Revoking Trust in Two TurkTrust Certificates

mcoates

11

Update: For clarification, the last sentence of this post references our actions to suspend inclusion of a TURKTRUST root certificate. There are currently two TURKTRUST root certificates included in Mozilla’s CA Certificate program. TURKTRUST had requested that a newer root certificate be included, and their request had been approved and was in Firefox 18 beta. However, due to the mis-issued  intermediate certificates, we decided to suspend inclusion of their new root certificate for now.

Issue

TURKTRUST, a certificate authority in Mozilla’s root program, mis-issued two intermediate certificates to customers. TURKTRUST has scanned their certificate database and log files and confirmed that the mistake was made for only two certificates.

This is not a Firefox-specific issue. Nevertheless, we are concerned that at least one of the mis-issued intermediate certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control. We are also concerned that the private keys for these certificates were not kept as secure as would be expected for intermediate certificates.

Impact

An intermediate certificate that is used for MITM allows the holder of the certificate to decrypt and monitor communication within their network between the user and any website. Additionally, If the private key to one of the mis-issued intermediate certificates was compromised, then an attacker could use it to create SSL certificates containing domain names or IP addresses that the certificate holder does not legitimately own or control. An attacker armed with a fraudulent SSL certificate and an ability to control their victim’s network could impersonate websites in a way that would be undetectable to most users. Such certificates could deceive users into trusting websites appearing to originate from the domain owners, but actually containing malicious content or software.

Status

Mozilla is actively revoking trust for the two mis-issued certificates which will be released to all supported versions of Firefox in the next update on Tuesday 8th January.

We have also suspended inclusion of the “TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007” root certificate, pending further review.

Additional action regarding this CA will be discussed in the mozilla.dev.security.policy forum.

Credit

This issue was initially reported to us by Google, Inc.

 

Michael Coates
Director of Security Assurance

11 responses

  1. Daniel Veditz wrote on :

    Additional technical details were supplied by Turktrust in a thread on our mozilla.dev.security.policy newsgroup: https://groups.google.com/forum/?fromgroups=#!topic/mozilla.dev.security.policy/aqn0Zm-KxQ0

  2. Gaz Davidson wrote on ::

    IMO Mozilla should treat self-signed certificates and CA signed ones almost equally. Cache certificates and issue warnings whenever they are new or changed regardless of who signed them, and encourage websites to use self-signed certificates. Unverifyable encryption is better than no encryption and should be the default.

    1. Andrew Aitchison wrote on :

      The “Certificate-Patrol” and “Perspectives” addons might interest you.
      Not quite the same as having then built in to firefox, since they only protect users who install them, but CertPatrol warns when certificates change and “Pespectives” provides
      an independent cache so you get some protection when you visit a site for the first time.

      I take it you know about DANE
      https://wiki.mozilla.org/Security/DNSSEC-TLS-details
      which uses DNSSEC to sign TLS certificates, making the DNS operators act as CAs.

  3. Peter wrote on ::

    Thanks for the blog post. Are the two mis-issued certificates available somewhere?

    1. Biondir wrote on :

      I have seen some certificate posted at the related newsgroup entry in Mozilla’s security list.

  4. Daniel Veditz wrote on :

    A better link to the Turktrust explanation: http://www.turktrust.com.tr/kamuoyu-aciklamasi.2.html

  5. Thomas Léo Horn wrote on :

    Why are you not suspend the inclusion of the other root certificate by TÜRKTRUST too? The mis-issued certificates were discovered by Google and not disclosed by TÜRKTRUST first. So, TÜRKTRUST proofed to be unable to serve as a CA in a reliable way and consequently all their root certificates should be banned from Mozilla’s CA Certificate program.

  6. Anonymous coward wrote on :

    Things got very interesting as google.com /gmail got involved.
    This was not an co incidence or accident.

  7. Max wrote on :

    Both TürkTrust certificates are still in 18.0 and 21.0a1 as of Jan 9th.

  8. uçak bileti wrote on ::

    thank you for that post.. that really important imformations about TURKTRUST .. you have to share more documents like that . take care

  9. John wrote on :

    Nice!