Last week, Mozilla was notified that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle (MITM) traffic management device. It was then used, during the process of inspecting traffic, to generate certificates for domains the device owner does not legitimately own or control. While this is not a Firefox-specific issue, to protect our users we are a updating the certificate store of Firefox in order to dis-trust these certificates. The Certificate Authority (CA) has told us that this action was not permitted by their policies and practices, and they have revoked the intermediate certificate that signed the certificate for the traffic management device.
Issue
ANSSI (Agence nationale de la sécurité des systèmes d’information) is the French Network and Information Security Agency, a part of the French Government. ANSSI (formerly known as DCSSI) operates the “IGC/A” root certificate that is included in NSS, and issues certificates for French Government websites that are used by the general public. The root certificate has an Issuer field with “O = PM/SGDN”, “OU = DCSSI”, and “CN = IGC/A”.
A subordinate CA of ANSSI issued an intermediate certificate that they installed on a network monitoring device, which enabled the device to act as a MITM of domains or websites that the certificate holder did not own or control. Mozilla’s CA Certificate Policy prohibits certificates from being used in this manner when they chain up to a root certificate in Mozilla’s CA program.
Impact
An intermediate certificate that is used for MITM allows the holder of the certificate to decrypt and monitor communication within their network between the user and any website without browser warnings being triggered. An attacker armed with a fraudulent SSL certificate and an ability to control their victim’s network could impersonate websites in a way that would be undetectable to most users. Such certificates could deceive users into trusting websites appearing to originate from the domain owners, but actually containing malicious content or software.
We believe that this MITM instance was limited to the subordinate CA’s internal network.
Status
Mozilla is actively revoking trust of the subordinate CA certificate that was mis-used to generate the certificate used by the network appliance. This change will be released to all supported versions of Firefox in the updates this week.
Additional action regarding this CA will be discussed in the mozilla.dev.security.policy forum.
End-user Action
We recommend that all users upgrade to the latest version of Firefox. Firefox 26 and Firefox 24 ESR both contain the fix for this issue, and will be released this week.
Credit
Thanks to Google for reporting this issue to us.
Kathleen Wilson
Module Owner of Mozilla’s CA Certificates Module
Nate wrote on
Kathleen Wilson wrote on
redwolfe_98 wrote on
Daniel Veditz wrote on
Gervase Markham wrote on
Paul Léo Steinberg wrote on
Daniel Veditz wrote on
redwolfe_98 wrote on
Daniel Veditz wrote on
redwolfe_98 wrote on
Daniel Veditz wrote on
Daniel Veditz wrote on
Alexandre Terrat wrote on
Jamie wrote on
yoho wrote on
Kathleen Wilson wrote on