Re: Question about BR Commitment to Comply

On 2015-02-04 14:55, Man Ho (Certizen) wrote: But making a statement in CP/CPS means that CA has already complied with the latest version of BRs. In other words, CA has already complied with all potential changes of BRs at all time. Such statement could be a false statement when the latest

Re: Automated Audit Reminder Email Templates

Hi Kathleen, On 2015-01-22 22:43, Kathleen Wilson wrote: All, As you know, we've moved the CA Program data from spreadsheets into SalesForce. We are now creating a program that will be run once per month to automatically send email to CAs when audit statements are past due; meaning that the

Re: Automated Audit Reminder Email Templates

On Mon, Jan 26, 2015 at 01:25:50PM -0800, Ryan Sleevi wrote: To offer concrete suggestions on this: I'm not sure what you mean exactly, so I'm going to give examples. Assuming the last audit period was 2013-01-01 to 2013-12-31, and the audit statement on 2014-03-15. According to the BR rules

Re: DSA certificates?

On 2014-12-22 21:26, Ryan Sleevi wrote: As part of the transition to BoringSSL, we've chosen to remove DSA support. The number of well-formed DSA certificates out there was single digits, so this is not likely to be a large Web Compat issue My charts (http://roeckx.be/certificates/dsa.png)

Re: Consequences of mis-issuance under CNNIC

On 2015-03-24 10:35, Florian Weimer wrote: * Kurt Roeckx: So it's my understanding that they were only supposed to issue certificates for their own domain(s). Why wasn't this enforced by using a name constraint? Sadly, name constraints do not work because they do not constrain the Common

Re: address prefixes allowed for domain control validation

On 2015-03-23 00:18, Kathleen Wilson wrote: admin@domain administrator@domain I've seen a few stories like this. I think they all used either admin or administrator. So I recommend not to allow those. They also don't show up in a default /etc/aliases file while the other 3 do.

Re: Requirements for CNNIC re-application

On 2015-04-14 13:54, Rob Stradling wrote: On 14/04/15 12:38, Kurt Roeckx wrote: On 2015-04-14 01:15, Peter Kurrasch wrote: Let's use an example. Suppose CNNIC issues a cert for whitehouse[dot]gov and let's further suppose that CNNIC includes this cert in the CT data since they have agreed

Re: Policy about root cert transfers

On 2015-04-24 01:21, Kathleen Wilson wrote: 4) Before the new CA begins issuing certs in the transferred CA cert hierarchy, there should be an audit performed at the new CA's site to confirm that the transfer was successful and that the root cert is ready to resume issuance. Would this be a

Re: Where are the lists of public disclosed subCAs?

On Sat, May 02, 2015 at 06:48:44PM -0400, Richard Barnes wrote: Hey Matthew, I believe We are in the process of collecting this information from CAs. I understand that this is being collected in SalesForce and that as some point we should be able to get that list. In the current form it's

Re: Firefox does not load valid certificate

On 2015-05-07 16:33, Jonas Witmer wrote: Hi Christopher As you can see on your SSLLabs Report, your server is forcing weak RC4 ciphers. It also only support TLS 1.0. TLS 1.1 and 1.2 fix issues with the protocol and I suggest you really look into getting TLS 1.2.

Re: Name-constraining government CAs, or not

On 2015-05-18 13:06, Matt Palmer wrote: On Mon, May 18, 2015 at 12:26:26PM +0200, Kurt Roeckx wrote: On 2015-05-14 17:25, Gervase Markham wrote: 2) If it is different, does name-constraining government CAs make things better, or not? I think it only makes sense to name constrain a government

Re: Name-constraining government CAs, or not

On 2015-05-19 12:04, Gervase Markham wrote: On 18/05/15 17:39, Kurt Roeckx wrote: On the other hand, if it covers the whole country, they can abuse it for domains in that country, but not for other domains. I'm not sure why you would find it acceptable that they can abuse it in their own

Re: Name-constraining government CAs, or not

On 2015-05-14 17:25, Gervase Markham wrote: 2) If it is different, does name-constraining government CAs make things better, or not? I think it only makes sense to name constrain a government CA if the name constrained only covers government websites, and not all websites in the country.

Re: Certificate with space in CommonName found on deutschepost.de

On Sat, Apr 11, 2015 at 10:44:38AM +, Peter Gutmann wrote: Did anyone save a copy of the cert chain? I'd like to add it to my collection of broken cer^H^H^H^H^Hcert parser test vectors, but the site has been fixed and the Bugzilla entry doesn't contain it. The site hasn't been fixed, at

Re: Name-constraining government CAs, or not

On 2015-05-14 17:25, Gervase Markham wrote: CAs currently in Mozilla's program which may fit one or more definitions of government CA are: It might be a little out of scope of your question, but maybe we should agree on what we think the (government) CAs should be able to do and what not.

Re: CA scope transparency (was Re: Name-constraining government CAs, or not)

On 2015-06-09 15:26, Peter Kurrasch wrote: 3) How frequently might such tools run? Or to put it differently, how much time do I probably have between when I issue a gmail cert and when someone figures it out (and of course how much longer before my illegitimate cert is no longer valid)? I

Re: CA scope transparency (was Re: Name-constraining government CAs, or not)

On Tue, Jun 09, 2015 at 12:00:23PM -0700, Rick Andrews wrote: On Tuesday, June 9, 2015 at 7:45:05 AM UTC-7, Kurt Roeckx wrote: On 2015-06-09 15:26, Peter Kurrasch wrote: 3) How frequently might such tools run? Or to put it differently, how much time do I probably have between when I

Re: WoSign Root Renewal Request

Hi Richard, You seem to be saying that the CRL number always matches the amount of times you've revoked a certificate. This is not the case. Each time the CRL is updated, even when the list of revoked certificates is the same, you should update the CRL number. That is, if you generate the

Re: Update to phasing out SHA-1 Certs

On 2015-10-21 22:18, s...@gmx.ch wrote: There was also a plan for certificates with 'notAfter >= 2017-1-1' (still valid in 2017+). Chrome already shows a broken https icon for them. See https://sha1-2017.badssl.com/ This was discussed in https://bugzilla.mozilla.org/show_bug.cgi?id=942515 So

Re: Clarify that a ccTLD is not acceptable in permittedSubtrees

On 2015-11-11 19:46, Steve Roylance wrote: Hypothetically, a government organization wishing to issue S/MIME certificates to citizens on a range of ccTLD based domains could be technically constrained through the inclusion of EKU's I just wondering how you would imagine this would work. Would

Re: [FORGED] Name issues in public certificates

On Tue, Nov 17, 2015 at 05:40:28PM +, Rob Stradling wrote: > > Great. I tried importing the list into postgres but I couldn't persuade it > to accept the invalid character encodings, so I gave up. When importing data in my postgres database I leave the fields NULL in case I really can't do

Re: SHA256/GCM DHE support when SHA1 support is dropped

On 2015-11-06 17:47, loths...@gmail.com wrote: https://bugzilla.mozilla.org/s... [mozilla.org] Firefox only currently supports DHE with SHA1. Are they going add support for SHA256 DHE when they disable SHA1? The dropping of SHA1 is only in certificates, not in any of the cipher suites.

Re: Policy Update: section 8 of Maintenance Policy

On 2015-11-05 19:46, Kathleen Wilson wrote: Another option is to delete this section from Mozilla's policy, because it is covered by the Baseline Requirements. However, the Baseline Requirements allows for DSA, which Mozilla does not support. Maybe the BR should be updated to remove DSA

Re: Policy Update: section 8 of Maintenance Policy

On 2015-11-05 21:01, s...@gmx.ch wrote: I would like to see SHA-3 signatures and Ed25519/curve25519 ASAP. The later one is not that far away [1]. Maybe it's the right time to consider them? [1] https://bugzilla.mozilla.org/show_bug.cgi?id=957105 This is about certificate, so as far as I know

Re: Update to phasing out SHA-1 Certs

On 2015-10-20 20:39, Kathleen Wilson wrote: - We are re-evaluating when we should start rejecting all SHA-1 SSL certificates (regardless of when they were issued). As we said before, the current plan is to make this change on January 1, 2017. However, in light of recent attacks on SHA-1, we

Re: Remove Roots used for only Email and CodeSigning?

On 2015-09-03 20:22, Kathleen Wilson wrote: 2) Remove included root certs that only have the Code Signing trust bit enabled. To our knowledge, no one is using such root certs via the NSS root store. I'm wondering how you currently support things like java applets. As far as I understand for

Re: Remove Roots used for only Email and CodeSigning?

On Tue, Sep 08, 2015 at 10:58:39AM -0700, Kathleen Wilson wrote: > 28. Remove Code Signing trust bits. As of Firefox 38, add-ons are signed > using Mozilla's own roots. There doesn't appear to be anyone else using the > roots in the NSS root store for Code Signing. -- currently under discussion >

Re: Policy Update Proposal: Remove Code Signing Trust Bit

On Thu, Sep 10, 2015 at 01:20:02PM -0700, Kathleen Wilson wrote: > Proposal for version 2.3 of Mozilla's CA Certificate Policy: > > Remove the code signing trust bit. > > If this proposal is accepted, then there would be follow-up action items > that would need to happen after version 2.3 of the

Re: Firefox security too strict (HSTS?)?

On Fri, Sep 11, 2015 at 03:34:21PM -0400, Richard Barnes wrote: > And that the certificate has the "identify websites" bit set? You mean that when it's important into firefox, he should say it should be trusted for websites? Or are you talking about an extention in the certificate itself? Kurt

Re: Firefox security too strict (HSTS?)?

On Wed, Sep 16, 2015 at 02:51:28PM -0700, AnilG wrote: > > there's another issue blocking them for Firefox: Secure Connection Failed. > The connection to wiki.mozilla.org was interrupted while the page was loading. I wonder if firefox is using certificate pinning for *.mozilla.org. Kurt

Re: Policy Update Proposal: Remove Code Signing Trust Bit

On 2015-10-01 11:05, Gervase Markham wrote: On 01/10/15 02:43, Brian Smith wrote: Perhaps nobody's is, and the whole idea of using publicly-trusted CAs for code signing and email certs is flawed and so nobody should do this. I think we should divide code-signing and email here. I can see how

Re: Policy Update Proposal -- Specify audit criteria according to trust bit

On Mon, Sep 21, 2015 at 07:07:07PM -0700, Kathleen Wilson wrote: > > First, we need to determine if the Email trust bit should remain part of > Mozilla's CA Certificate Policy. I'm really concerned about this. S/MIME and PGP are the only (popular) ways to do encryption over email. The

Re: New wiki page on certificate revocation plans

On 2015-12-04 02:55, Jakob Bohm wrote: How huge and unwieldy are CRLs really, especially if letting the computer (NSS/Firefox) do the updating? Individual CRLs are in the range of a few kB to a few MB. For the CA that issues the subscriber certificates they have a maximum validity of 10

Re: New wiki page on certificate revocation plans

On 2015-12-04 15:21, Jakob Bohm wrote: On 04/12/2015 11:19, Kurt Roeckx wrote: On 2015-12-04 02:55, Jakob Bohm wrote: How huge and unwieldy are CRLs really, especially if letting the computer (NSS/Firefox) do the updating? Individual CRLs are in the range of a few kB to a few MB. For the CA

Re: Automated Audit Reminder Email Templates

On 2015-01-22 22:43, Kathleen Wilson wrote: All, As you know, we've moved the CA Program data from spreadsheets into SalesForce. We are now creating a program that will be run once per month to automatically send email to CAs when audit statements are past due; meaning that the audit statement

Re: Audit report timing

On Mon, Dec 07, 2015 at 10:24:34AM -0800, Peter Bowen wrote: > The current CA policy does not specify when audit reports are due to > Mozilla relative to the end date of the audit period. It only says > that CAs much provide the reports to Mozilla within 30 days of > receiving the report from

Re: [FORGED] Name issues in public certificates

On 2015-11-20 17:27, Peter Bowen wrote: On Fri, Nov 20, 2015 at 7:32 AM, Kurt Roeckx <k...@roeckx.be> wrote: On 2015-11-19 22:19, douglas.beat...@gmail.com wrote: I realize I'm a little late to the game, but I had a question on the maximum length. If I'm reading this correctly, it look

Re: Intermediate certificate disclosure deadline in 2 weeks

On Wed, Jun 22, 2016 at 02:25:37PM -0700, Peter Bowen wrote: > I think there are two things getting conflated here: > > 1) Disclosure of revoked unexpired CA certificates signed by a trusted CA > > 2) Disclosure of CA certificates signed by CAs that are the subject of #1 > > Imagine the

Re: SHA1 certs issued this year chaining to included roots

On Tue, Jan 19, 2016 at 01:49:21AM +, Charles Reiss wrote: > Via censys.io, I found a couple SHA-1 certs with notBefore dates from this > year > which chain to root CAs in Mozilla's program: I also have some from C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at

Re: New requirement: certlint testing

On Mon, Feb 08, 2016 at 12:18:12PM -0800, Kathleen Wilson wrote: > All, > > We recently added two tests that CAs must perform and resolve errors for > when they are requesting to enable the Websites trust bit for their root > certificate. > > Test 1) Browse to https://crt.sh/ and enter the SHA-1

Re: New requirement: certlint testing

On Mon, Feb 08, 2016 at 02:30:05PM -0800, Kathleen Wilson wrote: > > Not much you can do about a currently-included root certificate other than > re-issue the root certificate which can cause many other problems. So I was under the impression that they needed to check their currently signed

Re: Drafting Q1 2016 CA Communication

On 2016-03-11 01:14, Jakob Bohm wrote: - Non-PrintableString/UTF8String in DNs. Workaround to be removed in Bug #[TBD]. Does this also apply to "pure ASCII" fields such as country ("C=US") etc.? Some of those were historically constrained to one of the lesser ASN.1 string types. I think C

Re: Drafting Q1 2016 CA Communication

On 2016-03-11 15:33, Jakob Bohm wrote: On 11/03/2016 09:55, Kurt Roeckx wrote: On 2016-03-11 01:14, Jakob Bohm wrote: - Non-PrintableString/UTF8String in DNs. Workaround to be removed in Bug #[TBD]. Does this also apply to "pure ASCII" fields such as country ("C=US")

Re: Undisclosed CA certificates

On 2016-04-29 09:42, Nick Lamb wrote: I'm sure Rob can give a more technical answer, but my understanding is that crt.sh doesn't (and probably can't) detect that individual certificates have enough entropy, instead it flags certificates based on the length of the serial numbers. So it's

Re: SSL Certs for Malicious Websites

On Sun, May 15, 2016 at 05:43:39PM -0700, Peter Bowen wrote: > "By providing more reliable third-party verified identity and address > information regarding the business, EV Certificates may help to [...] > Assist law enforcement organizations in their investigations of > phishing and other online

Re: DocuSign (OpenTrust/Keynectis/Certplus) root renewal request

On 2016-05-10 02:07, Kathleen Wilson wrote: Thanks to all of you who have reviewed and commented on this request from DocuSign to include the following root certificates, turn on the Websites and Email trust bits for all of them, and enable EV treatment for all of them. + Certplus Root CA G1 -

Re: Request to enable EV for VeriSign Class 3 G4 ECC root

On 2016-04-20 15:48, Ryan Sleevi wrote: On Tuesday, April 19, 2016 at 10:15:16 AM UTC-7, Nick Lamb wrote: Some more thoughts (my previous substantive comments are awaiting moderation because I foolishly sent them before subscribing) 1. Historically other CAs in this family have issued

Re: Incomplete Intermediate Cert Records

On Fri, Aug 05, 2016 at 09:44:58PM -0700, Ryan Sleevi wrote: > On Friday, August 5, 2016 at 4:32:52 PM UTC-7, Kathleen Wilson wrote: > > I am planning to have Salesforce automatically send the following email on > > the second and fourth Tuesday of each month to the Primary POC for each CA > >

Re: FW: Intermediate certificate disclosure deadline in 2 weeks

> On Jun 24, 2016, at 08:01, > > "dev-security-policy-requ...@lists.mozilla.org<mailto:dev-security-policy-requ...@lists.mozilla.org>" > > > > <dev-security-policy-requ...@lists.mozilla.org<mailto:dev-security-policy-requ...@lists.mozilla.org>> > >

Re: Hongkong Post recently issued SHA1 cert that could be used in TLS

On Wed, Aug 17, 2016 at 09:55:24AM -0700, Ryan Sleevi wrote: > > I don't think adding that CA certificate to OneCRL is enough, that would > > only protect Mozilla users. They should revoke all the relevant > > certificates. > > Define "relevant"? If a SHA-1 collision has been mounted, Hongkong

Re: Other Curves

On Wed, Feb 01, 2017 at 11:51:48PM +0100, Hanno Böck wrote: > On Wed, 1 Feb 2017 22:38:54 + > Jeremy Rowley wrote: > > > Some of these curves are considered much better than the NIST curves > > (well, that’s what I’ve read anyway). > > Overall they have mostly

Re: Question about Baseline Requirements section #7.1.4.2

On Mon, Jan 23, 2017 at 04:01:58PM -0800, Peter Bowen wrote: > On Mon, Jan 23, 2017 at 3:32 PM, Kathleen Wilson wrote: > > Does section 7.1.4.2 of the CA/Browser Forum's Baseline Requirements only > > apply to end-entity certificates? > > > > If yes, where does it specify

Re: Appropriate role for lists of algorithms and key sizes

On 2017-01-28 07:51, Peter Gutmann wrote: Jakob Bohm writes: DSA and ECDSA signatures are only secure if the hash algorithm is specified in the certificate, presumably as part of the AlgorithmIdentifier in the SubjectPublicKeyInfo. It's in the (badly-named) signature

Re: Policy 2.4 Proposal: Define how quickly audit reports must be provided

On Wed, Jan 18, 2017 at 07:23:35AM -0800, Peter Bowen wrote: > > > On Jan 18, 2017, at 7:18 AM, Gervase Markham wrote: > > > > On 17/01/17 23:33, Jakob Bohm wrote: > >> How about "_and versions and strong (>= 256 bits) hashes_", > > > > Do people think we need to go this far?

Re: Incidents involving the CA WoSign

On Fri, Sep 02, 2016 at 07:27:13PM +0200, Kurt Roeckx wrote: > On Fri, Sep 02, 2016 at 10:00:28AM -0700, Andrew Ayer wrote: > > 2. A certificate has already been found which they didn't log to CT > > despite their assertion that they had logged all certificates, > > Can you

Re: Incidents involving the CA WoSign

On Fri, Sep 02, 2016 at 10:00:28AM -0700, Andrew Ayer wrote: > 2. A certificate has already been found which they didn't log to CT > despite their assertion that they had logged all certificates, Can you please point to those that weren't logged? Kurt

Re: Incidents involving the CA WoSign

On Sat, Sep 03, 2016 at 09:24:33AM +1000, Matt Palmer wrote: > On Fri, Sep 02, 2016 at 07:55:36AM -0700, Peter Bowen wrote: > > Do you also plan to submit these to at least one Google-operated log? > > Did you mean "non-Google-operated log"? I was under the impression that we > didn't want

Re: Incidents involving the CA WoSign

On Sat, Sep 03, 2016 at 11:45:21AM +0200, Kurt Roeckx wrote: > On Sat, Sep 03, 2016 at 09:29:45AM +0100, Gervase Markham wrote: > > On 02/09/16 16:21, Peter Bowen wrote: > > > It seems then there is a newly exposed bug. > > > https:/

Re: Sanctions short of distrust

On 2016-09-05 17:55, Jakob Bohm wrote: Indeed, I have found that a number of common web server implementations simply lack the ability to do OCSP stapling at all. I would really like to see OCSP stapling as mandatory. There currently only seem to be around 25% of the servers that do it, and

Re: Sanctions short of distrust

On 2016-09-06 10:13, Nick Lamb wrote: Quality of implementation for OCSP stapling seems to remain poor in at least apache and nginx, two of the most popular servers. Apache's in particular gives me that OpenSSL "We read this standards document and implemented everything in it as a series of

Re: Incidents involving the CA WoSign

On 2016-09-05 22:37, Percy wrote: In page 11, you mentioned that "System blocked many illegal request every day, the following screen shot is the reject order log", in which you attached a log with Google, Microsoft, QQ domains. Those domains are rejected because of the top domain whitelist.

Re: Sanctions short of distrust

On 2016-09-06 14:16, Jakob Bohm wrote: On 06/09/2016 10:25, Kurt Roeckx wrote: If you think there is something we can do in OpenSSL to improve this, please let us know. Here are a list of software where I have personally observed bad OCSP stapling support: OpenSSL 1.0.x itself

Re: Sanctions short of distrust

Hi Nick, I want to thank you for bringing this up, because we always seem to have the same kind of discussions when something happened. Ryan's mail has a bunch of other suggestions for what we can do. 1. Implement "Require SCTs" for problematic CAs. Is there a reason we don't require

Re: Incidents involving the CA WoSign

On 2016-08-31 20:13, Ryan Sleevi wrote: Setting aside for a second whether or not distrusting is the right action, let's think about what possible responses. A) Remove the CA. Users may manually trust it if they re-add it, but it will not be trusted by default. B) Actively distrust the CA.

Re: Reuse of serial numbers by StartCom

On 2016-09-01 14:21, Matt Palmer wrote: On Thu, Sep 01, 2016 at 10:53:36AM +0300, Eddy Nigg wrote: On 09/01/2016 04:20 AM, Matt Palmer wrote: You were knowingly violating a MUST provision of RFC5280. From experience there have been many RFC violations, sometimes even knowingly and

Re: Incidents involving the CA WoSign

On 2016-09-02 05:59, Peter Gutmann wrote: Vincent Lynch writes: I think Eddy Nigg (founder of StartCom) and/or Richard Wang (of WoSign) should make a statement about this. +1. I'd already asked for something like this earlier and got silence as a response, which isn't

Re: Incidents involving the CA WoSign

On 2016-09-07 13:00, Gervase Markham wrote: Hi Richard, On 07/09/16 11:06, Richard Wang wrote: This discuss has been lasting two weeks, I think it is time to end it, it doesn’t worth to waste everybody’s precious time. Unfortunately, I think we may be only beginning. I have prepared a list

Re: Incidents involving the CA WoSign

On Sun, Sep 04, 2016 at 02:53:01PM +0200, Kurt Roeckx wrote: > On Sun, Sep 04, 2016 at 09:49:25AM +, Richard Wang wrote: > > Hi all, > > > > We finished the investigation and released the incidents report today: > > https://www.wosign.com/report/wosign_in

Re: Incidents involving the CA WoSign

On Sun, Sep 04, 2016 at 09:49:25AM +, Richard Wang wrote: > Hi all, > > We finished the investigation and released the incidents report today: > https://www.wosign.com/report/wosign_incidents_report_09042016.pdf > > This report has 20 pages, please let me if you still have any questions,

Re: Reuse of serial numbers by StartCom

On Sun, Sep 04, 2016 at 12:04:21PM +0300, Eddy Nigg wrote: > On 09/02/2016 07:02 PM, Nick Lamb wrote: > > On Friday, 2 September 2016 08:50:02 UTC+1, Eddy Nigg wrote: > > > Lets speak about relying parties - how does this bug affect you? > > As a relying party I am entitled to assume that there

Re: Incidents involving the CA WoSign

On Sun, Sep 04, 2016 at 10:05:11AM +0100, Gijs Kruitbosch wrote: > So if I understand correctly, you've published all certificates issued in > 2015 to CT, and any cert with a notBefore of/after July 5th 2016. Is that > correct? > > > As noted in >

Re: Incidents involving the CA WoSign

On Sun, Sep 04, 2016 at 09:49:25AM +, Richard Wang wrote: > Hi all, > > We finished the investigation and released the incidents report today: > https://www.wosign.com/report/wosign_incidents_report_09042016.pdf In section 2.2 you explain that there is a mail at 9:01 and 9:38, where I

Re: website control validation problem

On 2016-09-02 04:22, Richard Wang wrote: For https://crt.sh/?id=29884704 , he finished the website control validation. We and Alibaba are investigating why he can do the website control validation. The is the log, but we can't expose more now since it is related to Alibaba. 2016-06-23

Re: Incidents involving the CA WoSign

On Sat, Sep 03, 2016 at 09:29:45AM +0100, Gervase Markham wrote: > On 02/09/16 16:21, Peter Bowen wrote: > > It seems then there is a newly exposed bug. > > https://www.censys.io/certificates/e2665bb07940b5bee73145f47c99dcf5781edbe9d78f9cada8f1d702d5e340ad > > shows a certificate issued by your CA

Re: Reuse of serial numbers by StartCom

On 2016-08-31 04:56, Peter Bowen wrote: In reviewing the Certificate Transparency logs, I noticed the StartCom has issued multiple certificates with identical serial numbers and identical issuer names. https://crt.sh/?serial=14DCA8 (2014-12-07) https://crt.sh/?serial=04FF5D653668DB (2015-01-05)

Re: SHA-1 exception First Data

On Thu, Oct 06, 2016 at 08:22:20AM +0200, Hanno Böck wrote: > On Wed, 5 Oct 2016 22:46:24 -0700 > Peter Bowen wrote: > > > I think we can all look back with 20/20 hindsight and say that device > > vendors should not use the same roots as browsers and that maybe CAs > > should

Re: Incident Report - certificate with 'sb' as a SAN:dnsName

On Tue, Oct 04, 2016 at 11:13:21AM +0100, Rob Stradling wrote: > On 04/10/16 07:10, Gervase Markham wrote: > > >> [4] https://crt.sh/?cablint=1+week > > > > This URL is a 404. > > Sorry, crt.sh is a bit under the weather right now. Someone submitted a > batch of several million certs to the

Re: Incidents involving the CA WoSign

On Fri, Oct 07, 2016 at 03:21:48AM +, Peter Gutmann wrote: > Kurt Roeckx <k...@roeckx.be> writes: > > >This is why browsers have something like OneCRL, so that they actually do > >know about it and why Rob added that information to the bug tracker ( > &g

Re: Incidents involving the CA WoSign

On Wed, Oct 05, 2016 at 01:30:37PM +, Peter Gutmann wrote: > Rob Stradling writes: > > >Easy. It doesn't make a sound. Unrevoked certificates don't make sounds > >either. > > What I was really asking, in a tongue-in-cheek way, was whether there was any >

Re: Incidents involving the CA WoSign

On 2016-09-21 12:11, Richard Wang wrote: Please check the first 313 certificate serial is “56D1570DA645BF6B44C0A7077CC6769” and the second 27 certificate is “D3BBDC3A0175E38F9D0070CD050986A” that only 31 bytes. But our serial number rule is 32 bytes. This is a little misleading. The hex

Re: Incidents involving the CA WoSign

On 2016-09-21 11:16, Gervase Markham wrote: Hi Xiaosheng, On 20/09/16 16:31, 谭晓生 wrote: Qihoo 360 is a company valued at USD$9.99B as it finished the privatization on July 15th 2016, we have invested in more than 200 companies across the world, Wosign is just a very small one and we even do

Re: Incidents involving the CA WoSign

On 2016-09-20 17:31, 谭晓生 wrote: Dear Gerv and all, Qihoo 360 is a company valued at USD$9.99B as it finished the privatization on July 15th 2016, we have invested in more than 200 companies across the world, Wosign is just a very small one and we even do not have any people sent to this

Re: Incidents involving the CA WoSign

On 2016-09-21 16:26, Richard Wang wrote: R: You can place order there and don't do the domain validation, 4 months later, you finished the domain control validation, then issue the certificate. Please try it by yourself here: https://buy.wosign.com/free/ So the date in the certificate is

Re: Incidents involving the CA WoSign

On 2016-09-23 13:38, Richard Wang wrote: Hi Gerv, Please check this news (Feb 25th 2015) in OSCCA website: http://www.oscca.gov.cn/News/201312/News_1254.htm that all China licensed CA finished the PKI/CA system upgrade that all licensed CA MUST be able to issue SM2 certificate to

Re: Incidents involving the CA WoSign

On Wed, Sep 07, 2016 at 02:08:24PM +0200, Kurt Roeckx wrote: > On 2016-09-07 13:00, Gervase Markham wrote: > > Hi Richard, > > > > On 07/09/16 11:06, Richard Wang wrote: > > > This discuss has been lasting two weeks, I think it is time to end > > > it

Re: Hongkong Post recently issued SHA1 cert that could be used in TLS

On 2016-08-17 00:23, Ryan Sleevi wrote: Practically speaking, what steps could be taken? 6) Ask them to immediately stop issuing SHA-1 based certificates that chain back to any of the root certificates in the Mozilla root store, and revoke the one they shouldn't have issued. If they fail to

Re: Summary of August 2016 Audit Reminder Emails

On 2016-08-16 21:42, Kathleen Wilson wrote: Root Certificates: Autoridad de Certificacion Firmaprofesional CIF A62634068 [...] 2) jurisdictionOfIncorporation should be PrintableString coded, but we code it in UTF8: we fail to understand this requirement when UTF8 is more recent and to

WoSign and duplicate serial numbers

Hi, In their report and the audit statement they talk about 392 duplicate serial numbers, with links to the crt.sh page for those serial numbers. But they in fact actually point to 393, the first group has 314 and not 313 duplicates in it. This was already the case before they published their

Re: Time to distrust

On 2016-09-27 01:18, Jakob Bohm wrote: It would perhaps be useful if you could dispute, using Firefox as an example, and considering the real deployment (not the theorhetical abstract of ways in which someone 'might' configure about:flags, but no one can and still have the same experience), the

Re: WoSign and duplicate serial numbers

On 2016-09-27 11:31, Gervase Markham wrote: Hi Kurt, On 26/09/16 23:45, Kurt Roeckx wrote: In their report and the audit statement they talk about 392 duplicate serial numbers, with links to the crt.sh page for those serial numbers. But they in fact actually point to 393, the first group has

Re: Apple's response to the WoSign incidents

On Sat, Oct 01, 2016 at 11:35:06AM -0700, Percy wrote: > "Apple products will trust individual existing certificates issued from this > intermediate CA and published to public Certificate Transparency log servers > by 2016-09-19" > > It seems that Apple has taken the explicit white-listed

Re: Technically Constrained Sub-CAs and the BRs

On Tue, Oct 25, 2016 at 12:12:47PM -0700, Ryan Sleevi wrote: > 8. All certificates that are capable of being used to issue new certificates, > and which directly or transitively chain to a certificate included in > Mozilla’s CA Certificate Program, MUST be operated in accordance with >

Re: Technically Constrained Sub-CAs and the BRs

On Tue, Oct 25, 2016 at 12:12:47PM -0700, Ryan Sleevi wrote: > That is, according to the BRs, the issuer of a technically constrained > subordinate CA has a BR-obligation to ensure that their TCSCs are adhering to > the BRs and the issuing CA's policies and practices, as well as conduct a >

Re: Can we require id-kp-serverAuth now?

On 2016-11-09 10:58, Gervase Markham wrote: At the moment, Firefox recognises an EE cert as a server cert if it has an EKU extension with id-kp-serverAuth, or if it has no EKU at all. So not when the anyExtendedKeyUsage is present? > On 17th of Feb 2013, Mozilla published CA policy 2.1, which

Re: Can we require id-kp-serverAuth now?

On Wed, Nov 09, 2016 at 10:57:54AM -0800, Peter Bowen wrote: > I think it makes sense to have a new doc that applies to all CAs and > specifies when requirements apply to certificates. That way we can > say "SSL BRs apply if X, S/MIME BRs apply if Y, Code Signing applies > if Z, this doc applies

Re: Mozilla CA Policy 2.3 plan

On 2016-11-07 15:08, Gervase Markham wrote: https://github.com/mozilla/pkipolicy/compare/2.2...master So one of the changes is that you now have: -issuing certificates), as described in [CA/Browser Forum -Baseline Requirement -

Re: Mozilla CT Policy

On 2016-11-07 18:25, Ryan Sleevi wrote: This is why it's vitally important that clients fetch inclusion proofs in some manner Have you considered a TLS extension, have the server fetch them and send to the client? Kurt ___ dev-security-policy

Re: New SHA-1 certificates issued in 2016

On Sat, Nov 05, 2016 at 09:09:49AM +, Gervase Markham wrote: > > If they had sent an incident report to Mozilla I would agree, but I do > > not think that CAs should be credited for noticing mistakes when they > > try to sweep them under the rug. This is particularly true in the case > > of

Re: Remediation Plan for WoSign and StartCom

On 2016-10-19 01:37, Rob Stradling wrote: On 18/10/16 23:49, Gervase Markham wrote: On 18/10/16 15:42, Ryan Hurst wrote: I do not understand the desire to require StartCom / WoSign to not utilize their own logs as part of the associated quorum policy. My original logic was that it could be

Re: Remediation Plan for WoSign and StartCom

On 2016-10-14 10:19, Nick Lamb wrote: On Friday, 14 October 2016 02:21:36 UTC+1, Matt Palmer wrote: Will there be any requirements around the qualification status of the logs, or could anyone who wanted to be "nice" just stand up a log, and have these CAs obtain precerts from them? I don't

  1   2   3   4   >