Remove inactive RSA Security 1024 V3 root

RESOLVED FIXED

Status

NSS
CA Certificate Root Program
--
enhancement
RESOLVED FIXED
7 years ago
2 months ago

People

(Reporter: Kathleen Wilson, Assigned: Kathleen Wilson)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

7 years ago
There appears to be two legacy roots that are owned by RSA and still
included in NSS. I am waiting for a representative from RSA to confirm that the
following two roots may be disabled:

OU = ValiCert Class 3 Policy Validation Authority
CN = http://www.valicert.com/
1999 Jun 25 to 2019 Jun 25
1024, SHA-1

And

OU = RSA Security 1024 V3        
2001 Feb 22 to 2026 Feb 22    
1024, SHA-1
(Assignee)

Comment 1

7 years ago
I have exchanged email with both RSA and VeriSign, and both have stated that they do not own the "RSA Security 1024 V3" root certificate.

Therefore, I will recommend that the "RSA Security 1024 V3" root certificate be removed from NSS.

RSA has stated that they own the"ValiCert Class 3 Policy Validation Authority" root certificate. However, there does not appear to be a recent audit that covers this root.

Therefore, I plan to recommend that the "ValiCert Class 3 Policy Validation Authority" root certificate be disabled in NSS. I am waiting for response from RSA as to when the last end-entity cert under this root expires, and if the email trust bit should remain enabled.
(Assignee)

Comment 2

7 years ago
I received the following in email from an RSA representative:
--
The ValiCert Class 3 root is still actively in use for certificate
validation and cannot be disabled at this time.  

In the past we used the ValiCert Class 3 root to sign the RSA Public
Root CA cert that is covered under our WebTrust audit and is used for
the actual issuance of customer CA certs under our RSA Root Signing
Service.  No new CA signings are being performed under the ValiCert
Class 3 root hierarchy, but there are customers that still have active
certificates chaining to the ValiCert Class 3 root.
...
I would recommend a target date of no earlier than 1/1/2012 for disabling the ValiCert Class 3 root.
--

I have confirmed that the recent WebTrust audit report covers the "RSA Public Root CA V1" and "RSA Security 2048 V3" root certificates.
https://cert.webtrust.org/SealFile?seal=981&file=pdf

Therefore, in this bug I will only propose that the "RSA Security 1024 V3" root certificate be removed from NSS.
(Assignee)

Comment 3

7 years ago
I am now opening the public discussion period for this request to remove the "RSA Security 1024 V3" root certificate from NSS.

Public discussion will be in the mozilla.dev.security.policy newsgroup and the
corresponding dev-security-policy@lists.mozilla.org mailing list.

http://www.mozilla.org/community/developer-forums.html
https://lists.mozilla.org/listinfo/dev-security-policy
news://news.mozilla.org/mozilla.dev.security.policy

The discussion thread is called “Recommend Removing RSA Security 1024 V3 root certificate authority”

Please actively review, respond, and contribute to the discussion.
Status: NEW → ASSIGNED
Summary: Remove or Disable Legacy RSA roots → Remove RSA Security 1024 V3 root
Whiteboard: In public discussion

Comment 4

7 years ago
I'm no longer involved with NSS and I'm not going to participate in newsgroup discussions. bugzilla should be sufficient for this. As the one who did the checkin for this cert, I will say that the certs were verified by at least 3 people internally before checkin and I'm surprised that someone is disclaiming ownership of the root. Unfortunately, company e-mail records are no longer available and all the people involved have moved on. If possible, I would recommend a search for public SSL servers that have certificates chaining to this root to see if it appears to have ever been used.
(Assignee)

Comment 5

7 years ago
I have received email from official representatives of RSA confirming that RSA did indeed create the "RSA Security 1024 V3" root certificate that is currently included in NSS.

In regards to my previous statement from Comment #1: "I have exchanged email with both RSA and VeriSign, and both have stated that they do not own the "RSA Security 1024 V3" root certificate."

I probably should have been more cautious about how I worded that statement. The response that I regularly got from RSA when requesting information about this root was:
"The RSA Root Signing Service (RSS) has two active Root CAs:
- http://www.valicert.com/ (AKA "ValiCert Class 3 Policy Validation Authority" )
- RSA Security 2048 V3"

Comment 6

7 years ago
Kathleen,

OK. That's a very different situation then, if we know that RSA owns the private key, but is just no longer issuing certs with that root. Unless the key was compromised, there is no security risk posed by trusting this root.

Depending on the last activity date for this root (which should be provided by RSA), we may or may not want to remove this root. The process for dealing with inactive roots in general should be followed. In the past, old roots were simply kept. What's a little different about this one is that it isn't expired yet, and it doesn't expire for a long time still. I don't believe the Mozilla certificate policy addresses how to deal with inactive roots either way. I think unless the root CA private key was compromised, we may want to treat this bug as a WONTFIX.
Summary: Remove RSA Security 1024 V3 root → Remove inactive RSA Security 1024 V3 root

Comment 7

7 years ago
Nonoono...please see https://wiki.mozilla.org/CA:Root_Change_Process#Remove_a_Root
This must be fixed obviously. There is nobody taking any responsibility and the root isn't audited.
(Assignee)

Comment 8

7 years ago
RSA has confirmed that they are in possession of the private key for the "RSA Security 1024 V3" root certificate. RSA agrees that this root should be removed from NSS.

There is no recent audit for this "RSA Security 1024 V3" root certificate, because it is no longer in use. Therefore, I will continue with the root removal process as described in 
https://wiki.mozilla.org/CA:Root_Change_Process#Remove_a_Root
(Assignee)

Comment 9

7 years ago
The public comment period for this request is now over. 

This request has been evaluated as per
https://wiki.mozilla.org/CA:Root_Change_Process

Based on the recent response from RSA, and the input provided during the public discussion, it is clear that this "RSA Security 1024 V3" root certificate should be removed from NSS.

On behalf of the Mozilla project I approve this request to remove the following root certificate from NSS:

OU = RSA Security 1024 V3
O = RSA Security Inc
Valid From: 2/22/01
Valid To: 2/22/26
SHA1 Fingerprint:
3C:BB:5D:E0:FC:D6:39:7C:05:88:E5:66:97:BD:46:2A:BD:F9:5C:76

I will file the NSS bug to effect the approved change.
Whiteboard: In public discussion → Approved - awaiting NSS
(Assignee)

Updated

7 years ago
Depends on: 557937
(Assignee)

Comment 10

7 years ago
I have filed bug #557937 against NSS for the actual changes.
Is it the case that all the certs ever issued subordinate to this root
are now believed to be expired?  
If so, how recently did the last one expire?
(Assignee)

Comment 12

7 years ago
Nelson, It doesn't sound like this root was ever actively used. The following is from an email from RSA on April 6: "The RSA Security 1024 V3 root was created along with the RSA Security 2048 v3 root back in February 2001, but it is not a root that RSA employs or has ever been active to deliver the RSS or any other service."
(Assignee)

Updated

7 years ago
Whiteboard: Approved - awaiting NSS → Waiting for Firefox to take fixed NSS
Thanks for this added information, Kathleen.  That satisfies all my remaining
concerns.
(Assignee)

Comment 14

7 years ago
In Firefox 3.6.7.
Status: ASSIGNED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Whiteboard: Waiting for Firefox to take fixed NSS

Updated

2 months ago
Product: mozilla.org → NSS
You need to log in before you can comment on or make changes to this bug.