Re: Apple's response to the WoSign incidents

[Percy]

On Tuesday, November 15, 2016 at 12:37:56 AM UTC-8, Thijs Alkemade wrote:
> On 13 Nov 2016, at 10:08, Percy  wrote:
> > 
> > I just found out that Apple doesn't limit "CA 沃通免费SSL证书 G2" intermediate CA 
> > even though Apple limited "WoSign CA Free SSL Certificate G2" intermediate 
> > CA. An example of site signed by"CA 沃通免费SSL证书 G2" intermediate CA  is 
> > https://www.chelenet.com/
> > 
> > Those two intermediate certs are treated by WoSign the same way and the 
> > translation of  "CA 沃通免费SSL证书 G2" is "WoSign CA Free SSL Certificate G2". 
> > Users can select whether the end cert is signed by "CA 沃通免费SSL证书 G2" or 
> > "WoSign CA Free SSL Certificate G2". All control measures are the same and 
> > the only difference is the language for marketing reasons. 
> > 
> > Hence, because Apple has chose to blocked "WoSign CA Free SSL Certificate 
> > G2", it makes sense to apply the same sanction on "CA 沃通免费SSL证书 G2", as 
> > they're in all senses the same.
> 
> Hi Percy,
> 
> I’ve been following Apple’s security updates to determine when the announced 
> block becomes active and how it is implemented. Using 10.11.6, with no 
> updates available, it appears this block is not yet active for me. There are 
> no errors when I try to visit https://inow.ua in Safari 
> (https://crt.sh/?id=43120524 appears to be the last certificate issued by 
> "WoSign CA Free SSL Certificate G2” which is currently still in use). In the 
> file 
> /System/Library/Security/Certificates.bundle/Contents/Resources/Allowed.plist 
> I only see two CINNIC roots listed.
> 
> Could you tell us what OS and version you used to determine that Apple has 
> limited "WoSign CA Free SSL Certificate G2”?
> 
> Best regards,
> Thijs Alkemade

You can also check this thread 
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/ZFOZCFW4K-s 
Ryan pointed out that the whitelist has been implemented in the newest version
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Thijs Alkemade]

On 13 Nov 2016, at 10:08, Percy  wrote:
> 
> I just found out that Apple doesn't limit "CA 沃通免费SSL证书 G2" intermediate CA 
> even though Apple limited "WoSign CA Free SSL Certificate G2" intermediate 
> CA. An example of site signed by"CA 沃通免费SSL证书 G2" intermediate CA  is 
> https://www.chelenet.com/
> 
> Those two intermediate certs are treated by WoSign the same way and the 
> translation of  "CA 沃通免费SSL证书 G2" is "WoSign CA Free SSL Certificate G2". 
> Users can select whether the end cert is signed by "CA 沃通免费SSL证书 G2" or 
> "WoSign CA Free SSL Certificate G2". All control measures are the same and 
> the only difference is the language for marketing reasons. 
> 
> Hence, because Apple has chose to blocked "WoSign CA Free SSL Certificate 
> G2", it makes sense to apply the same sanction on "CA 沃通免费SSL证书 G2", as 
> they're in all senses the same.

Hi Percy,

I’ve been following Apple’s security updates to determine when the announced 
block becomes active and how it is implemented. Using 10.11.6, with no updates 
available, it appears this block is not yet active for me. There are no errors 
when I try to visit https://inow.ua in Safari (https://crt.sh/?id=43120524 
appears to be the last certificate issued by "WoSign CA Free SSL Certificate 
G2” which is currently still in use). In the file 
/System/Library/Security/Certificates.bundle/Contents/Resources/Allowed.plist I 
only see two CINNIC roots listed.

Could you tell us what OS and version you used to determine that Apple has 
limited "WoSign CA Free SSL Certificate G2”?

Best regards,
Thijs Alkemade
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Tarah Wheeler]

If Apple is using wildcards that permit an otherwise-banned certificate, it 
seems like not only a regex problem--and who hasn¹t had those before?-- but 
also a rather disturbing workaround for certs that otherwise should not be 
respected. I just hit this site in Safari on a Mac and got no popup or 
interstitial but also saw about 20 insecure content errors (not that everyone 
has Error Console running all the time). I also just hit a site I knew had an 
invalid certificate, and got a popup. Both sites show https inURL.


Respectfully,

Tarah Wheeler
Principal Security Advocate
Senior Director of Engineering, Website Security
Symantec
ta...@symantec.com


> On Nov 13, 2016, at 1:01 PM, "dev-security-policy-requ...@lists.mozilla.org" 
> <dev-security-policy-requ...@lists.mozilla.org> wrote:
> 
> Send dev-security-policy mailing list submissions to
>  dev-security-policy@lists.mozilla.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>  https://lists.mozilla.org/listinfo/dev-security-policy
> or, via email, send a message with subject or body 'help' to
>  dev-security-policy-requ...@lists.mozilla.org
> 
> You can reach the person managing the list at
>  dev-security-policy-ow...@lists.mozilla.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of dev-security-policy digest..."
> 
> 
> Today's Topics:
> 
> 1. Re: Action on undisclosed intermediates (Peter Bowen)
> 2. Re: Action on undisclosed intermediates (Rob Stradling)
> 3. Re: Comodo issued a certificate for an extension (Eric Mill)
> 4. Re: Apple's response to the WoSign incidents (Percy)
> 
> 
> --
> 
> Message: 1
> Date: Sat, 12 Nov 2016 09:43:36 -0800
> From: Peter Bowen <pzbo...@gmail.com>
> To: Gervase Markham <g...@mozilla.org>
> Cc: "mozilla-dev-security-pol...@lists.mozilla.org"
>  <mozilla-dev-security-pol...@lists.mozilla.org>
> Subject: Re: Action on undisclosed intermediates
> Message-ID:
>  <cak6vnd_0odjsgoa5zxhxryeghtskaeccij76mco3q_vkrtj...@mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
> 
>> On Tue, Nov 8, 2016 at 8:18 AM, Gervase Markham <g...@mozilla.org> wrote:
>> I'd like to take some action about persistent failures to properly
>> disclose intermediates. The deadline for this was June, and CAs have had
>> a number of reminders, so there's no excuse.
>> 
>> Of course, if intermediates aren't disclosed, we can't be certain what
>> they are, but crt.sh has a good idea of many of them:
>> https://crt.sh/mozilla-disclosures#undisclosed
>> 
>> There is also a list on that page of certs which CAs have disclosed but
>> not provided audit info, but given that you can get off that list by
>> putting _anything_ in the relevant box in Salesforce, I'm worried about
>> perverse incentives if we go after people on that list at the moment:
>> https://crt.sh/mozilla-disclosures#disclosureincomplete
> 
> Based on data this morning, it looks like there are only two left on
> that undisclosed list.  One of them is RSA, who is already scheduled
> for removal.  The other is TurkTrust, which announced they are leaving
> the server auth cert business:
> https://cabforum.org/pipermail/public/2016-September/008475.html
> 
> So it seems this problem has resolved itself.  No need to invent
> random selection schemes.
> 
> Now, the real fun is going to be seeing if the supplied audit report
> URLs actually point to reports and if all the CAs claimed to be
> covered are actually covered ;)
> 
> Thanks,
> Peter
> 
> 
> --
> 
> Message: 2
> Date: Sat, 12 Nov 2016 20:11:50 +
> From: Rob Stradling <rob.stradl...@comodo.com>
> To: Peter Bowen <pzbo...@gmail.com>, Gervase Markham
>  <g...@mozilla.org>
> Cc: "mozilla-dev-security-pol...@lists.mozilla.org"
>  <mozilla-dev-security-pol...@lists.mozilla.org>
> Subject: Re: Action on undisclosed intermediates
> Message-ID: <734f7b4e-9911-d28e-acdc-a95afa440...@comodo.com>
> Content-Type: text/plain; charset=windows-1252
> 
>> On 12/11/16 17:43, Peter Bowen wrote:
>> 
>> So it seems this problem has resolved itself.  No need to invent
>> random selection schemes.
> 
> ISTM that the threat of random selection schemes may have been what
> resolved the problem.  ;-)
> 
> -- 
> Rob Stradling
> Senior Research & Development Scientist
> COMODO - Creating Trust Online
> 
> 
> --
> 
> Message: 3
> Date: Sat, 12 Nov 2016 23:12:48 -0500
> From: Eric Mill <e...@konklo

Re: Apple's response to the WoSign incidents

[Richard Wang]

I said many times that I am the Acting CEO of Wo sign now till the new CEO 
arrives.

Even I am not the CEO instead of an employee, I think I can response the email 
about WoSign that just tell everyone the fact, not representing the company 
making any new decision.

Please check my previous replied emails.

Best Regards,

Richard

> On 14 Nov 2016, at 04:46, Percy  wrote:
> 
>> On Saturday, October 1, 2016 at 2:02:25 AM UTC-7, 
>> certificate-au...@group.apple.com wrote:
>> Blocking Trust for WoSign CA Free SSL Certificate G2
>> 
>> Certificate Authority WoSign experienced multiple control failures in their 
>> certificate issuance processes for the WoSign CA Free SSL Certificate G2 
>> intermediate CA. Although no WoSign root is in the list of Apple trusted 
>> roots, this intermediate CA used cross-signed certificate relationships with 
>> StartCom and Comodo to establish trust on Apple products.
>> 
>> In light of these findings, we are taking action to protect users in an 
>> upcoming security update.  Apple products will no longer trust the WoSign CA 
>> Free SSL Certificate G2 intermediate CA.
>> 
>> To avoid disruption to existing WoSign certificate holders and to allow 
>> their transition to trusted roots, Apple products will trust individual 
>> existing certificates issued from this intermediate CA and published to 
>> public Certificate Transparency log servers by 2016-09-19. They will 
>> continue to be trusted until they expire, are revoked, or are untrusted at 
>> Apple’s discretion.
>> 
>> As the investigation progresses, we will take further action on 
>> WoSign/StartCom trust anchors in Apple products as needed to protect users.
>> 
>> Regards,
>> 
>> Apple Root Certificate Program
> 
> Richard,
> As the management reshuffling is part of WoSign/StartCom's response, may I 
> ask under what capacity are you still representing WoSign on this forum?
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Percy]

On Saturday, October 1, 2016 at 2:02:25 AM UTC-7, 
certificate-au...@group.apple.com wrote:
> Blocking Trust for WoSign CA Free SSL Certificate G2
> 
> Certificate Authority WoSign experienced multiple control failures in their 
> certificate issuance processes for the WoSign CA Free SSL Certificate G2 
> intermediate CA. Although no WoSign root is in the list of Apple trusted 
> roots, this intermediate CA used cross-signed certificate relationships with 
> StartCom and Comodo to establish trust on Apple products.
> 
> In light of these findings, we are taking action to protect users in an 
> upcoming security update.  Apple products will no longer trust the WoSign CA 
> Free SSL Certificate G2 intermediate CA.
> 
> To avoid disruption to existing WoSign certificate holders and to allow their 
> transition to trusted roots, Apple products will trust individual existing 
> certificates issued from this intermediate CA and published to public 
> Certificate Transparency log servers by 2016-09-19. They will continue to be 
> trusted until they expire, are revoked, or are untrusted at Apple’s 
> discretion.
> 
> As the investigation progresses, we will take further action on 
> WoSign/StartCom trust anchors in Apple products as needed to protect users.
> 
> Regards,
> 
> Apple Root Certificate Program

Richard,
As the management reshuffling is part of WoSign/StartCom's response, may I ask 
under what capacity are you still representing WoSign on this forum?
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Richard Wang]

WoSign stopped to issue free SSL certificate from those two intermediate CAs 
since Sept 29.


Best Regards,

Richard

> On 13 Nov 2016, at 17:07, Percy  wrote:
> 
> I just found out that Apple doesn't limit "CA 沃通免费SSL证书 G2" intermediate CA 
> even though Apple limited "WoSign CA Free SSL Certificate G2" intermediate 
> CA. An example of site signed by"CA 沃通免费SSL证书 G2" intermediate CA  is 
> https://www.chelenet.com/
> 
> Those two intermediate certs are treated by WoSign the same way and the 
> translation of  "CA 沃通免费SSL证书 G2" is "WoSign CA Free SSL Certificate G2". 
> Users can select whether the end cert is signed by "CA 沃通免费SSL证书 G2" or 
> "WoSign CA Free SSL Certificate G2". All control measures are the same and 
> the only difference is the language for marketing reasons. 
> 
> Hence, because Apple has chose to blocked "WoSign CA Free SSL Certificate 
> G2", it makes sense to apply the same sanction on "CA 沃通免费SSL证书 G2", as 
> they're in all senses the same.
> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Percy]

I just found out that Apple doesn't limit "CA 沃通免费SSL证书 G2" intermediate CA 
even though Apple limited "WoSign CA Free SSL Certificate G2" intermediate CA. 
An example of site signed by"CA 沃通免费SSL证书 G2" intermediate CA  is 
https://www.chelenet.com/

Those two intermediate certs are treated by WoSign the same way and the 
translation of  "CA 沃通免费SSL证书 G2" is "WoSign CA Free SSL Certificate G2". Users 
can select whether the end cert is signed by "CA 沃通免费SSL证书 G2" or "WoSign CA 
Free SSL Certificate G2". All control measures are the same and the only 
difference is the language for marketing reasons. 

Hence, because Apple has chose to blocked "WoSign CA Free SSL Certificate G2", 
it makes sense to apply the same sanction on "CA 沃通免费SSL证书 G2", as they're in 
all senses the same.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Percy]

On Saturday, October 1, 2016 at 9:03:38 PM UTC-7, Kurt Roeckx wrote:
> On Sat, Oct 01, 2016 at 11:35:06AM -0700, Percy wrote:
> > "Apple products will trust individual existing certificates issued from 
> > this intermediate CA and published to public Certificate Transparency log 
> > servers by 2016-09-19"
> > 
> > It seems that Apple has taken the explicit white-listed approach despite 
> > the size drawback mentioned in the other thread.
> 
> >From what I get, they check that it's been logged in CT. And I'm
> not sure what that means, like doing an online check against at CT
> log, require that the SCT has been stappled or have a whitelist.
> 
> 
> Kurt

Either way, this is far better than trusting a notBefore date of the certs when 
the main problem of WoSign is the  tampering of the notBefore date when the 
cover up when explicitly questioned about it. 
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Kurt Roeckx]

On Sat, Oct 01, 2016 at 11:35:06AM -0700, Percy wrote:
> "Apple products will trust individual existing certificates issued from this 
> intermediate CA and published to public Certificate Transparency log servers 
> by 2016-09-19"
> 
> It seems that Apple has taken the explicit white-listed approach despite the 
> size drawback mentioned in the other thread.

>From what I get, they check that it's been logged in CT. And I'm
not sure what that means, like doing an online check against at CT
log, require that the SCT has been stappled or have a whitelist.


Kurt

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Eric Mill]

On Sat, Oct 1, 2016 at 6:40 AM,  wrote:

> Do you have a link to that process and is it automated. Reason is I have a
> few hundred startSSL certs that my clients rely on.
>

Apple's statement was limited specifically to WoSign. StartSSL certificates
won't be affected, though they implied that action against StartCom could
depend on further results of the investigation. But even the WoSign action
is it's a whitelist that's limited to future certificates, so existing
certificates of any kind shouldn't be affected.

-- Eric


> ___
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
>



-- 
konklone.com | @konklone 
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Percy]

"Apple products will trust individual existing certificates issued from this 
intermediate CA and published to public Certificate Transparency log servers by 
2016-09-19"

It seems that Apple has taken the explicit white-listed approach despite the 
size drawback mentioned in the other thread. I know Apple is a OS vendor which 
probably makes such a deployment easier to implement. But the size of the 
whitelist is not really a concern over the desktop environment. So I hope 
Mozilla and Google can have a explicit whitelist approach on desktop while use 
the notBefore data on mobile to have the stronger safe guard when possible. 
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Apple's response to the WoSign incidents

[Peter Bowen]

On Sat, Oct 1, 2016 at 6:40 AM,   wrote:
> Do you have a link to that process and is it automated. Reason is I have a 
> few hundred startSSL certs that my clients rely on.

I can't speak for the specific process Apple is using, but in general
you can use https://crt.sh/ or
https://www.google.com/transparencyreport/https/ct/ (among many
others) to check and see if the certificates are logged in Certificate
Transparency logs.

As far as I know, StartCom has not actively logged certificates issued
in 2015 or earlier nor have they logged certificates issued in early
2016.  So it is very probable that some certificates are not logged.

Thanks,
Peter
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Apple's response to the WoSign incidents

[ramriot]

Do you have a link to that process and is it automated. Reason is I have a few 
hundred startSSL certs that my clients rely on.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Apple's response to the WoSign incidents

[certificate-authority-prog...@group.apple.com]

Blocking Trust for WoSign CA Free SSL Certificate G2

Certificate Authority WoSign experienced multiple control failures in their 
certificate issuance processes for the WoSign CA Free SSL Certificate G2 
intermediate CA. Although no WoSign root is in the list of Apple trusted roots, 
this intermediate CA used cross-signed certificate relationships with StartCom 
and Comodo to establish trust on Apple products.

In light of these findings, we are taking action to protect users in an 
upcoming security update.  Apple products will no longer trust the WoSign CA 
Free SSL Certificate G2 intermediate CA.

To avoid disruption to existing WoSign certificate holders and to allow their 
transition to trusted roots, Apple products will trust individual existing 
certificates issued from this intermediate CA and published to public 
Certificate Transparency log servers by 2016-09-19. They will continue to be 
trusted until they expire, are revoked, or are untrusted at Apple’s discretion.

As the investigation progresses, we will take further action on WoSign/StartCom 
trust anchors in Apple products as needed to protect users.

Regards,

Apple Root Certificate Program

___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy