Note: There are a few cases of duplicates in user autocompletion which are being worked on.

Symantec: Mis-issued test certificates by CrossCert

Status

NSS
CA Certificate Mis-Issuance
6 months ago
2 months ago

People

(Reporter: Kathleen Wilson, Assigned: Kathleen Wilson, NeedInfo)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [ca-incident-response])

Attachments

(18 attachments)

58.15 KB, application/pdf
Details
353.25 KB, application/pdf
Details
2.29 MB, application/pdf
Details
116.34 KB, application/pdf
Details
236.42 KB, application/pdf
Details
46.13 KB, application/pdf
Details
69.96 KB, application/pdf
Details
72.11 KB, application/pdf
Details
24.56 KB, application/pdf
Details
8.20 MB, application/zip
Details
150.92 KB, application/pdf
Details
102.08 KB, application/pdf
Details
4.47 MB, application/pdf
Details
123.77 KB, application/pdf
Details
401.02 KB, application/pdf
Details
268.79 KB, application/pdf
Details
75.06 KB, application/pdf
Details
1.81 MB, application/pdf
Details
(Assignee)

Description

6 months ago
From
https://groups.google.com/d/msg/mozilla.dev.security.policy/fyJ3EK2YOP8/yvjS5leYCAAJ

I. Misissued certificates for example.com

On 2016-07-14, Symantec misissued the following certificates for example.com:

        https://crt.sh/?sha256=A8F14F52CC1282D7153A13316E7DA39E6AE37B1A10C16288B9024A9B9DC3C4C6
        https://crt.sh/?sha256=8B5956C57FDCF720B6907A4B1BC8CA2E46CD90EAD5C061A426CF48A6117BFBFA
        https://crt.sh/?sha256=94482136A1400BC3A1136FECA3E79D4D200E03DD20B245D19F0E78B5679EAF48
        https://crt.sh/?sha256=C69AB04C1B20E6FC7861C67476CADDA1DAE7A8DCF6E23E15311C2D2794BFCD11

I confirmed with ICANN, the owner of example.com, that they did not
authorize these certificates.  These certificates were already revoked
at the time I found them.


II. Suspicious certificates for domains containing the word "test"

On 2016-11-15 and 2016-10-26, Symantec issued certificates for various
domains containing the word "test" which I strongly suspect were
misissued:

        https://crt.sh/?sha256=b81f339b971eb763cfc686adbac5c164b89ad03f8afb55da9604fd0d416bbd21
        https://crt.sh/?sha256=f45d090e1bf24738a8e86734aa7acf7c9e65b619eb19660b1f73c9973f11b841
        https://crt.sh/?sha256=bcbc26c9e06c4fe1c9e4d55fa27a501c504ea84e23e114b8ac004f7c0776cd0b
        https://crt.sh/?sha256=f0935ce297419cc148bde49a7a123f2b2419cdd52df8e7f49e7bba07fe872559
        https://crt.sh/?sha256=3601ab49034e69d6e2137a80e511a0640252f444b75d6baca7bf4672c35652a5

I have not attempted to contact the owners of these domains for
confirmation, as doing so is probably not feasible (many of the domains
are owned by squatters).  However, the following facts lead to me to
believe that these certificates were misissued:

1. The subject DNs contain clearly bogus values, such as:

        C=KR, ST=1, L=1, O=12, OU=1
        C=KR, ST=1, L=1, O=1, OU=1
        C=KR, ST=1, L=1, O=12, OU=1
        C=KR, ST=Test1, L=Test, O=Test

Note that the misissued example.com certificates also contain C=KR in
their subjects.

2. The third certificate in the list above contains a SAN for
DNS:*.crosscert.com - note that three of the misissued example.com
certificates contain "Crosscert" in their Subject Organization.

3. None of these certificates have been observed in the wild by Censys.
The live certificate for www.test.com was issued by Network Solutions.

4. The first two certificates in the list above both contain DNS SANs
for *all* of the following domains:

        test.com
        test1.com
        test2.com
        test3.com
        test4.com
        test5.com
        test6.com
        test7.com
        test8.com
        test9.com
        test11.com

With the exception of test4.com and test8.com, these domains are
registered to different entities and appear to be wholly unrelated with
one another in both ownership and operation.  It is unlikely that the
owners of these domains would collaborate to authorize these
certificates.

These certificates were already revoked at the time I found them.


III. Certificates with O=Test

Finally, Symantec has issued a large number of certificates with the
following attributes in the Subject:

        C=KR, ST=test, L=test, O=test, OU=test

e.g.:

        https://crt.sh/?sha256=09AECE5B94BBB8A9EE2152FA6FB7261630124918DA015EB3571508EF6D31DD30
        https://crt.sh/?sha256=CC0A2AE0EF5B1A6CF242D7B4C77AC9F05B49494B42C8486B47804874734CFC1C
        https://crt.sh/?sha256=F177AC0064167354025CE12B3914A0E056628DD31152B5DF22E41913FC9D9B45
        https://crt.sh/?sha256=DA7B1D433C071DA7A389EE2A4CAB854B89E441277B41E608F05FB7C7C6B2A761

For more, see:

        https://crt.sh/?O=test

I doubt there is an organization named "test" located in "test, Korea."

Regards,
Andrew
(Assignee)

Comment 1

6 months ago
Created attachment 8831038 [details]
Symantec Certificate Problem Report Jan 26 2017.pdf

Update provided by Symantec.

Comment 2

6 months ago
Created attachment 8831929 [details]
Report of Independent Accountant - Certisign

Comment 3

6 months ago
Created attachment 8831930 [details]
CERTSUPERIOR 2016 WebTrust

Comment 4

6 months ago
Created attachment 8831931 [details]
Deloitte Point in Time Certsuperior

Comment 5

6 months ago
Created attachment 8831932 [details]
Deloitte Certsuperior Annex A

Comment 6

6 months ago
Created attachment 8831933 [details]
Symantec Responses to Misissuance Questions Jan 30 2017

Comment 7

5 months ago
Created attachment 8836487 [details]
Symantec Second Response to Misissuance Questions - Feb 12 2017

Comment 8

5 months ago
Created attachment 8838825 [details]
Symantec Third Response to Misissuance Questions Feb 17 2017

Comment 9

5 months ago
Created attachment 8843448 [details]
Symantec Fourth Response to Misissuance Questions Mar 3 2017

Comment 10

5 months ago
Created attachment 8843449 [details]
All Audits
(Assignee)

Updated

4 months ago
Component: CA Certificates → CA Certificate Mis-Issuance
Whiteboard: [ca-incident-response]

Updated

4 months ago
Summary: Symantec/CrossCert mis-issued test certificates → Symantec: Mis-issued test certificates by CrossCert

Comment 11

4 months ago
https://arstechnica.com/security/2017/03/google-takes-symantec-to-the-woodshed-for-mis-issuing-30000-https-certs/

Updated

4 months ago
Flags: needinfo?(patrickt)

Updated

4 months ago
Blocks: 1099311

Comment 12

3 months ago
Created attachment 8856531 [details]
Certisign CY2012 WTCA

Certisign's CY2012 WTCA audit

Comment 13

3 months ago
Created attachment 8856532 [details]
CrossCert 2015-2016 WTBR Audit

WebTrust SSL Baseline for CrossCert 7/2015-6/2016

Comment 14

3 months ago
Created attachment 8856742 [details]
Certsuperior 5-2015 4-2016 Corrected Scope

Previously posted Deloitte audit of Certsuperior incorrectly stated scope as WT SSL Baseline only.

Comment 15

3 months ago
Created attachment 8860216 [details]
Mozilla Feedback Consolidated Responses

Updated

3 months ago
Product: mozilla.org → NSS

Comment 16

2 months ago
Created attachment 8867397 [details]
Aetna WTCA 2015

Comment 17

2 months ago
Created attachment 8867398 [details]
Aetna WTBR 2015

Comment 18

2 months ago
Created attachment 8867735 [details]
Symantec Response to Further Questions from Mozilla

Comment 19

2 months ago
Created attachment 8867892 [details]
SSP PROF Common Policy v1.7
You need to log in before you can comment on or make changes to this bug.