Closed Bug 1832338 Opened 2 years ago Closed 2 years ago

Firmaprofesional: 2023 - Ensure Timestamp service Logs Integrity

Categories

(CA Program :: CA Certificate Compliance, task)

Product:
CA Program
Component:
CA Certificate Compliance
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mprieto, Assigned: mprieto)

Details

(Whiteboard: [ca-compliance])

Attachments

(1 file)

LogsTSA.zip
1.23 MB, application/x-zip-compressed
Details
Attached file LogsTSA.zip

Steps to reproduce:

The audit team verified the correct operation of the delivery service qualified electronic time stamps, as well as the entire information life cycle generated and used by it.
However, the audit team did not find any measure to which it could be guaranteed the integrity of the logs generated by the systems.
1. How your CA first became aware of the problem (e.g. via a problem report submitted to your Problem Reporting Mechanism, a discussion in mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and the time and date.
It is a finding identified during the annual eIDAS/ETSI audit being carried out these days.
On 2023-05-08 (CEST):
17:00: During the annual eIDAS audit, this finding was notified by the auditors.

Actual results:

2. A timeline of the actions your CA took in response. A timeline is a date-and-time-stamped sequence of all relevant events. This may include events before the incident was reported, such as when a particular requirement became applicable, or a document changed, or a bug was introduced, or an audit was done.
On 2023-05-09 (CEST):
9:00: Firmaprofesional has analyzed the finding and the root cause of the problem and determined that although the access to the timestamp service logs is restricted to only people with authorized trusted roles, this control had been considered insufficient by the audit team to comply with the requirement to guarantee the integrity of logs.
That day Firmaprofesional decided to use the timestamp of the TSA service logs.
3. Whether your CA has stopped, or has not yet stopped, issuing certificates with the problem. A statement that you have will be considered a pledge to the community; a statement that you have not requires an explanation.
N/A

4. A summary of the problematic certificates. For each problem: number of certs, and the date the first and last certs with that problem were issued.
N/A
5. The complete certificate data for the problematic certificates. The recommended way to provide this is to ensure each certificate is logged to CT and then list the fingerprints or crt.sh IDs, either in the report or as an attached spreadsheet, with one list per distinct problem.
N/A
6. Explanation about how and why the mistakes were made or bugs introduced, and how they avoided detection until now.
Timestamp service logs are restricted to only people with authorized trusted roles; this control had been considered sufficient to comply with the requirement to guarantee the integrity of logs.

Expected results:

7. List of steps your CA is taking to resolve the situation and ensure such issuance will not be repeated in the future, accompanied with a timeline of when your CA expects to accomplish these things.
On 2023-05-09 Time-stamping service logs begin to be sealed with TSA (see LogsTSA.zip attached)

Assignee: nobody → mprieto
Status: UNCONFIRMED → ASSIGNED
Type: defect → task
Ever confirmed: true
Whiteboard: [ca-compliance]

Dear Ben:
This bug was fixed immediately on May 9th. Please, could it be closed?

Flags: needinfo?(bwilson)

Sure. I'll close this on Wed. June 7th unless there are objections.

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Flags: needinfo?(bwilson)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: