Fraudulent * Certificate

Update (Sept. 6, 2011 @10:37 a.m. PT):

New security updates for Firefox are now available.

Update (8.30.11 @ 11:25 p.m. PT)

Mozilla just released an update to Firefox for Desktop, Thunderbird and SeaMonkey. Updates are now available for:
•    Firefox for Windows, Mac and Linux (final release)
•    Firefox for Windows, Mac and Linux (3.6.21 final release)
•    Firefox Aurora for Windows, Mac and Linux
•    Firefox Nightly for Windows, Mac and Linux
•    SeaMonkey (2.3.2)
•    Thunderbird (6.0.1)

We strongly recommend that all users upgrade to these releases.

If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. Users can also manually check for updates if they do not want to wait for the automatic update.

New versions of Firefox for Mobile (final release and Beta), Firefox Beta for Desktop and Thunderbird will be released shortly.


Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc. This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users.

Impact to users

Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild.


Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates. Users can also manually disable the DigiNotar root through the Firefox preferences.


This issue was reported to us by Google, Inc.


Johnathan Nightingale
Director of Firefox Development


65 comments on “Fraudulent * Certificate”

  1. SteveL wrote on

    The big issue here is not so much punishment as this fact: nobody knows how many other certificates were issued off the DigiNotar root CA. They haven’t disclosed which ones were issued and revoked -and they clearly don’t know which certificates were issued. Currently, the only way to defend against any other rogue certificates is to block DigiNotar.

    Once more details become clear it may be possible to block all certs issued within a specific time period, but right now the overreaction is the safest action.

  2. pmhparis wrote on

    Mozilla should NOT be silently adding cert auths silently the way they have been doing over the past few years. At a minimum we should be given a one time option “do you wish to vett every new cert auth?” on upgrades so that we can refuse such aberrations as chungwa telecom. I have banking clients that have more than enough problems with fishing attacks from china without having to worry about MITM attachs from a root auth they never wanted in the first place.

    Also, I see no reason why the hard coded root certs show up again after a relaunch once the user takes the time to go into the options & remove them. Give an option to reset certs to default values if you want to help those that get into trouble by over deleting. The current setup is leading to a crisis in confidence in all the Mozilla tools among those who take security into account when which browsers are validated for use by governmental & company employees.

  3. joao wrote on

    Or you can simply do, like I did some time ago, on advice by Steven Gibson (if I’m not in error) and delete/ not trust the certificate authorities that I don’t need (in Firefox)… most times, I do need the one’s from Verisign, Thawte, Comodo, Multicert-CA 02 (sub from GTE CyberTrust Global Root), Digicert (just for the facebook)… and that’s it! I would like to remove Comodo, but to many web site use Comodo, so I do need them. And I can also enable selectively the roots for does sites I visit and really want to access.
    In doubt I would at least delete all from Turkish, Hong Kong post office, china ones, any from government’s (unless you need them), Wells Fargo… not even their web site uses it’s root lol!

  4. Lode V wrote on

    Does someone know where I can download or find lists of Certificates
    I know there is a Microsoft Certificate Trust List (CTL)

    Good question, still unanswered by Mozilla.

    As a Dutch Citizen I do not worry about some trouble getting SSL warnings on the digitial identity service provided by the State?
    I do worry about possible (other unreported) security breaches inside the Dignotar company which affect the security and Trust of the rootcertificates handled by DigiNotar for the Dutch Government: PKIOverheid / Staat der Nederlanden.

    The Digid is used to verify the identity of Dutch citizens on the Internet.
    The system has been mandatory when submitting tax forms electronically.
    So as a Dutch citizen I’m more or less obliged to use the use the which uses these rootcertificates handled by DigiNotar for the Dutch Government: PKIOverheid / Staat der Nederlanden.

    I would like the Dutch government to use another CA and create NEW certificates for PKIOverheid / Staat der Nederlanden.

  5. Christoph Anton Mitterer wrote on

    btw: Would you also remove Verisign when they were hacked?

  6. Ken B wrote on

    Christoph – *Please note the CA of this topic is DigiNotar and Not DigiCert. Not the same CA.

  7. TrvsT wrote on

    @joao yeah, you’ll want to keep DigiCert in your root store as they’re the cert for facebook and yahoo. Definitely not the same as DigiNotar.

  8. kasperl wrote on

    Re Daniel Veditz:
    The assurances come indirectly from Diginotar itself, there has been no direct verification of anything yet according to Dutch news sites. As the Digid is still used for tax purposes and benefits, why are you believing the company who had the breach on this certificate, and not on all the other, less important ones? The Staat der Nederlanden is basically saying they don’t want to bother to change all the certs.

    Re Lode V:
    I’m also Dutch, and share the same worries.

  9. Private Joe wrote on

    Actually I believe that in Google case Diginotar either knew what it was doing – and did get “sufficient” compensation for the upcoming trouble or it was done by some of its employees working for iranian secret service.

  10. James wrote on

    There’s no indication in all of this (probably due to a lack of disclosure by DigiNotar) that anything has been done about the fraudulent certificate for Mozilla that DigiNotar also issued.

    Also, according to F-Secure ( DigiNotar’s site has been hacked for over 2 years.

    Finally, the URL for the revocation list (.crl) that DigiNotar gave in 2007 when they were approved by Mozilla as a CA is incorrect. That .crl has not been updated for months (not since February).

    All in all this breach of trust is an order of magnitude larger than Comodo’s.

  11. GLaDOS wrote on

    @Jacob Appelbaum, @Sahand

    Why would Iranians be punished with jail, torture or even a death sentence?

    I’m not understanding the connection between this CA root certificate being revoked and Iranians being jailed, tortured, or even killed. Could somebody please explain this?

    What does one have to do with the other?

  12. Lode V wrote on

    @Daniel Veditz
    Regarding the outside company they are bringing in to perform a technical audit, this raises a few questions.
    Has Diginotar/Vasco agreed (to the Dutch Government) to cooperate with this technical audit?
    What is the scope of this ‘technical audit’?
    Is there a ‘timeline’ with a deadline for this company to report their results to the Dutch government?
    And has the Dutch Goverment promised you to disclose (all) the results to you?

    This Dutch website about security issues
    says 247 certificates are blacklisted.

    and here
    I read also about many revoked certificates

    And here
    doubts about believing (earlier) audit in / by Diginotar which missed breaches in security.
    Diginotar issued a statement Tuesday asserting that a forensic examination conducted by Fox-IT indicated that only one of its CA root servers had been compromised and that all the fraudulent certificates issued had come from a Sub Root of that server. Other DigiNotar root servers were untouched, inlcuding those that make up the PKIoverheid infrastructure that are used to generate the DigID certificates, Diginotar said.

    This Diginotar statement (in dutch)
    says DigiNotar has asked again the independent company Fox-IT, specialized in IT security, to audit her systems for possible risks to rule out possible risks for the future. The results of this audit/research will be made public as soon as possible.

    This is Fox-IT (not the pdf software 🙂

    This Diginotar statement is not fully clear
    The word ‘again’ in the statement suggest one or two meanings:
    1: again an audit
    2: again an audit by Fox-IT

    an Anonymous says in dutch: “the first audit was done by PWC (PriceWaterhouseCoopers) gedaan. Now Fox-IT has been asked to perform a (real) audit.”

    Also I originally thought “they are bringing in an outside company to perform a technical audit” meant the Dutch government hired this outside company.

    But now Diginotar said they (Diginotar) hired the independent company Fox-IT.

    Logius, the digital government service of the Netherlands Ministry of the Interior and Kingdom Relations (BZK), says here
    in dutch, dated August 31, 2011:

    Update: At this moment Fox-IT is conducting an investigation at DigiNotar. A first report is expected to be ready at the end of the week.

    GOVCERT.NL is part of Logius.

    GOVCERT says in dutch, dated August 30, 2011:

    Diginotar is at this moment busy with further investigating the fraude.

    So the Dutch government is not leading or hiring the external Fox-IT auditers.
    Diginotar hired hemselves the external Fox-IT auditers to audit her systems for possible risks to rule out possible risks for the future.

    Says very little about investigating the past……

    There is in Dutch a proverb which translates to:
    Trust/reputation comes on foot, but leaves on horseback.

    I’m afraid the Diginotar reputation left in a FormulaOne Car.

    Vertrouwen komt te voet, maar gaat te paard.

  13. Blah wrote on

    Lesson learned:

    If you’re gonna issue a bogus cert, make sure its for a Mozilla owned domain and not for a Google owned domain.

  14. Lode V wrote on

    The dutch equivalent of the BBC World Service
    Radio Netherlands Worldwide
    Dutch government stops using Diginotar for PKI Overheid Certificates

    The Dutch Interior Minister Piet Hein Donner has given a press conference in the early hours of Saturday morning after an internet security firm appears to have been hacked by Iranian hackers.

    The Dutch internet solicitors’ firm Diginotar supplies certification for secure sites which guarantee their reliability. However, Iranian hackers have reportedly managed to surpass the certification system so that the Iranian authorities can read gmail and google messages of people in Iran.

    According to a computer expert on Dutch public broadcaster NOS, the government can no longer guarantee the security of its websites. This means, for instance, that the internet identification site DigID is no longer reliable, which citizens use for various government services.

    Government sites have not been shut down, but visitors to the sites will be warned that the sites are not secure.

    Diginotar has been reportedly aware of the problem since 19 June, but did not report it to the authorities. The Dutch authorities were informed by an Iranian source.

    The minister has announced measures to hand over control of internet security to a different firm, which may take a few days, according to the minister.


    (c) Radio Netherlands Worldwide

  15. Matt McCutchen wrote on

    Opera is claiming that their users were protected because the SSL badge turns off if OCSP is unreachable ( That’s “rubbish”, as Adam Langley would say. I pointed them to

  16. Daniel Veditz wrote on

    > There’s no indication in all of this (probably due to a lack of
    > disclosure by DigiNotar) that anything has been done about the
    > fraudulent certificate for Mozilla that DigiNotar also issued.

    DigiNotar did give us a list of the fraudulent certificates that they caught and revoked, including several variants on an certificate. Neither we nor they know which ones they did NOT catch (only that there are some out there). They can’t revoke certs they don’t know about; the only remaining way to invalidate those certificates is to invalidate the root.

  17. theappalasian wrote on

    @blah That’s rather unfair. Mozilla did right. DigiNotar was incompetent. The Dutch government even revoked it’s own certs. What more validation do you need?

  18. Jan Ostemor wrote on

    @Daniel Veditz

    > The Dutch government, the owner of the Staat der Nederlanden roots, asked that we
    > not revoke their certs.

    So you decided to trust some politicians? Never heard that politicians sometimes not exactly tell the truth? You have a compromised registrar, you have root certs from that registrar, and yet you trust a few politicians if they telly you “don’t worry, everything is fine”? Stupid.

    Which interests do you represent? The interests of the worldwide users of firefox, their lives sometimes being in danger, or the interests of some who-gives-a-toss government?

    This is not a question of being fair, this is a question of being firm.

    Cut out the cancer to make sure it doesn’t do any damage any more. Stop working in the interests of governments and CAs. Start, just once, start working in the interests of your users.

  19. brian wrote on

    @52 (GlaDOS):

    I’m not understanding the connection between this CA root certificate being revoked and Iranians being jailed, tortured, or even killed. Could somebody please explain this?

    Have you not been paying attention? The Iranian government is presently (and has been for a few decades) violently suppressing any dissent amongst its citizens. By the means listed above.

    Being able to do MitM attacks allows the Iranian government to intercept what people THINK are secure communications and use them to root out dissenters more easily.

  20. David Bernier wrote on

    I support Mozilla’s decision to revoke the
    trust in the DigiNotar-issued SSL certificates.

    I think it’s a very good pro-active security
    decision. It’s unfortunate for DigiNotar,
    but in my view is justified by the risks that
    would follow from doing nothing.

More comments: 1 2 3 4