Re: StartCom & Qihoo Incidents

[Percy]

On Thursday, October 27, 2016 at 5:26:23 PM UTC-7, Erwann Abalea wrote:
> Le jeudi 27 octobre 2016 09:55:09 UTC+2, Percy a écrit :
> > So this is it? Qihoo can continue to get away with this MITM browser?
> 
> I'm afraid that can't be solved by Mozilla. Qihoo is free to sell or freely 
> distribute their browser.

Since I'm not familiar with CAB forum, does CAB forum has authority to compel 
its members to protect its users?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: New SHA-1 certificates issued in 2016

[Ryan Sleevi]

On Friday, October 28, 2016 at 9:06:44 AM UTC-7, Ben Wilson wrote:
> -Original Message-
> Subject: RE: New SHA-1 certificates issued in 2016
> 
> Thank you, Patrick, for pointing these out to us.  DigiCert has been in the 
> forefront pushing the move toward SHA-2. In fact, we've been issuing SHA-2 
> certificates by default to our customers for a couple of years now.  We've 
> communicated with these sub-CAs and requested that these certificates be
> revoked.   We'll follow up with a status report on our efforts sometime next
> week.
> Sincerely yours,
> Ben Wilson
> DigiCert VP of Compliance

Ben,

While it's useful that you've requested these certs been revoked, as has been 
pointed out during numerous discussions of SHA-1, a revocation does not 
mitigate the fact that a SHA-1 cert was issued, as an attacker can manipulate 
the contents in such a way to avoid any revocations.

More important to the community would be understanding why these subordinate 
CAs are not complying with the Baseline Requirements, as required by the 
Mozilla Root Certificate Program policies, and as required by the Baseline 
Requirements.

As these are not technically constrained sub-CAs, what we have is demonstrable 
evidence of several possibilities, most seriously:
1) That these CAs may not be adhering to the Baseline Requirements as part of 
their policies - an indicator that their auditors may be derelict in their 
professional duties to ensure that the policies and practices are consistent 
with the BRs
2) If their policies document adherence, as they're required to, then these CAs 
are not issuing according to their CP/CPS

Could you indicate what steps DigiCert is taking to assure members of the 
public that these subordinate CAs will be operated in a manner consistent with 
expectations?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: New SHA-1 certificates issued in 2016

[Ben Wilson]

Resending without a digital signature.

-Original Message-
From: dev-security-policy 
[mailto:dev-security-policy-bounces+ben=digicert@lists.mozilla.org] On 
Behalf Of Ben Wilson
Sent: Friday, October 28, 2016 10:01 AM
To: Patrick Figel ; 
mozilla-dev-security-pol...@lists.mozilla.org
Subject: RE: New SHA-1 certificates issued in 2016

Thank you, Patrick, for pointing these out to us.  DigiCert has been in the 
forefront pushing the move toward SHA-2. In fact, we've been issuing SHA-2 
certificates by default to our customers for a couple of years now.  We've 
communicated with these sub-CAs and requested that these certificates be
revoked.   We'll follow up with a status report on our efforts sometime next
week.
Sincerely yours,
Ben Wilson
DigiCert VP of Compliance

-Original Message-
From: dev-security-policy
[mailto:dev-security-policy-bounces+ben=digicert@lists.mozilla.org] On 
Behalf Of Patrick Figel
Sent: Friday, October 28, 2016 9:12 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: New SHA-1 certificates issued in 2016

I found a number of SHA-1 certificates chaining up to CAs trusted by Mozilla 
that have not been brought up on this list or on Bugzilla yet.
Apologies in case I missed prior discussion for any of these, and kudos to 
censys for making this search incredibly easy.

#1
https://crt.sh/?id=32335005=cablint
  Common Name: portalcsg.siemens.com
  Serial: 1518050245
  Not Before: Jul 12 14:01:45 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Siemens Issuing CA Class Internet Server 2013
   - Siemens Internet CA V1.0

#2
https://crt.sh/?id=32335007=cablint
  Common Name: downloada.industrysoftware.automation.siemens.com
  Serial: 2087556804
  Not Before: May 10 15:54:05 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Siemens Issuing CA Class Internet Server 2013
   - Siemens Internet CA V1.0

#3
https://crt.sh/?id=32331581=cablint
  Common Name: VPN-PDC1.vodafone.com
  Serial: 77:00:1c:7f:f6:f8:7e:5d:d6:48:bf:72:4d:00:01:00:1c:7f:f6
  Not Before: Jun 23 09:39:53 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Vodafone (Corporate Services 2009)
   - Vodafone (Corporate Domain 2009)

#4
https://crt.sh/?id=20279777=cablint
  Common Name: styles.ag2rlamondiale.fr
  Serial: 11:21:79:9c:b3:3b:51:dd:43:a5:40:b5:a2:4b:81:38:b8:4a
  Not Before: May 23 12:02:20 2016 GMT
  Chains to: "Class 2 Primary CA" (DocuSign (OpenTrust/Keynectis)) via:
   - CLASS 2 KEYNECTIS CA

#5
https://crt.sh/?id=23099350=cablint
  Common Name: enterprisevault.dnb.no
  Serial: 7e:c3:58:c6:d5:0a:4a:7f:c6:be:ea:19:f3:f4:98:e5:9d:cd:df:41
  Not Before: May 19 13:15:04 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - DnB NOR ASA PKI Class G
   - Eurida Primary CA

#6
Don't know what to make of this one. It's a CA:true SHA-1 certificate.
Not sure what the BRs/Mozilla's policies have to say about this:
https://crt.sh/?id=2199=cablint
  Common Name: ACCV-CA3
  Serial: 1246797330
  Not Before: May 23 10:00:00 2016 GMT
  Chains to: "Root CA Generalitat Valenciana" (Government of Spain)

#7
Some non-TLS-Server-Auth SHA-1 certificates chaining up to "Certum CA"
(Asseco Data Systems S.A.). Most appear to be S/MIME or TLS client auth 
certificates, but I don't think the intermediates have any relevant technical 
constraints. I'm not sure if they're in scope for BRs/Mozilla, but here's the 
list in any case:
https://crt.sh/?id=26427662=cablint
https://crt.sh/?id=32333872=cablint
https://crt.sh/?id=19594797=cablint
https://crt.sh/?id=24979702=cablint
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

RE: New SHA-1 certificates issued in 2016

[Ben Wilson]

Thank you, Patrick, for pointing these out to us.  DigiCert has been in the
forefront pushing the move toward SHA-2. In fact, we've been issuing SHA-2
certificates by default to our customers for a couple of years now.  We've
communicated with these sub-CAs and requested that these certificates be
revoked.   We'll follow up with a status report on our efforts sometime next
week.
Sincerely yours,
Ben Wilson
DigiCert VP of Compliance

-Original Message-
From: dev-security-policy
[mailto:dev-security-policy-bounces+ben=digicert@lists.mozilla.org] On
Behalf Of Patrick Figel
Sent: Friday, October 28, 2016 9:12 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: New SHA-1 certificates issued in 2016

I found a number of SHA-1 certificates chaining up to CAs trusted by Mozilla
that have not been brought up on this list or on Bugzilla yet.
Apologies in case I missed prior discussion for any of these, and kudos to
censys for making this search incredibly easy.

#1
https://crt.sh/?id=32335005=cablint
  Common Name: portalcsg.siemens.com
  Serial: 1518050245
  Not Before: Jul 12 14:01:45 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Siemens Issuing CA Class Internet Server 2013
   - Siemens Internet CA V1.0

#2
https://crt.sh/?id=32335007=cablint
  Common Name: downloada.industrysoftware.automation.siemens.com
  Serial: 2087556804
  Not Before: May 10 15:54:05 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Siemens Issuing CA Class Internet Server 2013
   - Siemens Internet CA V1.0

#3
https://crt.sh/?id=32331581=cablint
  Common Name: VPN-PDC1.vodafone.com
  Serial: 77:00:1c:7f:f6:f8:7e:5d:d6:48:bf:72:4d:00:01:00:1c:7f:f6
  Not Before: Jun 23 09:39:53 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - Vodafone (Corporate Services 2009)
   - Vodafone (Corporate Domain 2009)

#4
https://crt.sh/?id=20279777=cablint
  Common Name: styles.ag2rlamondiale.fr
  Serial: 11:21:79:9c:b3:3b:51:dd:43:a5:40:b5:a2:4b:81:38:b8:4a
  Not Before: May 23 12:02:20 2016 GMT
  Chains to: "Class 2 Primary CA" (DocuSign (OpenTrust/Keynectis)) via:
   - CLASS 2 KEYNECTIS CA

#5
https://crt.sh/?id=23099350=cablint
  Common Name: enterprisevault.dnb.no
  Serial: 7e:c3:58:c6:d5:0a:4a:7f:c6:be:ea:19:f3:f4:98:e5:9d:cd:df:41
  Not Before: May 19 13:15:04 2016 GMT
  Chains to: "Baltimore CyberTrust Root" (DigiCert) via:
   - DnB NOR ASA PKI Class G
   - Eurida Primary CA

#6
Don't know what to make of this one. It's a CA:true SHA-1 certificate.
Not sure what the BRs/Mozilla's policies have to say about this:
https://crt.sh/?id=2199=cablint
  Common Name: ACCV-CA3
  Serial: 1246797330
  Not Before: May 23 10:00:00 2016 GMT
  Chains to: "Root CA Generalitat Valenciana" (Government of Spain)

#7
Some non-TLS-Server-Auth SHA-1 certificates chaining up to "Certum CA"
(Asseco Data Systems S.A.). Most appear to be S/MIME or TLS client auth
certificates, but I don't think the intermediates have any relevant
technical constraints. I'm not sure if they're in scope for BRs/Mozilla, but
here's the list in any case:
https://crt.sh/?id=26427662=cablint
https://crt.sh/?id=32333872=cablint
https://crt.sh/?id=19594797=cablint
https://crt.sh/?id=24979702=cablint
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy


smime.p7s
Description: S/MIME cryptographic signature
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

[wangsn1206]

We have uploaded the lastest translantion of CP/CPS.
CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805543
CPS: https://bug1128392.bmoattachments.org/attachment.cgi?id=8805545
EV CP: https://bugzilla.mozilla.org/attachment.cgi?id=8805546
EV CPS: https://bug1128392.bmoattachments.org/attachment.cgi?id=8805547

Because of our English level, there maybe some mistakes. If you have any 
questions, please contact us.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Guang Dong Certificate Authority (GDCA) root inclusion request

[wangsn1206]

We are not intended to cover-up anything since we had disclosed every change to 
the Chinese version CP/CPS at once after the auditor reviewed.
The “ROOTCA(SM2)” CA in $1.1.3 of CPS ver4.3 is equivalent to the “SM2 ROOT 
Certificate” CA in $1.1.3 of CPS ver4.1. The “Guangdong Certificate 
Authority(SM2) ” CA in $1.1.3 of CPS ver4.3 is equivalent to the “SM2 CA 
Certificate” CA in $1.1.3 of CPS ver4.1. We change these names in diagram in 
this revision in order to show the actual CN of these certificates. 
Furthermore, we only issue SM2 subscriber certificates from the subCA of 
“ROOTCA(SM2)” CA.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy