Closed Bug 289077 Opened 19 years ago Closed 18 years ago

StartCom Free SSL Certicate Authority for Mozilla

Categories

(CA Program :: CA Certificate Root Program, task)

Product:
CA Program
Component:
CA Certificate Root Program
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: eddy_nigg, Assigned: hecker)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 (ax)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 (ax)

I'd like to suggest to you, the inclusion of the "Free SSL Certification
Authority" offered and run by http://cert.startcom.org/ at your KDE
browser. The project is hardly a month old and caused quite some
interest and "noise" at some news web sites. The StartCom Free SSL
Certificate Project aims to be a viable alternative to commercial
128/256 bit SSL certificates and grows currently by almost 80 issued
certificates per day.

Efforts are being made, for the natural support by major web browsers of
the "Free SSL Certification Authority", but also continued development
and improvement of the services and certificates, including verification
processes etc. We try to get a market share of 1 % during the first 90 -
120 days, with reaching 3 - 5 % at the end of the year.

Reproducible: Always

Steps to Reproduce:
Summary: tartCom Free SSL Certicate Authority for Mozilla → StartCom Free SSL Certicate Authority for Mozilla
Group: security
Assignee: dveditz → kaie
Component: Security → Security: PSM
QA Contact: toolkit
Status: UNCONFIRMED → NEW
Ever confirmed: true
Kai, please feel free to re-assign this bug to me. It seems to be a pretty
straightforward request to add a new CA certificate to Mozilla et.al.
Of course I meant Mozilla browser(s) and applications and not *KDE* which I
obviously copied from the same request to KDE.org...really sorry for that glitch...
Moving to be with all the other CA requests.
Assignee: kaie → hecker
Component: Security: PSM → CA Certificates
Product: Core → mozilla.org
Version: Trunk → other
Accepting this bug. Note that our current policy requires that CAs have
completed a WebTrust for CAs audit or equivalent third-party audit. We have a
newer policy in draft form, but it's not yet in effect; see

  http://www.hecker.org/mozilla/ca-certificate-policy

for more information.
Status: NEW → ASSIGNED
The CA Policy as available at http://cert.startcom.org/policy.pdf and will
change its status from draft to final in the comming weeks.

Currently the operation will be under voluntary self control together with a
third-party (lawer) statement, confirming this. We make sure, that we confirm to
our own policy regarding every aspect and work in accordance to this policy.

In the future a qualified independent entity or person might conduct an audit
which is adequate for the current nature of this non-profit project.
All policies and relevant papers are published at
http://cert.startcom.org/index.php?app=111

Working papers are in preperation for an audit, which will be performed,
starting during this summer (2005) and will be published at the same location as
above.

CA certificates are published at page
http://cert.startcom.org/index.php?app=110#auth

Details of OCSP service are at page http://cert.startcom.org/index.php?app=110#ocsp

CRL's are at: 

http://cert.startcom.org/crt1-crl.crl
http://cert.startcom.org/crt2-crl.crl
http://cert.startcom.org/crt3-crl.crl
http://cert.startcom.org/ca-crl.crl

Published an additional important document "Evaluation of Microsoft policy
compliance - AICPA Audit" (includes also Mozilla). This evaluation is a base for
discussion according to topic 12 of Mozilla CA Certificate Policy and a
self-audit as outlined in the CA policy.

http://cert.startcom.org/msie.htm

Comparable ETSI Policy Requirements document is under progress and will be
published as well. 


Published and renamed "Evaluation of Microsoft and Mozilla policy compliance -
AICPA Audit" at http://cert.startcom.org/audit.htm, which is the evaluation and
self-audit performed by StartCom. An Independent Accountants Report is
confirming the audit, signed by StartCom's laywer
(http://cert.startcom.org/img/report.jpg).

The published papers might be reason for Mozilla to include and accept the
StartCom CA in its software.

A third party audit will be performed starting September 2005. The outcome and
all relevant papers will be published at the end of the process.
The StartCom Certification Authority underwent a third party audit as required by most software vendors, including Mozilla, based on the AICPA/CICA Webtrust for Certification Authorities Criteria. Information of the signed audit is available at http://cert.startcom.org/audit.pdf and as such we request to get approved for inclusion in all Mozilla software.
I've updated <URL:http://www.hecker.org/mozilla/ca-certificate-list> to reflect the updated StartCom information. I'm now going through the version 1.1 of the certificate policy/CPS.
This bug is still open! Could you please approve the StartCom CA and integrate the StartCom CA Root within the Mozilla Software?
My apologies for the delay in getting to this bug. I updated my list at <http://www.hecker.org/mozilla/ca-certificate-list> to note that the current versions of the root and CA policies are 1.2, dated February 22, 2006.

At this point we have enough information to evaluate this CA for inclusion, per the official CA policy at

http://www.mozilla.org/projects/security/pki/nss/ca-certificates/policy.html

Here are my quick thoughts on StartCom vis-a-vis the policy's requirements:

Section 4. I'm not aware of any technical issues with StartCom-issued certificates. If any sees any technical problems with the certs themselves please note it in this bug report.

Section 6. StartCom appears to provide a service relevant to Mozilla users: It issues no-charge certificates for SSL server use as well an personal email certificates. Policies are documented in the overall policy document and intermediate CA document published on the StartCom site and listed in the ca-certificate-list page referenced above.

Section 7. StartCom appears to meet the minimum requirements for subscriber verification: For class 1 personal certificates Startcom verifies that the entity submitting the request controls the email account associated with the email address referenced in the certificate. (See page 16 of the policy document.) For class 1 SSL server certificates StartCom verifies domain control by sending an email to one of the standard addresses (webmaster@domain, etc.) associated with the domain. (See page 15 of the policy document.) StartCom also issues class 2 personal and server certs, with additional verification required. StartCom does not currently issue code signing certs.

Section 8-10. StartCom has successfully completed an independent audit using the WebTrust for CAs criteria. The auditors were We! Consulting.

Section 13. StartCom has multiple intermediate CAs under a single root. Class 1 certificates are issued under different intermediates than class 2, etc.

Other: StartCom issues CRLs (on a 12-hour schedule) and also has an OCSP responder.

Some open questions:

1. Given the obvious possibility of StartCom's service being used to obtain free SSL certs for phishing sites, what is StartCom's strategy to deal with possible fraudulent use of the service? Is it limited to certificate revocation based on reports of possible fraud, or are other measures in place or planned?

2. StartCom doesn't appear to have an official WebTrust seal. why?

3. CRL publication is on a 12-hour schedule. Is the OCSP responder's data from the CRLs (and thus might be up to 12 hours old) or is it more up-to-date?

I'm opening up a period of public discussion of this request. I'll post on the mozilla.dev.tech.crypto newsgroup to start the discussion.
I just wanted to say that I've used startcom's free ssl certs for over a year, and have found eddy and company to be extrememly helpful and patient.  They have responded quickly to any question I've had.  When I've needed a cert revoked, due to an updated distro (and poor backups on my part), they've taken care of this very quickly, too.  They have a good forum for answers, respond quickly to emails, and you can even 'skype' them if the need is there.

Thanks Eddy & startcom for a great product!

John F. Godfrey, Pastor
Valley Christian Center
(In reply to comment #12)
> 
> Some open questions:
> 
> 1. Given the obvious possibility of StartCom's service being used to obtain
> free SSL certs for phishing sites, what is StartCom's strategy to deal with
> possible fraudulent use of the service? Is it limited to certificate revocation
> based on reports of possible fraud, or are other measures in place or planned?
> 

The pricing policy of StartCom, and the fact that certain products and certificates 
are provided free of chare, is not relevant to the question above. The validation 
of certificates is a function of the controls, verification procedures and validation 
in place, not the cost of the certificate.

Example: In the past we used to issue Class 2 certificates without charging any fees 
(and we might do so again in the future). Did this change the validity of the 
certificates issued? Or were the certificates issued according to a certain criteria 
and procedure, in this case according to our definition of Class 2?

StartCom conforms or exceeds to the minimum requirements of the Mozilla CA 
Certificate Policy section 7, even in the free Class 1 settings. So the question 
about fraudulent use affects any Certification Authority which provides "so called" 
domain validated certification and is not unique to StartCom.

With the exception of domain validation, StartCom has additional measures in place 
to minimize the risk of misuse and fraud:

    * The StartCom CA and the process of certificate issuance are constantly 
      monitored.
    * The process of certificate issuance may, under certain circumstances, 
      be stopped manually or automatically. At that point, the request requires 
      manual intervention and review by StartCom personnel.
      Additional information might be requested and any verification procedure 
      implemented (Similar to Class 2 verification). Any certificate request in 
      the Class 1 settings can get "flagged" for such a human review.
    * All certificate details are reviewed by StartCom personnel and additional
      information may be requested from the certificate holder. If in doubt, 
      the certificate could get revoked immediately.
    * Random visits of the web sites are performed by StartCom to detect fraudulent 
      sites.
    * Fraudulent websites, as well as sites that damage the reputation of the CA 
      may be reported to the proper authorities and prosecuted to the full-extent 
      of the law.


> 2. StartCom doesn't appear to have an official WebTrust seal. why?
> 

A third party audit was performed by the "We! Consulting Group", which is a respected 
solution and consulting provider in Israel, with great expertise in Public Key 
Infrastructure solutions and renowned costumers. The audit performed was based on the 
AICPA/CICA Webtrust for Certification Authorities Criteria and confirmed as such.
However the We! Consulting Group is not a licensed WebTrust provider.


> 3. CRL publication is on a 12-hour schedule. Is the OCSP responder's data from
> the CRLs (and thus might be up to 12 hours old) or is it more up-to-date?
> 

In practice CRL's get updated every 12 hours or when a certificate is revoked, 
especially when the revoked certificate is suspected to fall under any of the 
following conditions. These include, but are not limited to (according to the 
StartCom CA policy):

    * The subscriber’s private key is lost or suspected to be compromised
    * The information in the subscriber’s certificate is suspected to be inaccurate
    * The information supplied may be misleading (ex. paypa1.com, micr0soft.com)
    * The subject has failed to comply with the rules in this policy
    * The system to which the certificate has been issued has been retired
    * The subscriber makes a request for revocation
    * The subscriber violated his/her obligations


The OCSP responder checks for changes on the CRL's every ten minutes and reloads
all CRL's ever hour. Therefore OCSP responce of a revoked certificate is within
ten minutes the most.

> I'm opening up a period of public discussion of this request. I'll post on the
> mozilla.dev.tech.crypto newsgroup to start the discussion.

Hope this helps!
I posted my somewhat lengthy analysis in the <news://news.mozilla.org:119/mozilla.dev.tech.crypto> newsgroup, in the "StartCom CA inclusion request" thread.  
Eddy, thanks for your reply. I have at least one other question, as noted below.

(In reply to comment #14)
> A third party audit was performed by the "We! Consulting Group", which is a
> respected solution and consulting provider in Israel, with great expertise
> in Public Key Infrastructure solutions and renowned costumers. The audit
> performed was based on the AICPA/CICA Webtrust for Certification Authorities
> Criteria and confirmed as such. However the We! Consulting Group is not a
> licensed WebTrust provider.

Could you point us to relevant public documentation in English demonstrating We! Consulting's expertise in information security audits and evaluations and CA and PKI issues in particular? Their web site <http://www.we-can.co.il/> is in Hebrew, and I can't find an English version; also Google was not helpful in terms of turning up third-party references to We! Consulting (e.g., news stories, case studies, etc.).

Given that We! Consulting is not an authorized WebTrust auditor we need something else to give us confidence that they're competent to perform an audit against the WebTrust criteria (or similar criteria, for that matter).
(In reply to comment #16)
> 
> Could you point us to relevant public documentation in English demonstrating
> We! Consulting's expertise in information security audits and evaluations and
> CA and PKI issues in particular?

This information is not publicly accessible by the Internet. I'll forward all relevant and available information to you.

Thanks to Tsahi Asher I have more info on We! Consulting. The page

http://www.we-can.co.il//heb/pagesContent/content.aspx?pageID=3&Scroll=true

(in Hebrew) mentions some of We!'s customers for which they've done security-related work; they include two banks, two cellphone 
companies (including Orange), a food company, an insurance company, an academic institute, and Tower Semiconductor. Apparently We! has done deployment of PKI implementations (including CA deployment), auditing of existing PKI deployments, and provided consulting support to assist enterprises operating CAs in operating according to relevant standards and guidelines. So I think that we can accept We! Consulting Group as being an independent and competent third party evaluator as required by the CA certificate policy.

Based on the information I have thus far, I'm approving inclusion of the StartCom CA root certificate in NSS/Mozilla. I'll now go off and file a bug against NSS for the actual work.
Depends on: 338552
Frank filed bug Bug 338552 to fulfil this request, and it was completed in 
mid 2006.  So I am marking this request resolved/fixed.

Subsequent to this request, another request has been made to include an 
additional startcom CA cert.  That is the subject of bug 362304.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
QA Contact: ca-certificates
See Also: → https://launchpad.net/bugs/72415
See Also: → https://launchpad.net/bugs/28048
Product: mozilla.org → NSS
Product: NSS → CA Program
You need to log in before you can comment on or make changes to this bug.