Account confirmers, Anti-spam team, Confirmed users, Bureaucrats and Sysops emeriti
4,925
edits
CA/Symantec Issues: Difference between revisions
Jump to navigation
Jump to search
Update B
(Update B) |
|||
| Line 9: | Line 9: | ||
The issues are in broadly chronological order by end date. | The issues are in broadly chronological order by end date. | ||
==Issue B: 1024-bit Certificate | ==Issue B: Issuance of 1024-bit Certificate Expiring After Deadline (Dec 2013 - Jan 2014)== | ||
Symantec issued a cert to one of its customers | Symantec issued a cert to one of its customers that did not comply with at least one provision of both the CA/Browser Forum Baseline Requirements and Mozilla policy. It was a 1024-bit cert which expired after the end of 2013. Symantec believed this was the only technical way to ensure continuity of service for the customer concerned. | ||
This cert was backdated, but that is not a BR or Mozilla policy violation, as long as it was not done to evade a technical control. It | This cert was issued directly from the root. Recently, Symantec have produced a [https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/x_vrJtv7A0Y longer write-up] of the incident. In it, they point out that issuance from the root is permitted by [https://cabforum.org/wp-content/uploads/Baseline_Requirements_V1_1_6.pdf version BRs 1.1.6], the version in force at the time, if 5 conditions are met, and they say they were met. | ||
This cert was backdated, but that is not a BR or Mozilla policy violation, as long as it was not done to evade a technical control. It als so has a short serial number. Entropy in the serial number is a SHOULD in BRs 1.1.6. 20 bits of entropy is a MUST in the Mozilla policy ([https://github.com/mozilla/pkipolicy/blob/2.2/rootstore/policy.md version 2.2]), but it doesn't say it has to be in the serial number - it could be that they randomised the notBefore time. I am told Microsoft removed the allowance for doing entropy in the Date field on 11th November 2013, so this was a violation of their policies. Symantec say that they got a verbal exception from Microsoft. | |||
Symantec did not request permission to issue in advance, they disclosed the issuance at least a month after it had happened, and the replacement certificate (unlike the original) asserted a "BR Compliant" OID. | Symantec did not request permission to issue in advance, they disclosed the issuance at least a month after it had happened, and the replacement certificate (unlike the original) asserted a "BR Compliant" OID. | ||
| Line 25: | Line 27: | ||
===Further Comments and Conclusion=== | ===Further Comments and Conclusion=== | ||
The | Given that we did not query it at the time, we must accept that the BR criteria for direct issuance from the root were met. The Mozilla policy does not include the exceptions directly, but does reference BRs chapter 12, and so could be said to include the exceptions by reference. | ||
The issuance of a 1024-bit cert expiring after the deadline was both a BR and a Mozilla policy violation. Symantec say: "we did not engage the broader browser community due to the time pressure around the holiday." This seems like a weak excuse. | |||
The inclusion of a BR-compliant OID in a non-BR cert was disappointing, but can be accepted as an oversight. | |||
==Issue D: Test Certificate Misissuance (April 2009 - September 2015)== | ==Issue D: Test Certificate Misissuance (April 2009 - September 2015)== | ||