DigiNotar Removal Follow Up

Johnathan Nightingale

70

Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted root program. Complete revocation of trust is a decision we treat with careful consideration, and employ as a last resort.

Three central issues informed our decision:

1) Failure to notify. DigiNotar detected and revoked some of the fraudulent certificates 6 weeks ago without notifying Mozilla. This is particularly troubling since some of the certificates were issued for our own addons.mozilla.org domain.

2) The scope of the breach remains unknown. While we were initially informed by Google that a fraudulent *.google.com certificate had been issued, DigiNotar eventually confirmed that more than 200 certificates had been issued against more than 20 different domains. We now know that the attackers also issued certificates from another of DigiNotar’s intermediate certificates without proper logging. It is therefore impossible for us to know how many fraudulent certificates exist, or which sites are targeted.

3) The attack is not theoretical. We have received multiple reports of these certificates being used in the wild.

Mozilla has a strong history of working with CAs to address shared technical challenges, as well as responding to and containing breaches when they do arise. In an incident earlier this year we worked with Comodo to block a set of mis-issued certificates that were detected, contained, and reported to us immediately. In DigiNotar’s case, by contrast, we have no confidence that the problem had been contained. Furthermore, their failure to notify leaves us deeply concerned about our ability to protect our users from future breaches.

Staat der Nederlanden Certificates

DigiNotar issues certificates as part of the Dutch government’s PKIoverheid (PKIgovernment) program. These certificates are issued from a different DigiNotar-controlled intermediate, and chain up to the Dutch government CA (Staat der Nederlanden). The Dutch government’s Computer Emergency Response Team (GovCERT) indicated that these certificates are issued independently of DigiNotar’s other processes and that, in their assessment, these had not been compromised. The Dutch government therefore requested that we exempt these certificates from the removal of trust, which we agreed to do in our initial security update early this week.

The Dutch government has since audited DigiNotar’s performance and rescinded this assessment. We are now removing the exemption for these certificates, meaning that all DigiNotar certificates will be untrusted by Mozilla products. We understand that other browser vendors are making similar changes. We’re also working with our Dutch localizers and the Bits of Freedom group in the Netherlands to contact individual site operators using affected certificates (based on the EFF’s SSL Observatory data).

The integrity of the SSL system cannot be maintained in secrecy. Incidents like this one demonstrate the need for active, immediate and comprehensive communication between CAs and software vendors to keep our collective users safe online.

Johnathan Nightingale
Director of Firefox Engineering

70 responses

  1. brian wrote on :

    I just downloaded the latest version of Mozilla. Diginotar is still a trusted Cert. I had to manually remove them.

  2. David W wrote on :

    @brian – as Daniel Veditz says, the Diginotar roots are still present but are not trusted. This is a *higher* level of security – rather than “I don’t know this root, it may or may not be trustworthy”, this represents “I know this root and do not trust it”.

    If I understand Daniel Veditz’s comments correctly, ‘deleting’ a built in root merely saves an override in the user’s profile that removes all the trust bits on that root. If so, ‘deleting’ the Diginotar roots in Firefox 6.0.2 is a no-op.

  3. Mad Cow wrote on :

    Personally, I don’t understand why I am supposed to trust the majority of the included CA certs. In the main I can work with only one or two of them. I’d really like to distrust all but the few I need to use, but presumably this setting would revert each time I update the software (or at least whenever Mozilla decide to change the trust status of a cert).

    IMO we need to find ways to minimise our dependancy on intermediate organisations like Mozilla to make trust judgements on our behalf. With all respect, this is not their core business. Perhaps an idea for a new plug-in?

  4. Everyone wrote on :

    @Ferdinand – “Well done, giving us a quick and clear resolution.”

    It was neither quick or clear. After all the conversations between the developers Brian and Robert.
    This decision should have been made instantly.
    Instead we got Firefox 6.0.1

  5. amib wrote on ::

    Thanks Mozilla for punishing DigiNotar

    Not caring about people security can make big trouble for people in countries like Iran, Syria and some other countries.

    Government is using MITM to steal personal information.

    Please be more sensitive to security
    It’s sometimes related to life of people.

  6. Yield wrote on ::

    Peoples might also want to remove this ”trusted” certificat authority from their OS.

    In OS X, this can be done in KeyChains. A simple research for DigiNotar in KeyChains will help you find it. In the ”trust tab” just change the status to ”never trust”

    In Windows, you must use a MMC and add the Certificat SNAP IN, then find DigiNotar and to the same as in OS X… Roughly…

  7. ER wrote on :

    Diginotar is back for me too :(
    6 of them listed under certificates in Advanced Tab

  8. shahin wrote on :

    12:26 AM
    9/9/2011
    #################### NEW DigiNotar show on View Certificates !!! ########

    DigiNotar >
    DigiNotar Root CA
    DigiNotar Services 1024 CA
    DigiNotar Cyber CA
    DigiNotar Cyber CA

    DigiNotar B.V. >
    DigiNotar PKIoverheid CA Overheid en Bedrijven
    DigiNotar PKIoverheid CA Organisatie – G2

    Please checccckkkk this Mozillaaaa

  9. sherry wrote on ::

    need to get rid of bugs on my laptop its slowing my computer down

  10. Daniel Veditz wrote on :

    shahin, ER, brian:

    Please go to the “About” dialog and confirm you have Firefox 6.0.2 (or 3.6.22). That is the version that contains the fixes.

    In the advanced certificates dialog DigiNotar should show up in the “Servers” tab, not the “Authorities” tab. If you view any of them it should say “Could not verify this certificate for unknown reasons” and the serial number should be 0F:FF:FF:FF (the root one has a lot more FF’s). If you switch to the Details view there should be no checkmarks in the SSL, Mail, or Code columns.

    There may be a DigiNotar root left in the Authorities tab, listed as “Software Security Device” rather than “Built-in Object Token”. That’s a cached copy you can delete if you like, but if you open it it should also say “Could not verify this certificate for unknown reasons” at the top. That wording means it’s an invalid certificate and will not be trusted.

  11. Fred5 wrote on :

    @Daniel Veditz {Friday September 9, 2011 @ 11:18 am}

    The about box for Firefox shows I am using 6.0.2

    When I look at the certificates there are no DigiNotar items listed under the Servers tab. However, there are certificates listed as being DigiNotar (4 certificates) and DigiNotar B.V. (2 certificates) listed under the Authorities tab.

    This is a screenshot of the Authorities tab:

    http://imageshack.us/photo/my-images/14/certmanagerdiginotaraut.png/

    The DigiNotar certificates all say “Could not verify this certificate for unknown reasons” and the serial numbers are what you say they should be.

    This is a screenshot of the Servers tab:

    http://imageshack.us/photo/my-images/202/certmanagerservers.png/

    I am not sure what all those other certificates came from but as you can clearly see there are no DigiNotar certs listed.

    Could you please clarify what in the world is going on and whether or not the appropriate certificates have been revoked.

    Thank You

  12. Fred5 wrote on :

    @Daniel Veditz {Friday September 9, 2011 @ 11:18 am}

    I am using Firefox 6.0.2 and the DigiNotar certificates are showing up under the “Authorities” tab as DigiNotar (4 certificates) and DigiNotar B.V. (2 certificates). There is no sign of them being listed under the “Servers” tab. When you view the certificates they say “Could not verify…” and the serial numbers are as you describe them.

    I have made screenshots of the relevant tabs in the Certificate Manager to hopefully clarify what I am saying. (I have no idea what all those other certificates are doing listed under the Servers tab or how long they have been there. I did not add them.)

    http://imageshack.us/photo/my-images/14/certmanagerdiginotaraut.png/

    http://imageshack.us/photo/my-images/202/certmanagerservers.png/

  13. smo wrote on :

    The problem is old, so old, even the Roman empire had problems with it – in legal spheres the issue is known as “Quis custodiet ipsos custodes” – who certifies certifiers. Of course the humanity still has taken some time since to get to Toqueville and separation of powers, It looks, however, we still have some mileage to go.

    Any society is built fundamentally on trust, i.e. on assuming everybody acts and behaves the proper and expected way. At the same time it depends crucially all those who break these same rules (!) to keep evolving. In other words, it stinks, but we have to keep our noses operational.

  14. Lars V wrote on :

    It hass been said by several in this thread that the trust bits can’t be changed for these certificates – but they can! Nothing prevents a user with admin rights to revert the changes and effectively make the certificates trusted again?

  15. Lars V wrote on :

    @Fred5 {Friday September 9, 2011 @ 11:50 pm}

    The “default” list in the depicted “Servers” tab are the same as the current list of untrusted/fraudulent certificates in Windows. Those were added in similar patches earlier. Certificates issued to a specific server/domain show up here, as opposed to root certificates and intermediate certificate authorities. Viewing the trust properties will indicate the level of trust and associated trust categories.

    EXAMPLE:

    If you select one of them and click “Edit Trust…”, you will see a radio button, most likely indicating “Do not trust this certificate”, and a “Edit CA Trust” button below it. Clicking the CA trust button will bring up three checkboxes for each trust category. All should be *unselected* for a untrusted certificate.

    The bulk of the untrusted certificates in the “Servers” tab are flagged as “Fraudulent” in Windows. The bulk of them were issued by a CA that’s not normally listed in the CA lists. The fraudulent Microsoft certificates were issued to an entity that fraudulently posed as being VeriSign.

    Once the DigiNotar certificates had been flagged as “Untrusted” in Windows, they also showed up in the same list, with the “Untrusted” flag in the last coloumn.

    ======

    What I don’t like in Firefox is that patches to the certificate store can be reverted by the computer administrator, even for changes that should be permanent like the DigiNotar certs and the fraudulent ones mentioned above… :-(

  16. Shahin wrote on :

    Hello again
    yes i am using FireFox 6.0.2 and reinstall and clear all cache and folder many times .
    DigiNotar showing up under authorities tab some like all screenshot from my dear friend Fred5 !!!!!!!!!!
    tanks Fred5
    It is interesting that there are not delete from autho… tab !!!
    DigiNotar form IE and chrome certif… showing up in untrusted tab
    but Firefox !!!

    http://imageshack.us/photo/my-images/14/certmanagerdiginotaraut.png/
    http://imageshack.us/photo/my-images/202/certmanagerservers.png/

    tanks for Your attention
    Sorry for my BL .

  17. Peter Besenbruch wrote on :

    I keep finding the Diginotar certificates in version 6.02 of Firefox under the “Authorities” tab. Why are they there?

  18. Daniel Veditz wrote on :

    Fred5 and Peter Besenbruch: if the DigiNotar certs say “Could not verify this certificate for unknown reasons” at the top when you double-click to view them then you have the fix, whichever tab you’re finding the certificates under.

    If they do NOT say that please send mail to security@mozilla.org so we can work with you to investigate this issue. It’s next to impossible to carry on the conversation we’d need in blog comments.

  19. Daniel Veditz wrote on :

    Lars V: If you have a malicious administrator you’ve got problems, regardless of what Mozilla does. Parts of this fix are in code and cannot be overridden short of replacing Firefox itself with a hacked up copy — which of course an administrator could do. Parts of this fix were done by playing games with the built-in certificate database that could be more easily undone by a malicious administrator.

    I know at least one European country issues certificates on smartcards to citizens, where the smartcard also contains some root certificates (more than just the one needed for the client certificate). If you had that kind of set-up it’s likely the smartcard copy of DigiNotar would take precedence over the marked-bad built-in copy. By plugging in a trust module like that you are substituting that source’s trust for the Mozilla list. This is great if you trust that source more than Mozilla (for example, US gov employees in some departments override the Mozilla list this way), a problem if you don’t trust the people who issued the smartcard.

  20. Mohamed wrote on ::

    I TRUST YOU BUT I HOPE THAT THE PREVIOUS ERRORS will not happen again thank you a lot for what you offer

More comments: 1 2