[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#639744: Compromised certificates for *.google.com issued by DigiNotar Root CA

On Wed, Aug 31, 2011 at 11:02:53PM -0500, Raphael Geissert wrote:
> On Tuesday 30 August 2011 23:30:19 Mike Hommey wrote:
> > On Wed, Aug 31, 2011 at 06:26:26AM +0200, Mike Hommey wrote:
> > > So, I'll put that on tiredness. That'd be several fraudulent
> > > certificates which fingerprint is unknown (thus even CRL, OCSP and
> > > blacklists can't do anything), and the mitigation involves several
> > > different intermediate certs that are cross-signed, which makes it kind
> > > of hard. Plus, there is the problem that untrusting the DigiNotar root
> > > untrusts a separate PKI used by the Dutch government.
> 
> AFAICS, this last part is not true. The gov has one Root and DigiNotar's 
> PKIOverheid is one if its leafs.
> Other DigiNotar CAs are the one derived from Entrust (seems to have been 
> revoked), and a PKIOverheid G2 that I've seen mentioned in a few places (also 
> derived from Entrust?)

Well, reality is that the Firefox 6.0.1 release, which has a white least
for Staat der Nederlanden Root CA but not Staat der Nederlanden Root CA
- G2, effectively prevents from going to a couple of dutch government
sites.
Considering it has been found that the PSM side blacklist doesn't work,
that suggests that the root CA removal alone is responsible for the
situation, but I could be wrong.

> > > Add to the above that untrusting a root still allows users to override
> > > in applications, and we have no central way to not allow that. Aiui, the
> > > mozilla update is going to block overrides as well, but that involves
> > > the application side. NSS won't deal with that.
> > 
> > See https://bugzilla.mozilla.org/show_bug.cgi?id=682927 which is now
> > open.
> 
> Thanks for the link.
> 
> FWIW, it seems that the government is ACKing [3] that DigiNotar re-signs 
> certificates with its PKIOverheid CA for non-gov users of its now-untrusted 
> DigiNotar Root CA.
> 
> Action items based on what others are doing:
> 1. Disable DigiNotar Root CA: done
> 2. Disable other DigiNotar CAs (derived from Entrust)[4]: not done

There are 3 of them iirc.

> 3. Still permit Staat der Nederlanden CA and PKIoverheid: nothing to be done
> 
> Item 2 is handled by Mozilla by matching /^DigiNotar/ and marking them as 
> untrusted at the PMS level.

And that currently doesn't work. It seems reasonable to wait for a more
correct fix there before uploading ice*. There may be another nss round
before that, though, for the Entrust certs. Please also note that Kai
Engert is going to work on a NSS patch to handle the whole think at NSS
level which would port what PSM does for SSL to S/MIME and other uses of
NSS. I'm not sure this will be easily backportable, though.

Mike
Reply to: