2 of the draft
> of
> > the delegationUsage extension)
> Are there specific concerns that you think  should be addressed? Note that
> any substantive discussions of changes beyond the editorial should take
> place on the TLS-WG list.


I was trying to capture a request to understand what the thinking had been.
The design shape tends to evolve over time, and various considerations may
be raised and ruled out, or result in design changes. Typically in the IETF
drafts, the "Security Considerations" tend to focus on "Here's the concerns
with the document in the current state", but I suppose I was trying to
understand if there is more documentation on "Here were the concerns that
motivated this particular decision", if there were any. It may very well be
that various decisions were made by throwing darts at a dart board ;)

The discussion of validation requirements naturally lead to a desire to
understand more of the reasoning about how the conclusion was reached, not
necessarily a disagreement with the conclusion. HTTP Signed Exchanges took
a similar approach, but reached different conclusions. Those conclusions
may have been (and likely are) due to their very different threat models,
but understanding whether all this had been discussed and bashed out and
reasoned about it just as useful as understanding the conclusion (i.e. that
no additional validation is required), since that's what gives CAs and the
community confidence that it's a sensible conclusion.

I don't think these are things that necessarily need to be addressed in the
draft; in many ways, they're answers to the policy questions that the
technical draft raises.



> Excellent editorial note! As for why not mark critical we want these
> certificates to also work
> for clients that do not support the extension. I can imagine a situation
> where a certificate is on a low-performance HSM, and delegated credentials
> are usually used, but then there is the occasional fallback.



> The expectation is that certificates bearing the delegatedUsage extension
> would not need to be revoked as they would not have been compromised. This
> of course depends on the details: if a webserver was happily serving up the
> entire disk, private keys included that otherwise were living in a
> different process, then the certificates would be compromised and hence
> need to be revoked.


I think these two things may be incompatible. Given that it's not a
critical extension, and thus MAY be used to terminate the connections, from
a policy perspective, CAs would likely need to assume the key "probably" is
compromised, and thus revoke. This means it doesn't really address the
Heartbleed scenario - the certificates still end up revoked.

Making the extension critical provides a greater signal to CAs that it's
unlikely to have been used on the server (since conforming clients would
have rejected it), and thus make it less likely to need to revoke the
extension-bearing certificates vs the 'traditional' certificates.

Not to pick on Cloudflare, but since they ran into a large revocation event
re: Heartbleed, it actually makes a great example. If Cloudflare had been
using delegated credential-enabled certificates for both DC-enabled and
non-DC-enabled clients, then the safest path a CA could take to defend
themselves against an adverse interpretation of the BRs or Mozilla Policy
would be to revoke these certificates. If such certificates were unusable
for non-DC-enabled clients, then there's stronger protocol-level indicators
that 

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Peter Gutmann via dev-security-policy]

Daymion Reynolds via dev-security-policy 
 writes:

>Our goal is to reissue all the certificates within the next 30 days. 

Before everyone goes into an orgy of mass revocation, see the message I just
posted "Why BR 7.1 allows any serial number except 0".  As long as your serial
number isn't zero, there's no such thing as a non-compliant serial number, so
no need to revoke and replace great masses of certificates.

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Why BR 7.1 allows any serial number except 0

[Peter Gutmann via dev-security-policy]

I didn't post this as part of yesterday's message because I didn't want to
muddy the waters even further, but let's look at the exact wording of BR 7.1:

  CAs SHALL generate non-sequential Certificate serial numbers greater than
  zero (0) containing at least 64 bits of output from a CSPRNG

Note the comment I made yesterday:

  That's the problem with rules-lawyering, if you're going to insist on your
  own very specific interpretation of a loosely-worded requirement then it's
  open season for anyone else to find dozens of other fully compatible but
  very different interpretations.

So lets look at the most pathologically silly but still fully compliant with
BR 7.1 serial number you can come up with.  Most importantly, 7.1 it never
says what form those bits should be in, merely that it needs to contain "at
least 64 bits of output from a CSPRNG".  In particular, it doesn't specify
which order those bits should be in, or which bits should be used, as long as
there's at least 64.

So the immediate application of this observation is to make any 64-bit value
comply with the ASN.1 encoding rules: If the first bit is 1 (so the sign bit
is set), swap it with any convenient zero bit elsewhere in the value.
Similarly, if the first 9 bits are zero, swap one of them with a one bit from
somewhere else.  Fully compliant with BR 7.1, and now also fully compliant
with ASN.1 DER.

Let's take it further.  Note that there's no requirement for the order to be
preserved.  So let's define the serial number as:

  serialNumber = sortbits( CSPRNG64() );

On average you're going to get a 50:50 mix of ones and zeroes, so your serial
numbers are all going to be:

  0x

plus/minus a few bits around the middle.  When encoded, this will actually be
0x00, with the remaining zero bits implicit - feel free to debate
whether the presence of implict zero bits is compliant with BR 7.1 or not.

Anyway, continuing, you can also choose to alternate the bits so you still get
a fixed-length value:

  0x

(plus/minus a bit or two at the LSB, as before).

Or you could sort the bits into patterns, for example to display as rude
messages in ASCII:

  "BR7SILLY"

Or, given that you've got eight virtual pixels to play with, create ASCII art
in a series of certificates, e.g. encode one line of an emoji in each serial
number.

Getting back to the claim that "BR 7.1 allows any serial number except 0",
here's how you get this:

At one end of the range, your bit-selection rule is "discard every one bit
except the 64th one", so your serial number is:

  0x0001

or, when DER encoded:

  0x01

At the other end of the scale, "discard every zero bit except the first one":

  0x7FFF

or INT_MAX.

All fully compliant with the requirement that:

  CAs SHALL generate non-sequential Certificate serial numbers greater than
  zero (0) containing at least 64 bits of output from a CSPRNG

I should note in passing that this also allows all the certificates you issue
to have the same serial number, 1, since they're non-sequential and greater
than zero.

Peter.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Matthew Hardeman via dev-security-policy]

On Friday, March 8, 2019 at 6:05:05 PM UTC-6, Ryan Sleevi wrote:

> You're absolutely correct that two certificates, placed next to eachother,
> could appear sequential. Someone might then make a claim that the CA has
> violated the requirements. The CA can then respond by discussing how they
> actually validate serial numbers, and the whole matter can be dismissed as
> compliant.

Let's set aside certificates for a moment and talk about serial numbers, 
elsewhere definitionally defined as positive integers.

Certificate serial number A (represented as plain unencoded integer):  123456
Certificate serial number B (represented as plain unencoded integer): 123457

Can we agree that those two numbers are factually provable as sequential as 
pertains integer mathematics?

If so, then regardless of when (or in what order) two different certificates 
arise in which those serial numbers feature, as long as they arise as 
certificates issued by the same issuing CA, two certificates with 
definitionally sequential numbers have at that point been issued.

Pursuant to the plain language of 7.1 as written, that circumstance -- 
regardless of how it would occur -- would appear to be a misissuance.

I concur with you fully that a CA (and anyone, really) should view the BRs with 
an adversarial approach to review.

The rule as written requires that the output bits have come from a CSPRNG.  But 
it doesn't say that they have to come from a single invocation of a CSPRNG or 
that they have to be collected as a contiguous bit stream from the CSPRNG with 
no bits of output from the CSPRNG discarded and replaced by further invocation 
of the CSPRNG.  Clearly a technicality, but shouldn't the rules be engineered 
with the assumption that implementers (or their software vendors) might take a 
different interpretation?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Daymion Reynolds via dev-security-policy]

Our goal is to reissue all the certificates within the next 30 days. We have 
started the revocation process. We have a significant number of customers that 
use manual methods for managing their certificates, so being agile for them is 
difficult. We want to keep our customers using https through the entire 
revocation period. Due to the large number of certificates and the benign 
nature of the issue, our plan is to revoke in a responsible way.

Once this is completed, I think we need to get together and have a serious 
discussion around how to handle potential incidents like this in the future. 
Having a discussion about if this is right or wrong in the middle of an 
incident doesn’t help anyone.



On Thursday, March 7, 2019 at 7:01:41 PM UTC-7, Daymion Reynolds wrote:
> As of 9pm AZ on 3/6/2019 GoDaddy started researching the 64bit certificate 
> Serial Number issue. We have identified a significant quantity of 
> certificates (> 1.8million) not meeting the 64bit serial number requirement. 
> We are still performing accounting so certificate quantity is expected to 
> change before we finalize the report. 
>  
> 1.How your CA first became aware of the problem (e.g. via a problem 
> report submitted to your Problem Reporting Mechanism, a discussion in 
> mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and the 
> time and date.
>  
> 9pm 3/6/2019 AZ Time, due to reviewing a discussion in 
> mozilla.dev.security.policy.
>  
> 2.A timeline of the actions your CA took in response. A timeline is a 
> date-and-time-stamped sequence of all relevant events. This may include 
> events before the incident was reported, such as when a particular 
> requirement became applicable, or a document changed, or a bug was 
> introduced, or an audit was done.
>  
> 9pm 3/6/2019 AZ Time, identified a hot issue with serial numbers in Mozilla 
> group. 
> 10am 3/7/2019 AZ Time, identified the issue was pervasive, and identified 
> root cause.
> 6:30pm 3/7/2019 AZ Time, fix deployed to production to correct the serial 
> number issue.
> We are still quantifying and classifying the certificate scope of impact. 
>  
> 3.Whether your CA has stopped, or has not yet stopped, issuing 
> certificates with the problem. A statement that you have will be considered a 
> pledge to the community; a statement that you have not requires an 
> explanation.
>  
> We have deployed a fix to the issue, and are no longer issuing certificates 
> with the defect. 
>  
> 4.A summary of the problematic certificates. For each problem: number of 
> certs, and the date the first and last certs with that problem were issued.
>  
> Issue was introduced with a change in 2016. Impacted certificates still being 
> aggregated. Will update with information and timeline on issue closure.
>  
> 5.The complete certificate data for the problematic certificates. The 
> recommended way to provide this is to ensure each certificate is logged to CT 
> and then list the fingerprints or crt.sh IDs, either in the report or as an 
> attached spreadsheet, with one list per distinct problem.
>  
> Still being aggregated. Will update with certificate information on issue 
> closure.
>  
> 6.Explanation about how and why the mistakes were made or bugs 
> introduced, and how they avoided detection until now.
>  
> Ambiguity in language led to different interpretations of BR 7.1. It was 
> believed a unsigned 64bit integer was sufficient to satisfy the new 
> requirement. Additionally, industry tools like CABLint/ZLint were not 
> catching this issue, which provided a false sense of compliance. We are 
> submitting CABLint/Zlint updates as part of the fix. 
>  
> 7.List of steps your CA is taking to resolve the situation and ensure 
> such issuance will not be repeated in the future, accompanied with a timeline 
> of when your CA expects to accomplish these things.
>  
> Defect has been resolved, we are also updating linting tools (CABLint/Zlint) 
> and upstreaming to patch for other peoples usage.

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 6:50 PM Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> I am well aware of the reason for the entropy in the certificate serial
> number.  What I'm having trouble with is that there can be no dispute that
> two certificates with serial numbers off by one from each other, no matter
> how you wind up getting there, are in fact sequential serial numbers and
> that this would appear to be forbidden explicitly.
>
> It seems that in reality that your perspective calls upon the CA to act
> according to the underlying risk that the rule attempts to mitigate rather
> than abide the literal text.  That seems a really odd way to construe a
> rule.
>

I think this is fundamentally an unhelpful way to think about and frame the
problem, but I think it's largely a result of not having to be a CA placed
in this position.

You're absolutely correct that two certificates, placed next to eachother,
could appear sequential. Someone might then make a claim that the CA has
violated the requirements. The CA can then respond by discussing how they
actually validate serial numbers, and the whole matter can be dismissed as
compliant.

You're fixating on the "rules lawyering" part, but that's not a remotely
productive framing. A CA that is doing the right thing can demonstrate how
they were doing it. A CA that is doing the wrong thing can't. That
'problem' you see is easily and rapidly resolved by such an explanation.

This framing is exactly why the ZLint side of things warns, rather than
errors - because it can arise in legitimate cases. If there's concern that
it's arising in illegitimate cases, a report is made, the CA investigates,
and the information shared, and we all move on. It's not that hard or
unreasonable :)

A CA is expected to be adversarially reading the BRs, and from that, either
highlighting concerns to m.d.s.p. and the CA/Browser Forum ("you COULD
interpret it like this") or taking steps to mitigate even under the most
adversarial reading. If and when an incident occurs, a CA that performed
such steps is in a far better place to explain the incident and the steps
taken. A CA that doesn't, and says "We didn't know", is more likely
indicative of a CA not  adversarially reading or critically evaluating it.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Matthew Hardeman via dev-security-policy]

On Fri, Mar 8, 2019 at 3:10 AM Matt Palmer via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

Having sequential serial numbers is not problematic.  Having *predictable*
> serial numbers is problematic.


My problem with this is that, if we parse the english language constructs
of the rule as stated in the BRs, the first requirement of a certificate
serial number is literally "non-sequential Certificate serial numbers", and
then furthermore that these must consist consist of at least 64 bits of
output from a CSPRNG.

Both your and Ryan Sleevi's comments seem to suggest that the
non-sequential part doesn't really matter when it arises incidentally as
long as they're randomly generated and that two certificates with
certificate serial numbers off-by-one from each other would not be a
problem.

I am well aware of the reason for the entropy in the certificate serial
number.  What I'm having trouble with is that there can be no dispute that
two certificates with serial numbers off by one from each other, no matter
how you wind up getting there, are in fact sequential serial numbers and
that this would appear to be forbidden explicitly.

It seems that in reality that your perspective calls upon the CA to act
according to the underlying risk that the rule attempts to mitigate rather
than abide the literal text.  That seems a really odd way to construe a
rule.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Incident report: Issuance of certificates with curve-hash pairs no longer allowed by the Mozilla Root Store Policy

[Fotis Loukos via dev-security-policy]

### Problem description

SSL.com has issued a limited number of ECDSA certificates with
curve-hash pairs that are no longer allowed by the Mozilla Root Store
Policy.

In particular, section 5.1 states that:

> Root certificates in our root program, and any certificate which
chains up to them, MUST use only algorithms and key sizes from the
following set:
> - ECDSA keys using one of the following curve-hash pairs:
>   - P‐256 with SHA-256
>   - P‐384 with SHA-384

A number of certificates which do not use these pairs have been issued.
In particular, certificates were issued using the P-384 curve /
ecdsa-with-SHA256 pair.

It should be noted that all of these certificates are compliant with the
CA/B Forum Baseline Requirements, but not with the current Mozilla Root
Store Policy, as it was amended at version 2.4 the 1st of March 2017.

### How your CA first became aware of the problem (e.g. via a problem
report submitted to your Problem Reporting Mechanism, a discussion in
mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit),
and the time and date.

On Monday, 25 February 2019, a manual review of some certificates that
were going to be issued was conducted by multiple teams within SSL.com
instead of the compliance team only, and the problem was identified.

### A timeline of the actions your CA took in response. A timeline is a
date-and-time-stamped sequence of all relevant events. This may include
events before the incident was reported, such as when a particular
requirement became applicable, or a document changed, or a bug was
introduced, or an audit was done.

- 01/03/2017 - Version 2.4 of the Mozilla Root Store Policy was
published which limits the allowed curve-hash pairs for the ECDSA algorithm.
- 01/03/2017 - The differences between version 2.3 and 2.4 of the Policy
were communicated between the different departments of SSL.com, without
including the limits on the allowed curve-hash pairs.
- 25/02/2019 - A manual review of some certificates that were going to
be issued was conducted by multiple teams within SSL.com. It was
identified that the curve-hash pair was illegal and no certificates were
issued.
- 25/02/2019 - As a result an investigation was performed and found that
additional certificates had been issued using the same curve-hash pair.
The incident response process formally began.
- 25/02/2019 - In addition to the end-user certificates this
investigation found several CAs certificates that were created with this
set of parameters.
- 26/02/2019 - Issuance of all ECDSA certificates was suspended and a
plan of action for remediation of this issue begun.
- 26/02/2019 - Mozilla was contacted and was made aware of the issue.
- 26/02/2019 - We reviewed all linters and we found that we had none for
the Mozilla Root Store Policy requirements.
- 26/02/2019 - To improve both pre-issuance and post-issuance auditing,
we reviewed all Mozilla technical requirements and implemented linters
for each one to ensure continued compliance.
- 26/02/2019 - These linters were executed against the entire corpus of
certificates to ensure all associated certificates were identified.
- 27/02/2019 - Restructuring of the mode of operation of the compliance
team begun in order to ensure better monitoring of browser policies.
- 07/03/2019 - The configuration of all production CAs was modified to
prevent the future issuance of certificates using these parameters.
- 07/03/2019 - All misissued end-user certificates were revoked.
- 07/03/2019 - To mitigate this issue we took the decision to revoke all
associated CAs including those created before the Mozilla policy was
created prohibiting these curves to ensure we meet the highest possible
level of security and compliance.
- 07/03/2019 - Issuance of ECDSA certificates was resumed.

### Whether your CA has stopped, or has not yet stopped, issuing
certificates with the problem. A statement that you have will be
considered a pledge to the community; a statement that you have not
requires an explanation.

All issuance of ECDSA certificates was suspended when we realized the
Mozilla Root Store Policy compliance issue.

After fixing the certificate profiles to limit the curve-hash pairs,
revoking the old SubCAs and issuing new ones using the P-384 curve and
ecdsa-with-SHA384, ECDSA certificate issuance was resumed.

### A summary of the problematic certificates. For each problem: number
of certs, and the date the first and last certs with that problem were
issued.

The total number of certificates that were issued using curve-hash pairs
not compliant with the Mozilla Root Store Policy are:

- CA Certificates: 10 certificates from Dec 17 2018 to Feb 14 2019
- SSL Certificates: 15 certificates from Apr 24 2018 to Feb 25 2019
- OCSP Responder certificates: 11 certificates from May 29 2018 to Feb
20 2019

### The complete certificate data for the problematic certificates. The
recommended way to provide this is to ensure each certificate is logged
to CT and then list the 

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Wayne Thayer via dev-security-policy]

On Fri, Mar 8, 2019 at 4:03 PM Jeremy Rowley 
wrote:

> Apologies, I realize that Mozilla’s policy is that revocation is up to the
> CA and there is no such thing as an exception. A more careful way to state
> what I meant is that I’m surprised that there is not more discussion around
> the revocation of all of these certificates and the impact to the ecosystem
> compared to an assumption that they will all be revoked. There has been
> some discussion of course, but 1.8 million certificates is a lot of
> certificates to replace. I’d think to see more discussion here from GoDaddy
> about ether they are replacing the certificates or not and the pros and
> cons of doing so.
>
>
>
I agree - disclosure and discussion is an important element of situations
such as this.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: Pre-Incident Report - GoDaddy Serial Number Entropy

[Jeremy Rowley via dev-security-policy]

Apologies, I realize that Mozilla’s policy is that revocation is up to the CA 
and there is no such thing as an exception. A more careful way to state what I 
meant is that I’m surprised that there is not more discussion around the 
revocation of all of these certificates and the impact to the ecosystem 
compared to an assumption that they will all be revoked. There has been some 
discussion of course, but 1.8 million certificates is a lot of certificates to 
replace. I’d think to see more discussion here from GoDaddy about ether they 
are replacing the certificates or not and the pros and cons of doing so.

 

From: Wayne Thayer  
Sent: Friday, March 8, 2019 3:46 PM
To: Ryan Sleevi 
Cc: Jeremy Rowley ; 
mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Pre-Incident Report - GoDaddy Serial Number Entropy

 

Ryan beat me to the punch. so I'll reinforce his message with my own:

 

The overall potential impact from revocations in the current scenario feels 
quite similar to the potential for disruption from revoking certificates 
containing underscores a few months ago. Mozilla's guidance for revocation [1] 
was updated based on the "underscores" discussion, and it is generally 
applicable here. (I will give it another review in light of the current 
situation.)

 

In my opinion, Mozilla should not get in to the business of granting one-off 
exceptions to the BR revocation requirements. In this case, doing so would 
certainly not be fair to Google, and in the future would only result in 
constant pleas for mercy that would be near impossible to refuse. Revocation 
decisions should ultimately be made by CAs and followed up with disclosure and 
preventative action. Mozilla should highlight situations where delaying 
revocation will be viewed as an egregious failure by a CA to respond to an 
imminent threat.

 

I believe that Google's response here sets a good, if imperfect, example of the 
agility we desire for the entire web PKI. I hope that the current event serves 
to illustrate the need for agility and encourages CAs to develop more solutions 
that move us in that direction.

 

- Wayne

 

[1] https://wiki.mozilla.org/CA/Responding_To_An_Incident#Revocation

 

On Fri, Mar 8, 2019 at 3:40 PM Ryan Sleevi via dev-security-policy 
mailto:dev-security-policy@lists.mozilla.org> > wrote:

On Fri, Mar 8, 2019 at 4:35 PM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org 
 > wrote:

> does Mozilla want to require a complete revocation and replacement? Seems
> like a lot of effort and disruption for little value to the Mozilla
> community.


I'm surprised, given the length of the discussion in [1], to see such an
unhelpful framing of the issue, as it sounds remarkably like asking for an
"exception". I had hoped that the changes [2] to the policy [3] had
provided greater clarity about what the expectations are for CAs. It does
seem that CAs are following that process, which is something another CA
recently did in the case of underscores, so perhaps its best to not try and
re-open that discussion? :)

I think a particular piece of guidance and clarification, expected of such
incident reports, and captured in [3], is
"That you will perform an analysis to determine the factors that prevented
timely revocation of the certificates, and include a set of remediation
actions in the final incident report that aim to prevent future revocation
delays."

It does seem that this is an essential and valuable piece for the
community, regardless of the CA affected and regardless of the nature of
the incident. After all, it doesn't seem to dissimilar to the discussion
regarding Heartbleed, and the challenges the ecosystem faced then.

[1]
https://groups.google.com/d/msg/mozilla.dev.security.policy/0oy4uTEVnus/pnywuWbmBwAJ
[2]
https://groups.google.com/d/msg/mozilla.dev.security.policy/HdirGOy6TJI/oIHKXeSuCAAJ
[3] https://wiki.mozilla.org/CA/Responding_To_An_Incident#Revocation
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org 
 
https://lists.mozilla.org/listinfo/dev-security-policy



smime.p7s
Description: S/MIME cryptographic signature
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Wayne Thayer via dev-security-policy]

Ryan beat me to the punch. so I'll reinforce his message with my own:

The overall potential impact from revocations in the current scenario feels
quite similar to the potential for disruption from revoking certificates
containing underscores a few months ago. Mozilla's guidance for revocation
[1] was updated based on the "underscores" discussion, and it is generally
applicable here. (I will give it another review in light of the current
situation.)

In my opinion, Mozilla should not get in to the business of granting
one-off exceptions to the BR revocation requirements. In this case, doing
so would certainly not be fair to Google, and in the future would only
result in constant pleas for mercy that would be near impossible to refuse.
Revocation decisions should ultimately be made by CAs and followed up with
disclosure and preventative action. Mozilla should highlight situations
where delaying revocation will be viewed as an egregious failure by a CA to
respond to an imminent threat.

I believe that Google's response here sets a good, if imperfect, example of
the agility we desire for the entire web PKI. I hope that the current event
serves to illustrate the need for agility and encourages CAs to develop
more solutions that move us in that direction.

- Wayne

[1] https://wiki.mozilla.org/CA/Responding_To_An_Incident#Revocation

On Fri, Mar 8, 2019 at 3:40 PM Ryan Sleevi via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> On Fri, Mar 8, 2019 at 4:35 PM Jeremy Rowley via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > does Mozilla want to require a complete revocation and replacement? Seems
> > like a lot of effort and disruption for little value to the Mozilla
> > community.
>
>
> I'm surprised, given the length of the discussion in [1], to see such an
> unhelpful framing of the issue, as it sounds remarkably like asking for an
> "exception". I had hoped that the changes [2] to the policy [3] had
> provided greater clarity about what the expectations are for CAs. It does
> seem that CAs are following that process, which is something another CA
> recently did in the case of underscores, so perhaps its best to not try and
> re-open that discussion? :)
>
> I think a particular piece of guidance and clarification, expected of such
> incident reports, and captured in [3], is
> "That you will perform an analysis to determine the factors that prevented
> timely revocation of the certificates, and include a set of remediation
> actions in the final incident report that aim to prevent future revocation
> delays."
>
> It does seem that this is an essential and valuable piece for the
> community, regardless of the CA affected and regardless of the nature of
> the incident. After all, it doesn't seem to dissimilar to the discussion
> regarding Heartbleed, and the challenges the ecosystem faced then.
>
> [1]
>
> https://groups.google.com/d/msg/mozilla.dev.security.policy/0oy4uTEVnus/pnywuWbmBwAJ
> [2]
>
> https://groups.google.com/d/msg/mozilla.dev.security.policy/HdirGOy6TJI/oIHKXeSuCAAJ
> [3] https://wiki.mozilla.org/CA/Responding_To_An_Incident#Revocation
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 4:35 PM Jeremy Rowley via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> does Mozilla want to require a complete revocation and replacement? Seems
> like a lot of effort and disruption for little value to the Mozilla
> community.


I'm surprised, given the length of the discussion in [1], to see such an
unhelpful framing of the issue, as it sounds remarkably like asking for an
"exception". I had hoped that the changes [2] to the policy [3] had
provided greater clarity about what the expectations are for CAs. It does
seem that CAs are following that process, which is something another CA
recently did in the case of underscores, so perhaps its best to not try and
re-open that discussion? :)

I think a particular piece of guidance and clarification, expected of such
incident reports, and captured in [3], is
"That you will perform an analysis to determine the factors that prevented
timely revocation of the certificates, and include a set of remediation
actions in the final incident report that aim to prevent future revocation
delays."

It does seem that this is an essential and valuable piece for the
community, regardless of the CA affected and regardless of the nature of
the incident. After all, it doesn't seem to dissimilar to the discussion
regarding Heartbleed, and the challenges the ecosystem faced then.

[1]
https://groups.google.com/d/msg/mozilla.dev.security.policy/0oy4uTEVnus/pnywuWbmBwAJ
[2]
https://groups.google.com/d/msg/mozilla.dev.security.policy/HdirGOy6TJI/oIHKXeSuCAAJ
[3] https://wiki.mozilla.org/CA/Responding_To_An_Incident#Revocation
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Delegated Credentials and the Web PKI

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 4:35 PM watson--- via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> We are interested in CAs signing x509 certificates that can be used with
> delegated credentials for TLS,
> https://tools.ietf.org/html/draft-ietf-tls-subcerts-03. The certificates
> to be signed by the CA are x509 certificates that contain a special
> extension that identifies them as being able to sign short-lived (maximum 7
> days) credentials to terminate TLS connections with. The short term
> credentials do not increase, decrease, or modify the authorization attached
> to the certificate: they are a tool to enable services like CDNs, SaaS
> providers, and indeed web servers to terminate TLS on behalf of a site for
> the duration chosen by the issuer of the authorization. The validity period
> of the certificates will not change, nor do we think there should be extra
> requirements on verification to issue certificates with this extension.
>

Is there a security considerations or analysis that explores the
considerations that were examined with respect to these certificates?

I ask, because in the context of HTTP Signed Exchanges
https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html
,
there was an effort to introduce additional validation requirements, most
notably, the explicit consent and opt-in by a site (via CAA) and a policy
expectation encoded in the spec that CAs SHALL NOT issue unless that CAA
constraint is satisfied. While in the case of HTTP Signed Exchanges, these
represent an extension of capability, and especially the ability to be used
in the absence of a direct connection to the authoritative origin (as
determined by DNS), it would be useful to know what sort of considerations
have been made - whether it's ruling out particular concerns or including
particular concerns (e.g. the inclusion within Section 3.2 of the draft of
the delegationUsage extension)

One example that stands out is the requirement that the extension MUST be
marked non-critical. The rationale for that decision would be useful to
capture in some way, whether in this document or in a supplementary
"explainer", so as to capture the thinking. A small note, if it can be
accepted, is that I believe the intended wording is "MUST NOT be marked
critical", since as a DEFAULT value in a sequence with a value of FALSE,
you would not encode anything for the criticality field. I highlight this,
as it's an area where CAs have incorrectly DER encoded FALSE values (see
https://wiki.mozilla.org/SecurityEngineering/mozpkix-testing#Things_for_CAs_to_Fix
), and such wording may lead to a similar, and undesirable, result.

If using delegated credentials on a webserver with a separate server
> producing the delegated credentials, an event like Heartbleed that results
> in disclosure of a key has a more limited impact than the disclosure of the
> certificate's private key. Cloudflare has implemented Keyless SSL to
> achieve a similar effect, and this draft came out of the TLS WG's
> recognition that a standardized technology with similar properties would be
> broadly desirable. We need certificates to opt-in due to concerns about
> cross-protocol attacks. Delegated credentials can only be used with one
> signature scheme and are tied to the certificate and scheme used to issue
> them, so are robust in the face of cross-protocol attacks. To further
> minimize the risk we will add to security considerations that ECDSA certs
> are better due to Bleichenbacher issues in old TLS versions.
>

To confirm: In the event of a Heartbleed-like event, the expectation would
be that CAs would revoke non-Delegation Credential certificates (due to the
possible key compromise issues), but that certificates bearing the
delegationUsage extension would not be revoked, correct?


> We are currently interested in deploying delegated credentials over the
> next few months, and hope CAs will help enable this for the broader web
> ecosystem. Nothing in the BR or Mozilla Root Program requirements forbids
> issuing certs with these extensions, but we felt it would be prudent to ask
> for feedback on this proposal from more sources then just those involved in
> the TLS WG. I look forward to your thoughts.


Just to echo this for participants who may not be familiar with the
specific requirements of the Baseline Requirements, the specific
requirement or dispensation exists with 7.1.2.4 of the Baseline
Requirements (v1.6.3)

All other fields and extensions MUST be set in accordance with RFC 5280.
> The CA SHALL NOT issue a
> Certificate that contains a keyUsage flag, extendedKeyUsage value,
> Certificate extension, or other data not
> specified in section 7.1.2.1, 7.1.2.2, or 7.1.2.3 unless the CA is aware
> of a reason for including the data in the
> Certificate.



CAs SHALL NOT issue a Certificate with:
> a. Extensions that do not apply in the context of the public Internet
> (such as an extendedKeyUsage
> value for a service 

Delegated Credentials and the Web PKI

[watson--- via dev-security-policy]

We are interested in CAs signing x509 certificates that can be used with 
delegated credentials for TLS, 
https://tools.ietf.org/html/draft-ietf-tls-subcerts-03. The certificates to be 
signed by the CA are x509 certificates that contain a special extension that 
identifies them as being able to sign short-lived (maximum 7 days) credentials 
to terminate TLS connections with. The short term credentials do not increase, 
decrease, or modify the authorization attached to the certificate: they are a 
tool to enable services like CDNs, SaaS providers, and indeed web servers to 
terminate TLS on behalf of a site for the duration chosen by the issuer of the 
authorization. The validity period of the certificates will not change, nor do 
we think there should be extra requirements on verification to issue 
certificates with this extension.

If using delegated credentials on a webserver with a separate server producing 
the delegated credentials, an event like Heartbleed that results in disclosure 
of a key has a more limited impact than the disclosure of the certificate's 
private key. Cloudflare has implemented Keyless SSL to achieve a similar 
effect, and this draft came out of the TLS WG's recognition that a standardized 
technology with similar properties would be broadly desirable. We need 
certificates to opt-in due to concerns about cross-protocol attacks. Delegated 
credentials can only be used with one signature scheme and are tied to the 
certificate and scheme used to issue them, so are robust in the face of 
cross-protocol attacks. To further minimize the risk we will add to security 
considerations that ECDSA certs are better due to Bleichenbacher issues in old 
TLS versions.

We are currently interested in deploying delegated credentials over the next 
few months, and hope CAs will help enable this for the broader web ecosystem. 
Nothing in the BR or Mozilla Root Program requirements forbids issuing certs 
with these extensions, but we felt it would be prudent to ask for feedback on 
this proposal from more sources then just those involved in the TLS WG. I look 
forward to your thoughts.

Sincerely,

Watson Ladd
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: Pre-Incident Report - GoDaddy Serial Number Entropy

[Jeremy Rowley via dev-security-policy]

If they need some help with large scale replacement, I know some people who did 
that recently . Joking of course, but really - with Godaddy, Google, and Apple 
reporting a large number of certs that have what seems to be a minor compliance 
issue in light of the certs all being SHA2, does Mozilla want to require a 
complete revocation and replacement? Seems like a lot of effort and disruption 
for little value to the Mozilla community.


-Original Message-
From: dev-security-policy  On 
Behalf Of okaphone.elektronika--- via dev-security-policy
Sent: Friday, March 8, 2019 12:28 PM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Pre-Incident Report - GoDaddy Serial Number Entropy

On Friday, 8 March 2019 17:07:57 UTC+1, Wayne Thayer  wrote:
> I've created https://bugzilla.mozilla.org/show_bug.cgi?id=1533774 to 
> track this issue.
> 
> Apple has also submitted the following bug for this issue listing a 
> large number of impacted certificates:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1533655
> 
> - Wayne

Wow! Looks like there are going to be A LOT of certificates that MUST be 
revoked. Formally correct of course, but could it perhaps be a good idea to 
consider the possibility of handling this one somewhat different? ;-)

CU Hans
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy



smime.p7s
Description: S/MIME cryptographic signature
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: DarkMatter Concerns

[Ronald F. Guilmette via dev-security-policy]

My apologies to the list for having unintentionally posted two
rather different versions of the same post, one long, and one
short.

I had initially tried to post using the Google Groups web interface,
but there was, apparently, a dramatic lag time in that post actually
being relayed to the list proper.  In fact, the lag time was so large
that I did not believe that my first attempt to post had worked at all.
(I believed that Googe Groups had simply sent it to a black hole
someplace.)  So I switched to Plan B, joined the mailing list proper,
and then posted a shorter version of what I had wanted to say, this
time via email.

Again, my apologies for the duplication.  I ask that everyone to believe
me when I say that I simply had no idea, until now, that messages were
being passed from Google Groups to Mozilla mailing lists via carrier
pigeon.


Regards,
rfg
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Apple: Non-Compliant Serial Numbers

[certification_authority--- via dev-security-policy]

Yesterday, Apple submitted this preliminary incident report: 
https://bugzilla.mozilla.org/show_bug.cgi?id=1533655, which is reposted below.  

On 2019-03-06 we determined that we were issuing certificates with 
non-compliant serial numbers because of the EJBCA issue [1]. We fixed the 
problem within 24 hours and stopped issuing non-compliant certificates as of 
the afternoon of 2019-03-07 and are working to address previously issued 
certificates. All impacted certificates were issued to Apple entities.

To minimize impact to our users, we do not expect to revoke all impacted 
certificates within the 5-day requirement. We expect to provide a timeline for 
revoking all impacted certificates in a forthcoming update.

Certificates issued by the following CA's were impacted:

* Apple IST CA 2 - G1 (https://crt.sh/?id=5250464): TLS Server
* Apple IST CA 8 - G1 (https://crt.sh/?id=21760447): TLS Server
* Apple IST CA 5 - G1 (https://crt.sh/?id=12716200): S/MIME

Based on our initial analysis, the number of certificates impacted are as 
follows:

* TLS Server Certificates (from Apple IST CA 2 - G1, Apple IST CA 8 - G1)
--Total number of impacted certificates (issued since 2016-09-30): ~878,000
--Total number of impacted certificates that are still valid (not expired and 
not revoked) as of 2019-03-07 3:20 PST: ~558,000

* S/MIME Certificates (from Apple IST CA 5 - G1)
-- Total number of impacted certificates (issued since 2016-09-30): ~2,400
-- Total number of impacted certificates that are still valid (not expired and 
not revoked) as of 2019-03-07 3:20 PST: ~2,000

We expect to reply back with more details and a full incident report in a 
forthcoming update.

[1] Configurable SN Entropy, Default Value Raised to 20 Octets 
(https://www.ejbca.org/docs/EJBCA_7.0.1_Release_Notes.html)
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Next Root Store Policy Update

[Wayne Thayer via dev-security-policy]

Later this month, I would like to begin discussing a number of proposed
changes to the Mozilla Root Store policy [1]. I have reviewed the list of
issues on GitHub and labeled the ones that I recommend discussing:
https://github.com/mozilla/pkipolicy/labels/2.7 They are:

173 - Strengthen requirement for newly included roots to meet all current
requirements
172 - Update section 5.3 to include Policy Certification Authorities as an
exception to the mandatory EKU inclusion requirement
171 - Require binding of CA certificates to CP/CPS
170 - Clarify Section 5.1 about allowed ECDSA curve-hash pair
169, 140 - Extend Section 8 to also encompass subordinate CAs
168, 161, 158  - Require Incident Reports, move practices into policy
163 - Require EKUs in end-entity certificates (S/MIME)
162 - Require disclosure of CA software vendor/version in incident report
159 - Clarify section 5.3.1 Technically Constrained
152 - Add EV audit exception for policy constrained intermediates
151 - Change PITRA to Point-in-Time assessment in section 8

I will appreciate any feedback on the proposed list of issues to discuss.

I do recognize that the current DarkMatter discussions could result in the
need to add some additional items to this list.

I have created a new branch for drafting these changes [1] and made one
commit that adds a bullet to the BR Conformance section informing the
reader that Mozilla policy has a more restrictive list of approved
algorithms [3]

As we've done in the past, I plan to post individual issues for discussion
in small batches over the next few months, with the goal of finalizing
version 2.7 by June.

- Wayne

[1]
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
[2] https://github.com/mozilla/pkipolicy/blob/2.7/rootstore/policy.md
[3] https://github.com/mozilla/pkipolicy/issues/167
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[okaphone.elektronika--- via dev-security-policy]

On Friday, 8 March 2019 17:07:57 UTC+1, Wayne Thayer  wrote:
> I've created https://bugzilla.mozilla.org/show_bug.cgi?id=1533774 to track
> this issue.
> 
> Apple has also submitted the following bug for this issue listing a large
> number of impacted certificates:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1533655
> 
> - Wayne

Wow! Looks like there are going to be A LOT of certificates that MUST be 
revoked. Formally correct of course, but could it perhaps be a good idea to 
consider the possibility of handling this one somewhat different? ;-)

CU Hans
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Pre-Incident Report - GoDaddy Serial Number Entropy

[Wayne Thayer via dev-security-policy]

I've created https://bugzilla.mozilla.org/show_bug.cgi?id=1533774 to track
this issue.

Apple has also submitted the following bug for this issue listing a large
number of impacted certificates:
https://bugzilla.mozilla.org/show_bug.cgi?id=1533655

- Wayne

On Thu, Mar 7, 2019 at 7:14 PM Matthew Hardeman via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> Practical question:
>
> How does the update to CABLint/Zlint work?
>
> If a CA is choosing to issue certs with serial numbers with exactly 64 bits
> of entropy, approximately 50% of the time there will be a certificate with
> an 8 byte encoding of the serial number, as the high-order bit of the first
> byte will be 0.  Approximately the other 50% of the time, the high-order
> bit of the 64 bits of data will be a 1 and the value will therefore be
> encoded as 9 bytes, the value of the first byte being 0x00.
>
> As linters work on one document [certificate] at a time, how can the linter
> identify with certainty that the 8-byte encoded value represents less than
> 64 bits of entropy?  Approximately half of the time, a strict 64-bit random
> value would encode as a mere 8 bytes.
>
> On Thu, Mar 7, 2019 at 8:01 PM Daymion Reynolds via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
>
> > As of 9pm AZ on 3/6/2019 GoDaddy started researching the 64bit
> certificate
> > Serial Number issue. We have identified a significant quantity of
> > certificates (> 1.8million) not meeting the 64bit serial number
> > requirement. We are still performing accounting so certificate quantity
> is
> > expected to change before we finalize the report.
> >
> > 1.  How your CA first became aware of the problem (e.g. via a problem
> > report submitted to your Problem Reporting Mechanism, a discussion in
> > mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and
> > the time and date.
> >
> > 9pm 3/6/2019 AZ Time, due to reviewing a discussion in
> > mozilla.dev.security.policy.
> >
> > 2.  A timeline of the actions your CA took in response. A timeline is
> > a date-and-time-stamped sequence of all relevant events. This may include
> > events before the incident was reported, such as when a particular
> > requirement became applicable, or a document changed, or a bug was
> > introduced, or an audit was done.
> >
> > 9pm 3/6/2019 AZ Time, identified a hot issue with serial numbers in
> > Mozilla group.
> > 10am 3/7/2019 AZ Time, identified the issue was pervasive, and identified
> > root cause.
> > 6:30pm 3/7/2019 AZ Time, fix deployed to production to correct the serial
> > number issue.
> > We are still quantifying and classifying the certificate scope of impact.
> >
> > 3.  Whether your CA has stopped, or has not yet stopped, issuing
> > certificates with the problem. A statement that you have will be
> considered
> > a pledge to the community; a statement that you have not requires an
> > explanation.
> >
> > We have deployed a fix to the issue, and are no longer issuing
> > certificates with the defect.
> >
> > 4.  A summary of the problematic certificates. For each problem:
> > number of certs, and the date the first and last certs with that problem
> > were issued.
> >
> > Issue was introduced with a change in 2016. Impacted certificates still
> > being aggregated. Will update with information and timeline on issue
> > closure.
> >
> > 5.  The complete certificate data for the problematic certificates.
> > The recommended way to provide this is to ensure each certificate is
> logged
> > to CT and then list the fingerprints or crt.sh IDs, either in the report
> or
> > as an attached spreadsheet, with one list per distinct problem.
> >
> > Still being aggregated. Will update with certificate information on issue
> > closure.
> >
> > 6.  Explanation about how and why the mistakes were made or bugs
> > introduced, and how they avoided detection until now.
> >
> > Ambiguity in language led to different interpretations of BR 7.1. It was
> > believed a unsigned 64bit integer was sufficient to satisfy the new
> > requirement. Additionally, industry tools like CABLint/ZLint were not
> > catching this issue, which provided a false sense of compliance. We are
> > submitting CABLint/Zlint updates as part of the fix.
> >
> > 7.  List of steps your CA is taking to resolve the situation and
> > ensure such issuance will not be repeated in the future, accompanied
> with a
> > timeline of when your CA expects to accomplish these things.
> >
> > Defect has been resolved, we are also updating linting tools
> > (CABLint/Zlint) and upstreaming to patch for other peoples usage.
> >
> > ___
> > dev-security-policy mailing list
> > dev-security-policy@lists.mozilla.org
> > https://lists.mozilla.org/listinfo/dev-security-policy
> >
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> 

Re: EJBCA defaulting to 63 bit serial numbers

[Mike Kushner via dev-security-policy]

Hi Jakob,

On Thursday, March 7, 2019 at 7:30:03 PM UTC+1, Jakob Bohm wrote:
> In the cause of the other discussion it was revealed that EJBCA by PrimeKey 
> has apparently:
> 
> 1. Made serial numbers with 63 bits of entropy the default.  Which is 
>   not in compliance with the BRs for globally trusted CAs and SubCAs.

This has been the default setting since 2001, predating Ballot 164 quite some. 
At the time this was more than sufficient, and we hadn't reviewed it.

> 2. Mislead CAs to believe this setting actually provided 64 bits of 
>   entropy.

I'm presuming that you're not assigning any intention to the above.

We have always been open with that EJBCA generates 64 bit serial numbers, 
compliant with RFC5280 (3280 back then) and X.690. We weren't, at start of the 
previous thread, aware of the requirements made by CABF Ballot 164 as we've 
only been active in following the proceedings for the last couple of years, but 
as vendors we've historically viewed the responsibility configuring EJBCA 
correctly to meet existing standards as up to the end customer. We've been 
aware of the BR requirement for some time now, but we were not aware of the 
detailed previous discussion related to 63 vs 64 bits that has been held.

> 3. Discouraged CAs from changing that default.

This is not true in the least. Serial number size has been configurable since 
at least 2008 (long before B164). There is a note in the configuration file 
about not changing it unless you understand what you're doing, but that 
pertains to not lowering it below 64 bits. Raising the SN size (and thus 
entropy) has in fact been done by several of our customers (in response to 
B164, or for whatever other reason).
 
> This raises 3 derived concerns:
> 
> 4. Any CA using the EJBCA platform needs to manually check if they 
>   have patched EJBCA to comply with the BR entropy requirement despite 
>   EJBCAs publisher (PrimeKey) telling them otherwise.
>Maybe this should be added to the next quarterly mail from Mozilla to
>   the CAs.

A patch isn't required as the value is configurable in a config file, and in 
response to the concerns raised here we've added functionality for changing the 
serial number size without requiring a change to the config files. 

Again, I don't agree with your statement that we've told anybody that EJBCA, by 
default configuration, complies with the BR, as much configuration is needed to 
issue BR compliant certificates. A correct technical description of serial 
numbers is documented in the configuration file. The documentation did not 
consider the above discussion regarding entropy, as 64 bit serial numbers were 
leagues past the entropy requirements prior to 2016.

The documentation absolutely does encourage the end user to feel free to use 
larger serial number sizes, EJBCA is used in a lot of non public CA use cases, 
and as such ability to configure according to BR requirement or not is a key 
feature.

It does bear mentioning that the purpose of requiring serial number entropy was 
to mitigate against pre-imaging attacks against SHA-1, something which today 
has no bearing whatsoever. While I'm not claiming that there will never ever be 
a collision found against SHA256, but I hope you understand that this is a 
compliance issue against a requirement that for now has no has any security 
impact.

> 5. Is it good for the CA community that EJBCA seems to be the only 
>   generally available software suite for large CAs to use?

While I agree that diversity is good for any ecosystem, I would remind you that 
a majority of CA's don't actually run our software, and many run their own 
proprietary solutions. The availability of EJBCA is likely due to the fact that 
the vast majority of our code is FOSS (and the rest if always available to 
customers), which is partly due to our wish to make PKI available to all, and 
partly because we encourage external inspection of our implementation. 


> 6. Should the CA and root program community be more active in ensuring 
>   compliance by critical CA infrastructure providers such as EJBCA and 
>   the companies providing global OCSP network hosting.

Absolutely, and I would say that many already are. We don't have any goal other 
than making EJBCA as compliant as possible, and have always aimed to lay a step 
ahead of existing standards. Since 2016 (as a part of maturing as a software 
vendor) we changed focus in how we handle requirements work by actively 
following various standards orgs (including CABF), instead of receiving 
requirements from our customers. 

Cheers,
Mike
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: DarkMatter Concerns

[rfg.no.like--- via dev-security-policy]

Wow!

I read this whole thread from top to bottom this afternoon/evening, and all I 
got was a splitting headache and this lousy t-shirt: https://bit.ly/2UpZxIz

But seriously folks, just a couple of simple questions.

Firstly, is this a private discussion or may any member of the Great Unwashed 
Massed wander in a share a thought or two?  (I have a couple such, but I'll 
admit up front that they may be worth what y'all are likely to pay for them.)

Second I've noted the frequent use of the word "transparency", or derivatives 
thereof, both within this thread, and also within the letter sent by the CEO of 
DarkMatter to Mozilla, a PDF of which was linked to earlier in this thread.  
(In that letter, that word, transparency, or a derivative thereof, was used no 
fewer than four times.)

I bring this up only because, after having read this whole thread from top to 
bottom, I seem to have missed any reference to any list which provides specific
information regarding the current set of natural person beneficial owners of 
DarkMatter.  Given DarkMatter's proclaimed and evident commitment to 
transparency, I feel quite sure that I must have just missed the link to that 
info, so if someone would be kind enough to re-post that, I sure would 
appreciate it.

I'll hold off sharing any other of my thoughts on this matter until I have an 
adequate opportunity to peruse that list, which I hope will include information 
on the percentage ownership for each of the relevant natural persons.

It will be quite interesting, for me at least, to see what other associations 
each of the relevant natural persons presently has, or has historically had.  
In the past, I've been able tease out some interesting information about 
corporate entities and their owners, purported or otherwise, via diligent 
research, including even at least one company that's incorporated in U.A.E.  
(Google for "HostSailor".  As it turned out, that thing was/is actually run by 
a native Egyptian who incorporated the company in U.A.E. but who quite possibly 
never even set foot in the country.  Oh yea.  And he threatened both me and 
Brian Krebs with lawsuits for saying bad things about him.  Apparently, word of 
the adoption of the U.S. First Amendment travels slowly to certain portions of 
the globe.  But I digress.)


Regards,
rfg
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: DarkMatter Concerns

[Ken Myers (personal capacity) via dev-security-policy]

On Thursday, March 7, 2019 at 11:14:46 AM UTC-5, Matthew Hardeman wrote:
> On Thu, Mar 7, 2019 at 10:10 AM Ken Myers (personal capacity) via
> dev-security-policy  wrote:
> 
> > Is the issue that a Dark Matter business unit may influence the Dark
> > Matter Trust Services (a separate unit, but part of the same company) to
> > issue certificates for malicious purposes?
> >
> > or is it a holistic corporate ethics issue (in regards to Mozilla
> > community safety) of a Mozilla-trusted service operated within a company
> > that sells offensive cyber services?
> >
> 
> This particular question is one that I'd very much like to see the program
> address officially.  I personally reject the "corporate ethics issue" as
> inappropriate to this domain, but I don't really get a vote.

I didn't see anything in the articles posted about the offensive cyber services 
using certificates from the Dark Matter CA unless it is implied that Dark 
Matter will use Dark Matter certificates to perform offensive actions a la 
Stuxnet or something like that.

If that is not implied, then it seems  it is a broader ethics issue of a trust 
service operated within a company selling offensive cyber services.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: DarkMatter Concerns

[Jaime Hablutzel via dev-security-policy]

On Thursday, March 7, 2019 at 6:35:13 PM UTC-5, Matt Palmer wrote:
> On Thu, Mar 07, 2019 at 10:20:34AM -0600, Matthew Hardeman wrote:
> > Let's Encrypt does not quite provide certificates to everyone around the
> > world.  They do prevent issuance to and revoke prior certificates for those
> > on the United States various SDN (specially designated nationals) lists.
> > For example, units of the Iraqi government or those acting at their behest
> > may not receive Let's Encrypt certificates.
> > 
> > Obviously that is not an issue for the UAE or its people.  At least not
> > today.  But it always could be that it will be an issue someday.
> > 
> > What the people of the UAE don't have today is the ability to acquire
> > globally trusted certificates from a business in their own legal
> > jurisdiction who would be able to provide them with certificates even in
> > the face of exterior political force.
> 
> In the face of exterior political force, the people of the UAE couldn't get
> *globally trusted* certificates full-stop.  Off the top of my head, all of
> the widely-adopted web PKI trust stores are managed by US organisations. 
> One directive from the US government, and a trust anchor is *gone*.  Thus,
> having a trust anchor is not even a *sufficient* condition to produce the
> outcome you're advocating for, let alone a necessary one.

Maybe it is time for root programs to start thinking in moving their operations 
to more neutral countries, e.g. Switzerland.

> 
> if the UAE government, or its people, wishes to ensure their supply of
> "globally trusted" certificates, they need to start running their own PKI
> trust store.
> 
> - Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: The current and future role of national CAs in the root program

[Ryan Sleevi via dev-security-policy]

On Fri, Mar 8, 2019 at 7:31 AM Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> Many (not me) in the recent discussion of a certain CA have called
> for this to be changed one way or another.  This is the only thing
> that is new.
>

I do not believe this is an accurate or correct summary of others
viewpoints that have been shared, and certainly not to the degree that it's
reasonable to highlight "other" people as a basis for violating etiquette.

Given the concerns raised, and as has been pointed out, the decisions made,
unless you personally believe there is significant new information that
would reasonably prompt reconsideration of the original decision, please do
not attempt threads like this. As has been previously summarized, the
present discussion is very similar to past discussions. The burden is to
demonstrate what new information warrants reconsidering, and that burden
rests with the person opening the thread. This is why it's best to let
people speak for themselves and advocate their own positions.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: DarkMatter Concerns

[Ronald F. Guilmette via dev-security-policy]

I've read what I believe to be all of the messages in this thread to
date, but it appears that I may have missed something.

The word "transparency" and/or derivatives thereof has come up several
times in this thread.  Also, that same word, or derivatives thereof,
was/were included no fewer than four times in the letter sent by the
DarkMatter CEO to Mozilla, a link to the PDF of which was provided
earlier in this thread.

As a steadfast advocate of transparency myself, I personally find it
heartening to see that so many participants in this discussion place
such an emphasis on transparency.  In view of this enthusiasm, I would
like to just ask if anyone can provide me with a pointer or a reference
to the place or document wherein a full list of the natural person
beneficial owners of DarkMatter may be found, preferably along with
indications of percentage ownership stakes of each such natural person
beneficial owner.

I am very eager to review whatever document or documents provide this
basic information.

My apologies to all if I just simply missed some earlier post in this
thread which supplied a link to this information.


Regards,
rfg
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: The current and future role of national CAs in the root program

[Jakob Bohm via dev-security-policy]

On 08/03/2019 06:27, Peter Bowen wrote:

...

Mozilla has specifically chosen to not distinguish between "government
CAs", "national CAs", "commercial CAs", "global CAs", etc.  The same rules
apply to every CA in the program.  Therefore, the "national or other
affiliation" is not something that is relevant to the end user.

These have all been discussed before and do not appear to be relevant to
any current conversation.



Many (not me) in the recent discussion of a certain CA have called
for this to be changed one way or another.  This is the only thing
that is new.

As I wrote earlier, there were a lot of general policy ideas and
questions mixed into the discussion of that specific case, and my
post was an attempt to summarize those questions and ideas raised by
others.

Maybe the ultimate result will be no change, maybe not.  The
discussion certainly has been raised by a lot of people.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[Matt Palmer via dev-security-policy]

On Thu, Mar 07, 2019 at 08:47:46PM -0600, Matthew Hardeman via 
dev-security-policy wrote:
> On Thu, Mar 7, 2019 at 8:29 PM Ryan Sleevi via dev-security-policy <
> dev-security-policy@lists.mozilla.org> wrote:
> > Past analysis and discussion have shown the interpretation is hardly
> > specific to a single CA. It was a problem quite literally publicly
> > discussed during the drafting and wording of the ballot. References were
> > provided to those discussions. Have you gone and reviewed them? It might be
> > helpful to do so, before making false statements that mislead.
> 
> "Effective September 30, 2016, CAs SHALL generate non-sequential
> Certificate serial numbers greater than zero (0) containing at least 64
> bits of output from a CSPRNG. "  [1]
> 
> Irrespective of the discussion underlying the modifications of the BRs to
> incorporate this rule, there are numerous respondent CAs of varying
> operational vintage, varying size, and varying organizational complexity.

Yes, there are, and they all have a huge burden of trust placed on them. 

> The history underlying a rule should not be necessary to implement and
> faithfully obey a rule.

I absolutely agree with this.  Thankfully, there is no requirement to
understand the history behind the changes under discussion in order to
correctly implement it.

> Rather than have us theorize as to why non-compliance with this rule seems
> to be so widespread, even by a number of organizations which have more
> typically adhered to industry best practices, would you be willing to posit
> a plausible scenario for why all of this non-compliance has gone on for so
> long and by so many across so many certificates?

Because, like so many other things that go on for a long time before they're
discovered, nobody took a look.

> Additionally, assuming a large CA with millions of issued certificates
> using an actual 64-bit random serial number...  Should the CA also do an
> exhaustive issued-serial-number search to ensure that the to-be-signed
> serial number  is not off-by-one in either direction from a previously
> issued certificate serial number?  However implausible, if it occurred,
> this would indeed result in having participated in the issuance of 2
> certificates with sequential serial numbers.

Having sequential serial numbers is not problematic.  Having *predictable*
serial numbers is problematic.

- Matt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: EJBCA defaulting to 63 bit serial numbers

[okaphone.elektronika--- via dev-security-policy]

On Friday, 8 March 2019 04:28:17 UTC+1, Matt Palmer  wrote:
> On Thu, Mar 07, 2019 at 09:03:22PM -0600, Matthew Hardeman via 
> dev-security-policy wrote:
> > On Thu, Mar 7, 2019 at 8:54 PM bif via dev-security-policy <
> > dev-security-policy@lists.mozilla.org> wrote:
> > > But BRs are not to be interpreted, just to be applied to the letter,
> > > whether it makes sense or not. When it no longer makes sense, the wording
> > > can be improved for the future.
> > 
> > Indeed.  But following BR 7.1 to the letter apparently doesn't get you all
> > the way to compliance, by some opinions.
> 
> No, *misinterpreting* BR 7.1 doesn't get you all the way to compliance.
> 
> > After all, nothing in 7.1
> > requires anything as to the quality of the underlying CSPRNG utilized.
> 
> The "CS" is "CSPRNG" stands for "cryptographically secure", and "CSPRNG" is
> defined in the BRs.
> 
> > It
> > does not specify whether the 64-bits must be comprised of sequential bits
> > of data output by the CSPRNG,
> 
> Nor does it need to.
> 
> > nor does it specify that one is not permitted
> > to discard inconvenient values (assuming you seek replacement values from
> > the CSPRNG).
> 
> If you generate a 64-bit random value, then discard some values based on any
> sort of quality test, the end result is a 64-bit value with
> less-than-64-bits of randomness.  The reduction in randomness depends on the
> exact quality function employed.
> 
> - Matt

Could be me but when I read this spec as a programmer, I would probably decide 
that the serial number needs to be bigger than 64 bits. After all the specs 
require you to exclude the value zero. Because of that the entropy of the 
serial number can only be at least 64 bits if its size is actually larger than 
64 bits.

And if you need more than 64 bits anyway... having a bit more entropy than 
required is not going to hurt, so I'd probably go for 128 bits. ;-)

CU Hans
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy