CA/Additional Trust Changes: Difference between revisions
(→Symantec: changed plan to consensus proposal) |
(→Symantec: status/plan updates) |
||
| Line 20: | Line 20: | ||
==Symantec== | ==Symantec== | ||
In accordance [https://groups.google.com/d/topic/mozilla.dev.security.policy/FLHRT79e3XE/discussion with the consensus proposal that was adopted in 2017], Mozilla | In accordance [https://groups.google.com/d/topic/mozilla.dev.security.policy/FLHRT79e3XE/discussion with the consensus proposal that was adopted in 2017], Mozilla began to distrust Symantec (including GeoTrust, RapidSSL, and Thawte) certificates issued before 1-June 2016 starting in Firefox 60, and plans to distrust Symantec certificates regadless of the date of issuance starting in Firefox 64, unless they are issued by whitelisted subordinate CAs that have the following SHA-256 Subject Public Key hashes (subjectPublicKeyInfo): | ||
Apple:<br /> | Apple:<br /> | ||
| Line 45: | Line 45: | ||
Note: In some instances, multiple subordinate CAs contain the same public key, necessitating whitelisting by subjectPublicKeyInfo. Refer to ([https://bugzilla.mozilla.org/show_bug.cgi?id=1409257 Bug 1409257]) for more information. | Note: In some instances, multiple subordinate CAs contain the same public key, necessitating whitelisting by subjectPublicKeyInfo. Refer to ([https://bugzilla.mozilla.org/show_bug.cgi?id=1409257 Bug 1409257]) for more information. | ||
The [https://support.mozilla.org/en-US/kb/about-config-editor-firefox Firefox preference] "security.pki.distrust_ca_policy" may be set to ' | The [https://support.mozilla.org/en-US/kb/about-config-editor-firefox Firefox preference] "security.pki.distrust_ca_policy" may be set to '2' to enable distrust (regardless of issuance date) and '0' to override these changes. Mozilla plans to remove this preference in Firefox 65. | ||
In a future Firefox release, we expect to remove the whitelist, and remove the ‘websites’ trust bit from all Symantec roots. The timing of these changes, and any changes to the ‘email’ trust bit (S/MIME) have not yet been determined. | In a future Firefox release, we expect to remove the whitelist, and remove the ‘websites’ trust bit from all Symantec roots. The timing of these changes, and any changes to the ‘email’ trust bit (S/MIME) have not yet been determined. | ||
Revision as of 22:17, 26 October 2018
The Mozilla Root Program's official repository of the roots it trusts is certdata.txt. Some information about the level of trust in each root is included in that file - for example, whether it's trusted for server SSL, S/MIME or both. However, not all restrictions recommended by Mozilla on the roots can be or are encoded in certdata.txt. Some are implemented in our security library, "NSS", or in Firefox and Thunderbird (so-called "PSM").
Sometimes, other companies and organizations decide to use Mozilla's root store in their products. As the CA FAQ notes, Mozilla does not promise to take into account the needs of other users of its root store when making decisions. However, for the benefit of such users and on a best-efforts basis, this page documents the additional trust settings that Mozilla recommends.
Extended Validation (EV)
The status of whether a root is approved to issue EV certificates or not is stored in PSM rather than certdata.txt.
OneCRL
While not technically a modification to the root store as we don't use it for un-trusting roots, Mozilla's OneCRL system is used for communicating information about the revocation of intermediate certificates (and high-profile misissued end-entity certificates) to Firefox clients.
ANSSI
The French Government CA is name-constrained to those ccTLDs whose geographies are under the jurisdiction of France - that is, .fr, .gp, .gf, .mq, .re, .yt, .pm, .bl, .mf, .wf, .pf, .nc, and .tf. The code for that is in NSS.
Kamu SM
The Turkish Government CA is name-constrained to a set of turkish toplevel domains - that is, .gov.tr, .k12.tr, .pol.tr, .mil.tr, .tsk.tr, .kep.tr, .bel.tr, .edu.tr and .org.tr. The code for that is in NSS.
Symantec
In accordance with the consensus proposal that was adopted in 2017, Mozilla began to distrust Symantec (including GeoTrust, RapidSSL, and Thawte) certificates issued before 1-June 2016 starting in Firefox 60, and plans to distrust Symantec certificates regadless of the date of issuance starting in Firefox 64, unless they are issued by whitelisted subordinate CAs that have the following SHA-256 Subject Public Key hashes (subjectPublicKeyInfo):
Apple:
- c0554bde87a075ec13a61f275983ae023957294b454caf0a9724e3b21b7935bc
- 56e98deac006a729afa2ed79f9e419df69f451242596d2aaf284c74a855e352e
- 7289c06dedd16b71a7dcca66578572e2e109b11d70ad04c2601b6743bc66d07b
- fae46000d8f7042558541e98acf351279589f83b6d3001c18442e4403d111849
- b5cf82d47ef9823f9aa78f123186c52e8879ea84b0f822c91d83e04279b78fd5
- e24f8e8c2185da2f5e88d4579e817c47bf6eafbc8505f0f960fd5a0df4473ad3
- 3174d9092f9531c06026ba489891016b436d5ec02623f9aafe2009ecc3e4d557
Google:
DigiCert:
- 8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
- b94c198300cec5c057ad0727b70bbe91816992256439a7b32f4598119dda9c97
- 7cac9a0ff315387750ba8bafdb1c2bc29b3f0bba16362ca93a90f84da2df5f3e
- ac50b5fb738aed6cb781cc35fbfff7786f77109ada7c08867c04a573fd5cf9ee
Note: In some instances, multiple subordinate CAs contain the same public key, necessitating whitelisting by subjectPublicKeyInfo. Refer to (Bug 1409257) for more information.
The Firefox preference "security.pki.distrust_ca_policy" may be set to '2' to enable distrust (regardless of issuance date) and '0' to override these changes. Mozilla plans to remove this preference in Firefox 65.
In a future Firefox release, we expect to remove the whitelist, and remove the ‘websites’ trust bit from all Symantec roots. The timing of these changes, and any changes to the ‘email’ trust bit (S/MIME) have not yet been determined.