Add Google Root Certificates

ASSIGNED
Assigned to

Status

NSS
CA Certificate Root Program
ASSIGNED
8 months ago
3 months ago

People

(Reporter: Ryan Hurst, Assigned: Aaron Wu)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [ca-verifying] - Need BR Self Assessment)

Attachments

(4 attachments)

(Reporter)

Description

8 months ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Steps to reproduce:

CA Details
----------

CA Name: Google Trust Services

Website: https://pki.goog 

One Paragraph Summary of CA:

Google Trust Services is run by Google.  Google is a commercial CA that will provide certificates to customers from around the world.  We will offer certificates for server authentication, client authentication, email (both signing and encrypting), and code signing.  Customers of the Google PKI are the general public.  We will not require that customers have a domain registration with Google, use domain suffixes where Google is the registrant, or have other services from Google.


This application includes four new root CAs. We have also acquired two roots already in the Mozilla program (GlobalSign R2 and R4), no changes are requested relative to these two roots.


Audit Type (WebTrust, ETSI etc.): 
WebTrust for CA 2.0, BR 2.0

Auditor: 				Ernst and Young USA
Auditor Website: 		http://www.ey.com/  
Audit Document URL(s): 
Web Trust for CAs:	https://cert.webtrust.org/ViewSeal?id=2124
Web Trust BRs: 	   	https://cert.webtrust.org/ViewSeal?id=2125 


Certificate Details Google Trust Services Root R1
--------------------------------------------------

Certificate Name: GTS Root R1
Summary Paragraph:
GTS Root R1 is a Root CA with an RSA key with a 4096 bit long modulus.  It will be used to issue a variety of certificate types via intermediates specific for each certificate type, as defined in our CP and CPS. Initially there will be one intermediate, “GTS X1”. For more information please see attached diagram.

Certificate URL:			https://pki.goog/gtsr1.crt    
Version: 				X.509 v3
SHA1 Thumbprint:            e1:c9:50:e6:ef:22:f8:4c:56:45:72:8b:92:20:60:d7:d5:a7:a3:e8
Public-Key:			(4096 bit)
Not Before:			Jun 22 00:00:00 2016 GMT
Not After :			Jun 22 00:00:00 2036 GMT

CRL URL:				http://crl.pki.goog/gtsr1/gtsr1.crl  
CRL issuance freq.:		At least once a quarter
OCSP URL: 				http://ocsp.pki.goog/gstr1      

Class (DV, IV, OV, or EV):	DV and OV
CP URL:				https://pki.goog/GTS-CP-1.0.pdf      
CPS URL:				https://pki.goog/GTS-CPS-1.0.pdf     
Requested Trust Indicators:	 Website, Email, and Code Signing
URLs of example websites using certificate subordinate to this root (if applying for SSL): 
					https://good.r1demo.pki.goog 
https://revoked.r1demo.pki.goog 
https://expired.r1demo.pki.goog 


Certificate Details Google Trust Services Root R2
--------------------------------------------------


Certificate Name: GTS Root R2
Summary Paragraph:
GTS Root R2 is a Root CA with an RSA key with a 4096 bit long modulus.  It will be used to issue a variety of certificate types via intermediates specific for each certificate type, as defined in our CP and CPS. Initially there will be one intermediate, “GTS X2”. For more information please see attached diagram.

Certificate URL:			https://pki.goog/gtsr2.crt     
Version: 				X.509 v3
SHA1 Thumbprint:            d2:73:96:2a:2a:5e:39:9f:73:3f:e1:c7:1e:64:3f:03:38:34:fc:4d
Public-Key:			(4096 bit)
Not Before:			Jun 22 00:00:00 2016 GMT
Not After :			Jun 22 00:00:00 2036 GMT

CRL URL:				https://crl.pki.goog/gtsr2/gtsr2.crl   
CRL issuance freq.:		At least once a quarter
OCSP URL: 				https://ocsp.pki.goog/gstr2      

Class (DV, IV, OV, or EV):	DV and OV
CP URL:				https://pki.goog/GTS-CP-1.0.pdf      
CPS URL:				https://pki.goog/GTS-CPS-1.0.pdf       
Requested Trust Indicators:	Website, Email, and Code Signing
URLs of example websites using certificate subordinate to this root (if applying for SSL): 
					https://good.r2demo.pki.goog 
https://revoked.r2demo.pki.goog 
https://expired.r2demo.pki.goog 


Certificate Details Google Trust Services Root R3
--------------------------------------------------


Certificate Name: GTS Root R3
Summary Paragraph:
GTS Root R3 is a Root CA with an ECDSA key using secp384r1.  It will be used to issue a variety of certificate types via intermediates specific for each certificate type, as defined in our CP and CPS.  Initially there will be one intermediate, “GTS X3”. For more information please see attached diagram.

Certificate URL:			https://pki.goog/gtsr3.crt     
Version: 				X.509 v3
SHA1 Thumbprint:            30:d4:24:6f:07:ff:db:91:89:8a:0b:e9:49:66:11:eb:8c:5e:46:e5
Public-Key:			ECDSA key using secp384r1
Not Before:			Jun 22 00:00:00 2016 GMT
Not After :			Jun 22 00:00:00 2036 GMT

CRL URL:				https://crl.pki.goog/gtsR3/gtsr3.crl   
CRL issuance freq.:		At least once a quarter
OCSP URL: 				https://ocsp.pki.goog/gstr3      

Class (DV, IV, OV, or EV):	DV and OV
CP URL:				https://pki.goog/GTS-CP-1.0.pdf      
CPS URL:				https://pki.goog/GTS-CPS-1.0.pdf     
Requested Trust Indicators:	Website, Email, and Code Signing
URLs of example websites using certificate subordinate to this root (if applying for SSL): 
					https://good.r3demo.pki.goog 
https://revoked.r3demo.pki.goog 
https://expired.r3demo.pki.goog 


Certificate Details Google Trust Services Root R4
--------------------------------------------------


Certificate Name: GTS Root R4
Summary Paragraph:
GTS Root R4 is a Root CA with an ECDSA key using secp384r1.  It will be used to issue a variety of certificate types via intermediates specific for each certificate type, as defined in our CP and CPS. Initially there will be one intermediate, “GTS X4”. For more information please see attached diagram.

Certificate URL:			https://pki.goog/gtsr4.crt     
Version: 				X.509 v3
SHA1 Thumbprint:            6e:47:a9:c8:8b:94:b6:e8:bb:3b:2a:d8:a2:b2:c1:99
Public-Key:			ECDSA key using secp384r1
Not Before:			Jun 22 00:00:00 2016 GMT
Not After :			Jun 22 00:00:00 2036 GMT

CRL URL:				https://crl.pki.goog/gtsR4/gtsr4.crl   
CRL issuance freq.:		At least once a quarter
OCSP URL: 				https://ocsp.pki.goog/gstr4      

Class (DV, IV, OV, or EV):	DV and OV
CP URL:				https://pki.goog/GTS-CP-1.0.pdf      
CPS URL:				https://pki.goog/GTS-CPS-1.0.pdf     
Requested Trust Indicators:	Website, Email, and Code Signing
URLs of example websites using certificate subordinate to this root (if applying for SSL): 
					https://good.r4demo.pki.goog 
https://revoked.r4demo.pki.goog 
https://expired.r4demo.pki.goog
(Reporter)

Comment 1

8 months ago
Created attachment 8821437 [details]
GTS PKI Hierarchy.pdf

Updated

8 months ago
Whiteboard: Information incomplete - Begin Information Verification

Comment 2

7 months ago
Francis, Please do the Information Verification for this request.
https://wiki.mozilla.org/CA:How_to_apply#Information_Verification
Assignee: kwilson → frlee

Comment 3

7 months ago
Ryan, My apologies for the delay in starting the Information Verification for this request due to holidays (December and Chinese New Year). I'm sure Francis will begin Information Verification of this request soon after he returns to the office.

Anyways, I was just looking at https://static.googleusercontent.com/media/pki.goog/en//GTS-CP-1.0.pdf and noticed that it refers to "Effective Date" a lot. But it was not clear to me what the "Effective Date" actually is. Please clarify.

Updated

6 months ago
Assignee: frlee → awu

Comment 4

6 months ago
Is there an ETA on this fix yet?

Comment 5

6 months ago
(In reply to B from comment #4)
> Is there an ETA on this fix yet?

See https://wiki.mozilla.org/CA for the process description.
And note: "It can take as long as two years for a new CA to make it from one end of the process to the other."

Aaron will begin step 4, Information Verification, but we're still waiting for the CA to reply to Comment #3.

and for a response from Google to the questions posted here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/1PDQv0GUW_s/P8kAgEkODwAJ

Comment 6

6 months ago
(In reply to B from comment #4)
> Is there an ETA on this fix yet?

To all those who are impatient for this certificate to be approved and implemented for Gecko-based products:

The presence of a root certificate in the NSS database used by Gecko-based products indicates that users can place some degree of trust in the use of that certificate for secure Web browsing.  For that trust to be valid, the certification authority owning the root certificate must undergo some scrutiny, which takes time.

Further expressions of the need for haste will not speed the process.  Any shortcuts or other measures to hasten the process can only weaken the trust users have in the overall certificate database.

Those who are anxious for these root certificates -- those who already trust them and who have no patience with the Mozilla process for scrutinizing certificate authorities -- can download and install the root certificates themselves.  

Note well:  These are my personal comments.  I do not work for either the Mozilla Foundation or the Mozilla Corporation.  Thus, these comments do not reflect the position of either organization.

Comment 7

6 months ago
Relevant comments were forwarded to Google's security team to assist.

Comment 8

6 months ago
(In reply to B from comment #4)
> Is there an ETA on this fix yet?

Is the lack of inclusion causing you a problem?  www.google.com is not currently using certificates that chain to these Google Trust Services CAs, so any errors you are seeing should not be due to this bug.
(Reporter)

Comment 9

6 months ago
Created attachment 8844281 [details]
Tarsier Key Transference GlobalSign Root R2 and R4 - Final Report
(Reporter)

Comment 10

6 months ago
Created attachment 8844282 [details]
Report on Management’s Assertion
Related to the Key Generation and Key
Transference of GTS Root R1, GTS Root
R2, GTS Root R3, and GTS Root R4
(Reporter)

Comment 11

6 months ago
(In reply to Peter Bowen from comment #8)
> (In reply to B from comment #4)
> > Is there an ETA on this fix yet?
> 
> Is the lack of inclusion causing you a problem?  www.google.com is not
> currently using certificates that chain to these Google Trust Services CAs,
> so any errors you are seeing should not be due to this bug.

Peter is right. Though we want very much to have our new roots accepted as part of the Mozilla Root Program, this should not represent a blocking issue at this time. Planning on which root certificates to use when you have so many third-parties who are dependent on you requires long term planning, our guidance for third-parties wanting to trust Google and Alphabet products and services is to use, and periodically ensure the list of roots they use includes those at: https://pki.goog/roots.pem
(Reporter)

Comment 12

6 months ago
(In reply to Kathleen Wilson from comment #5)
> (In reply to B from comment #4)
> > Is there an ETA on this fix yet?
> 
> See https://wiki.mozilla.org/CA for the process description.
> And note: "It can take as long as two years for a new CA to make it from one
> end of the process to the other."
> 
> Aaron will begin step 4, Information Verification, but we're still waiting
> for the CA to reply to Comment #3.
> 
> and for a response from Google to the questions posted here:
> https://groups.google.com/d/msg/mozilla.dev.security.policy/1PDQv0GUW_s/
> P8kAgEkODwAJ

Thank you Kathleen, I apologize in the delay in answering the questions in that thread. If you check now you will see I have responded now.
(Assignee)

Updated

6 months ago
Whiteboard: Information incomplete - Begin Information Verification → [ca-verification]
(Reporter)

Updated

6 months ago
Attachment #8844282 - Attachment description: Tarsier Key Transference GlobalSign Root R2 and R4 - Final Report → Report on Management’s Assertion Related to the Key Generation and Key Transference of GTS Root R1, GTS Root R2, GTS Root R3, and GTS Root R4
(Assignee)

Updated

5 months ago
Whiteboard: [ca-verification] → [ca-verifying]
(Assignee)

Updated

5 months ago
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(Assignee)

Comment 13

5 months ago
Created attachment 8852819 [details]
CAInformaion_Google_InfoNeeded_20170330.pdf
(Assignee)

Comment 14

5 months ago
Hi Ryan,

Based on the CPS and the information you provided, I've verified and enter into Salesforce for 4 root cases. Please see attachment in Comment#13 and we need your more information input and clarify which marked as "Need Response from CA" and "Need Clarification from CA"


Note:
1. For 'Recommended Practices' please refer to:
https://wiki.mozilla.org/CA:Recommended_Practices#CA_Recommended_Practices
2. For 'Problematic Practices' please refer to:
https://wiki.mozilla.org/CA:Problematic_Practices#Potentially_problematic_CA_practices

Kind regards,
Aaron
(Assignee)

Comment 15

4 months ago
Hi Ryan,

Please also perform the BR Self Assessment, and attach the resulting BR-self-assessment document to this bug.

Note:
Current version of the BRs: https://cabforum.org/baseline-requirements-documents/
Until a version of the BRs is published that describes all of the allowed methods of domain validation, use version 1.4.1 for section 3.2.2.4 (Domain validation): https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.4.1.pdf

= Background = 

We are adding a BR-self-assessment step to Mozilla's root inclusion/change process.

Description of this new step is here:
https://wiki.mozilla.org/CA:BRs-Self-Assessment

It includes a link to a template for CA's BR Self Assessment, which is a Google Doc:
https://docs.google.com/spreadsheets/d/1ni41Czial_mggcax8GuCBlInCt1mNOsqbEPzftuAuNQ/edit?usp=sharing

Phase-in plan is here:
https://groups.google.com/d/msg/mozilla.dev.security.policy/Y-PxWRCIcck/Fi9y6vOACQAJ

Please let me know if you have any question, thank you!


Kind regards,
Aaron
(Assignee)

Updated

4 months ago
Whiteboard: [ca-verifying] → [ca-verifying] - Need BR Self Assessment

Updated

4 months ago
Product: mozilla.org → NSS

Comment 16

3 months ago
I have exchanged email with the auditor and confirmed the authenticity of these two audit statements:

1) Tarsier Key Transference GlobalSign Root R2 and R4 - Final Report Direct Link:
https://bug1325532.bmoattachments.org/attachment.cgi?id=8844281

2) Report on Management’s Assertion Related to the Key Generation and Key Transference of GTS Root R1, GTS Root R2, GTS Root R3, and GTS Root R4 Direct Link:
https://bug1325532.bmoattachments.org/attachment.cgi?id=8844282
You need to log in before you can comment on or make changes to this bug.