DigiNotar Removal Follow Up

Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted root program. Complete revocation of trust is a decision we treat with careful consideration, and employ as a last resort.

Three central issues informed our decision:

1) Failure to notify. DigiNotar detected and revoked some of the fraudulent certificates 6 weeks ago without notifying Mozilla. This is particularly troubling since some of the certificates were issued for our own addons.mozilla.org domain.

2) The scope of the breach remains unknown. While we were initially informed by Google that a fraudulent *.google.com certificate had been issued, DigiNotar eventually confirmed that more than 200 certificates had been issued against more than 20 different domains. We now know that the attackers also issued certificates from another of DigiNotar’s intermediate certificates without proper logging. It is therefore impossible for us to know how many fraudulent certificates exist, or which sites are targeted.

3) The attack is not theoretical. We have received multiple reports of these certificates being used in the wild.

Mozilla has a strong history of working with CAs to address shared technical challenges, as well as responding to and containing breaches when they do arise. In an incident earlier this year we worked with Comodo to block a set of mis-issued certificates that were detected, contained, and reported to us immediately. In DigiNotar’s case, by contrast, we have no confidence that the problem had been contained. Furthermore, their failure to notify leaves us deeply concerned about our ability to protect our users from future breaches.

Staat der Nederlanden Certificates

DigiNotar issues certificates as part of the Dutch government’s PKIoverheid (PKIgovernment) program. These certificates are issued from a different DigiNotar-controlled intermediate, and chain up to the Dutch government CA (Staat der Nederlanden). The Dutch government’s Computer Emergency Response Team (GovCERT) indicated that these certificates are issued independently of DigiNotar’s other processes and that, in their assessment, these had not been compromised. The Dutch government therefore requested that we exempt these certificates from the removal of trust, which we agreed to do in our initial security update early this week.

The Dutch government has since audited DigiNotar’s performance and rescinded this assessment. We are now removing the exemption for these certificates, meaning that all DigiNotar certificates will be untrusted by Mozilla products. We understand that other browser vendors are making similar changes. We’re also working with our Dutch localizers and the Bits of Freedom group in the Netherlands to contact individual site operators using affected certificates (based on the EFF’s SSL Observatory data).

The integrity of the SSL system cannot be maintained in secrecy. Incidents like this one demonstrate the need for active, immediate and comprehensive communication between CAs and software vendors to keep our collective users safe online.

Johnathan Nightingale
Director of Firefox Engineering

70 comments on “DigiNotar Removal Follow Up”

  1. Fred5 wrote on

    @Daniel Veditz {Friday September 9, 2011 @ 11:18 am}

    The about box for Firefox shows I am using 6.0.2

    When I look at the certificates there are no DigiNotar items listed under the Servers tab. However, there are certificates listed as being DigiNotar (4 certificates) and DigiNotar B.V. (2 certificates) listed under the Authorities tab.

    This is a screenshot of the Authorities tab:


    The DigiNotar certificates all say “Could not verify this certificate for unknown reasons” and the serial numbers are what you say they should be.

    This is a screenshot of the Servers tab:


    I am not sure what all those other certificates came from but as you can clearly see there are no DigiNotar certs listed.

    Could you please clarify what in the world is going on and whether or not the appropriate certificates have been revoked.

    Thank You

  2. Fred5 wrote on

    @Daniel Veditz {Friday September 9, 2011 @ 11:18 am}

    I am using Firefox 6.0.2 and the DigiNotar certificates are showing up under the “Authorities” tab as DigiNotar (4 certificates) and DigiNotar B.V. (2 certificates). There is no sign of them being listed under the “Servers” tab. When you view the certificates they say “Could not verify…” and the serial numbers are as you describe them.

    I have made screenshots of the relevant tabs in the Certificate Manager to hopefully clarify what I am saying. (I have no idea what all those other certificates are doing listed under the Servers tab or how long they have been there. I did not add them.)



  3. smo wrote on

    The problem is old, so old, even the Roman empire had problems with it – in legal spheres the issue is known as “Quis custodiet ipsos custodes” – who certifies certifiers. Of course the humanity still has taken some time since to get to Toqueville and separation of powers, It looks, however, we still have some mileage to go.

    Any society is built fundamentally on trust, i.e. on assuming everybody acts and behaves the proper and expected way. At the same time it depends crucially all those who break these same rules (!) to keep evolving. In other words, it stinks, but we have to keep our noses operational.

  4. Lars V wrote on

    It hass been said by several in this thread that the trust bits can’t be changed for these certificates – but they can! Nothing prevents a user with admin rights to revert the changes and effectively make the certificates trusted again?

  5. Lars V wrote on

    @Fred5 {Friday September 9, 2011 @ 11:50 pm}

    The “default” list in the depicted “Servers” tab are the same as the current list of untrusted/fraudulent certificates in Windows. Those were added in similar patches earlier. Certificates issued to a specific server/domain show up here, as opposed to root certificates and intermediate certificate authorities. Viewing the trust properties will indicate the level of trust and associated trust categories.


    If you select one of them and click “Edit Trust…”, you will see a radio button, most likely indicating “Do not trust this certificate”, and a “Edit CA Trust” button below it. Clicking the CA trust button will bring up three checkboxes for each trust category. All should be *unselected* for a untrusted certificate.

    The bulk of the untrusted certificates in the “Servers” tab are flagged as “Fraudulent” in Windows. The bulk of them were issued by a CA that’s not normally listed in the CA lists. The fraudulent Microsoft certificates were issued to an entity that fraudulently posed as being VeriSign.

    Once the DigiNotar certificates had been flagged as “Untrusted” in Windows, they also showed up in the same list, with the “Untrusted” flag in the last coloumn.


    What I don’t like in Firefox is that patches to the certificate store can be reverted by the computer administrator, even for changes that should be permanent like the DigiNotar certs and the fraudulent ones mentioned above… 🙁

  6. Shahin wrote on

    Hello again
    yes i am using FireFox 6.0.2 and reinstall and clear all cache and folder many times .
    DigiNotar showing up under authorities tab some like all screenshot from my dear friend Fred5 !!!!!!!!!!
    tanks Fred5
    It is interesting that there are not delete from autho… tab !!!
    DigiNotar form IE and chrome certif… showing up in untrusted tab
    but Firefox !!!


    tanks for Your attention
    Sorry for my BL .

  7. Peter Besenbruch wrote on

    I keep finding the Diginotar certificates in version 6.02 of Firefox under the “Authorities” tab. Why are they there?

  8. Daniel Veditz wrote on

    Fred5 and Peter Besenbruch: if the DigiNotar certs say “Could not verify this certificate for unknown reasons” at the top when you double-click to view them then you have the fix, whichever tab you’re finding the certificates under.

    If they do NOT say that please send mail to security@mozilla.org so we can work with you to investigate this issue. It’s next to impossible to carry on the conversation we’d need in blog comments.

  9. Daniel Veditz wrote on

    Lars V: If you have a malicious administrator you’ve got problems, regardless of what Mozilla does. Parts of this fix are in code and cannot be overridden short of replacing Firefox itself with a hacked up copy — which of course an administrator could do. Parts of this fix were done by playing games with the built-in certificate database that could be more easily undone by a malicious administrator.

    I know at least one European country issues certificates on smartcards to citizens, where the smartcard also contains some root certificates (more than just the one needed for the client certificate). If you had that kind of set-up it’s likely the smartcard copy of DigiNotar would take precedence over the marked-bad built-in copy. By plugging in a trust module like that you are substituting that source’s trust for the Mozilla list. This is great if you trust that source more than Mozilla (for example, US gov employees in some departments override the Mozilla list this way), a problem if you don’t trust the people who issued the smartcard.

  10. Mohamed wrote on

    I TRUST YOU BUT I HOPE THAT THE PREVIOUS ERRORS will not happen again thank you a lot for what you offer

More comments: 1 2 3 4