CA/Forbidden or Problematic Practices: Difference between revisions

No edit summary
Line 102: Line 102:
Please test your OCSP responder within the Firefox browser by enforcing OCSP as per our [[CA:Recommended_Practices#OCSP|CA Recommended Practices for OCSP.]]
Please test your OCSP responder within the Firefox browser by enforcing OCSP as per our [[CA:Recommended_Practices#OCSP|CA Recommended Practices for OCSP.]]


=== CRL with critical CIDP Extension ===
=== SHA-1 Certificates ===
SHA-1 certificates may be compromised when attackers can create a fake cert that hashes to the same value as one with a legitimate signature, and is hence trusted. Mozilla can mitigate this potential vulnerability by turning off support for SHA-1 based signatures. The SHA-1 root certificates don’t necessarily need to be removed from NSS, because the signatures of root certificates are not validated (roots are self-signed). Disabling SHA-1 will impact intermediate and end entity certificates, where the signatures are validated.


Currently Firefox handles "full" CRLs, but not "partitioned" CRLs.  Partitioned CRLs are identified by the presence of a CRL Issuing Distribution Point (CIDP) extension flagged as critical.  Firefox is not presently able to load CRLs with critical CIDP extensions. When attempting to load a CRL with a critical CIDP extension, Firefox will return the error code ffffe095, which is equivalent to the negative decimal number -8043. According to the [http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html NSS Error Codes] this error corresponds to SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION.
There are still many end entity certificates that would be impacted if support for SHA-1 based signatures was turned off. Therefore, we are hoping to give CAs time to react, and are planning to turn off support for SHA-1 based signatures in 2017. Note that Mozilla will take this action earlier if needed to keep our users safe.


The NSS team hopes to eventually implement partitioned CRLs, and when that work is done, Firefox should allow CRLs with critical CIDP extensions. However, even when that is done, older versions of Firefox will still not be able to load CRLs with critical CIDP extensions.
CA should not be issuing new SHA-1 certificates, and should be migrating their customers off of SHA-1 intermediate and end-entity certificates.


Our recommendation is to not put critical CIDP extensions into full CRLs, and to make full CRLs available for download when practical.
If the CA still needs to issue SHA-1 certificates for compatibility reasons, then those SHA-1 certificates should expired before 2017.


=== Generic names for CAs ===
=== Generic names for CAs ===
Confirmed users, Administrators
5,526

edits