Wayne Thayer via dev-security-policy
2018-01-24 20:20:24 UTC
I want to directly notify all CAs in the Mozilla program of the recently
exposed issues with domain validation methods and of some upcoming
deadlines. A draft is available below and at
https://wiki.mozilla.org/CA/Communications#January_2018_CA_Communication
I would appreciate your prompt and constructive feedback on this message -
I'd like to get it sent out this week.
Thanks,
Wayne
=======================
Dear Certification Authority,
Because 2018 has already generated some important news for Certification
Authorities, we are sending this message to ensure that every CA in the
Mozilla program is aware of the following current events and impending
deadlines:
1. On 9-January, the CA “Let’s Encrypt” disclosed a vulnerability in the
ACME domain validation method known as TLS-SNI-01, which is an
implementation of the more general method described in BR 3.2.2.4.10. [1] A
subsequent vulnerability was disclosed on 11-January affecting the
validation method described in BR 3.2.2.4.9. [2] Mozilla expects all CAs to
be monitoring discussion in the mozilla.dev.security.policy forum and for
any CA that employs either of these methods to disclose that fact on the
list. From now on, Mozilla expects that CAs will not use these methods
unless they have implemented and disclosed a mitigation for the
vulnerabilities that have been discovered.
2. On 19-December, significant concerns were raised about the reliability
of the domain validation methods specified in BR 3.2.2.4.1 and 3.2.2.4.5.
[3] Since then, discussions on the CA/Browser Forum Public list have
resulted in a proposed ballot to prohibit the use of these methods after
1-August 2018. [4] If your CA uses either of these methods, please evaluate
your implementation for vulnerabilities and be prepared to discontinue
their use prior to the deadline if ballot 218 succeeds.
3. Sections 5.3.1 and 5.3.2 of Mozilla Root Store Policy version 2.5 [5]
require CAs to publicly disclose (via CCADB [6]) all subordinate CA
certificates including those used to issue email S/MIME certificates by
15-January unless they are technically constrained to a whitelist of
domains. We have since changed the compliance deadline to 15-April 2018.
Certificate monitors have detected over 200 certificates that currently do
not comply with this new policy. [7] Please ensure that your CA is in
compliance before 15-April 2018.
4. In our November 2017 CA Communication [8], Mozilla asked all CAs with
roots enabled for websites (SSL) to complete a BR self-assessment [9] by
31-January and send it to Kathleen. If you have not yet done so, please
complete this work. If you requested an extension, your deadline is
15-April 2018.
5. If you are one of the CAs that indicated in your response to the
November 2017 CA Communication that you need more time to update your CPS
to comply with version 2.5 of the Mozilla Root Store Policy, please
complete the updates no later than 15-April 2018. Mozilla feels that four
months is more than long enough to make a CPS change.
6. On 17-March 2017, in ballot 193, the CA/Browser Forum set a deadline of
1-March 2018 after which newly-issued SSL certificates must not have a
validity period greater than 825 days, and the re-use of validation
information must be limited to 825 days. As with all other baseline
requirements, Mozilla expects all CAs in the program to comply.
Participation in Mozilla's CA Certificate Program is at our sole
discretion, and we will take whatever steps are necessary to keep our users
safe. Nevertheless, we believe that the best approach to safeguard that
security is to work with CAs as partners, to foster open and frank
communication, and to be diligent in looking for ways to improve. Thank you
for your cooperation in this pursuit.
Regards,
Wayne Thayer
Mozilla CA Program Manager
[1]
https://groups.google.com/d/msg/mozilla.dev.security.policy/RHsIInIjJA0/LKrNi35aAQAJ
[2]
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/PiOiGCyuxCU
[3] https://cabforum.org/pipermail/public/2017-December/012630.html
[4] https://cabforum.org/pipermail/public/2018-January/012819.html
[5]
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
[6] http://ccadb.org/cas/intermediates
[7]
https://groups.google.com/d/msg/mozilla.dev.security.policy/sKhPTsIYNqs/Q-_ZKmDVAQAJ
[8]
https://wiki.mozilla.org/CA/Communications#November_2017_CA_Communication
[9] https://wiki.mozilla.org/CA/BR_Self-Assessment
exposed issues with domain validation methods and of some upcoming
deadlines. A draft is available below and at
https://wiki.mozilla.org/CA/Communications#January_2018_CA_Communication
I would appreciate your prompt and constructive feedback on this message -
I'd like to get it sent out this week.
Thanks,
Wayne
=======================
Dear Certification Authority,
Because 2018 has already generated some important news for Certification
Authorities, we are sending this message to ensure that every CA in the
Mozilla program is aware of the following current events and impending
deadlines:
1. On 9-January, the CA “Let’s Encrypt” disclosed a vulnerability in the
ACME domain validation method known as TLS-SNI-01, which is an
implementation of the more general method described in BR 3.2.2.4.10. [1] A
subsequent vulnerability was disclosed on 11-January affecting the
validation method described in BR 3.2.2.4.9. [2] Mozilla expects all CAs to
be monitoring discussion in the mozilla.dev.security.policy forum and for
any CA that employs either of these methods to disclose that fact on the
list. From now on, Mozilla expects that CAs will not use these methods
unless they have implemented and disclosed a mitigation for the
vulnerabilities that have been discovered.
2. On 19-December, significant concerns were raised about the reliability
of the domain validation methods specified in BR 3.2.2.4.1 and 3.2.2.4.5.
[3] Since then, discussions on the CA/Browser Forum Public list have
resulted in a proposed ballot to prohibit the use of these methods after
1-August 2018. [4] If your CA uses either of these methods, please evaluate
your implementation for vulnerabilities and be prepared to discontinue
their use prior to the deadline if ballot 218 succeeds.
3. Sections 5.3.1 and 5.3.2 of Mozilla Root Store Policy version 2.5 [5]
require CAs to publicly disclose (via CCADB [6]) all subordinate CA
certificates including those used to issue email S/MIME certificates by
15-January unless they are technically constrained to a whitelist of
domains. We have since changed the compliance deadline to 15-April 2018.
Certificate monitors have detected over 200 certificates that currently do
not comply with this new policy. [7] Please ensure that your CA is in
compliance before 15-April 2018.
4. In our November 2017 CA Communication [8], Mozilla asked all CAs with
roots enabled for websites (SSL) to complete a BR self-assessment [9] by
31-January and send it to Kathleen. If you have not yet done so, please
complete this work. If you requested an extension, your deadline is
15-April 2018.
5. If you are one of the CAs that indicated in your response to the
November 2017 CA Communication that you need more time to update your CPS
to comply with version 2.5 of the Mozilla Root Store Policy, please
complete the updates no later than 15-April 2018. Mozilla feels that four
months is more than long enough to make a CPS change.
6. On 17-March 2017, in ballot 193, the CA/Browser Forum set a deadline of
1-March 2018 after which newly-issued SSL certificates must not have a
validity period greater than 825 days, and the re-use of validation
information must be limited to 825 days. As with all other baseline
requirements, Mozilla expects all CAs in the program to comply.
Participation in Mozilla's CA Certificate Program is at our sole
discretion, and we will take whatever steps are necessary to keep our users
safe. Nevertheless, we believe that the best approach to safeguard that
security is to work with CAs as partners, to foster open and frank
communication, and to be diligent in looking for ways to improve. Thank you
for your cooperation in this pursuit.
Regards,
Wayne Thayer
Mozilla CA Program Manager
[1]
https://groups.google.com/d/msg/mozilla.dev.security.policy/RHsIInIjJA0/LKrNi35aAQAJ
[2]
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/PiOiGCyuxCU
[3] https://cabforum.org/pipermail/public/2017-December/012630.html
[4] https://cabforum.org/pipermail/public/2018-January/012819.html
[5]
https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/
[6] http://ccadb.org/cas/intermediates
[7]
https://groups.google.com/d/msg/mozilla.dev.security.policy/sKhPTsIYNqs/Q-_ZKmDVAQAJ
[8]
https://wiki.mozilla.org/CA/Communications#November_2017_CA_Communication
[9] https://wiki.mozilla.org/CA/BR_Self-Assessment