Closed Bug 682071 Opened 11 years ago Closed 10 years ago

Root Cleanup to remove or turn off trust bits for legacy and expired root certs

Categories

(NSS :: CA Certificate Root Program, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kwilson, Assigned: kwilson)

References

Details

(Whiteboard: Removed in FF 11)

I have reviewed the root certificates that are currently included in NSS, and I propose that we consider either removing or turning off trust bits for the following root certificates.

CN = Secure Certificate Services
O = Comodo CA Limited
SHA1: 4A:65:D5:F4:1D:EF:39:B8:B8:90:4A:4A:D3:64:81:33:CF:C7:A1:D1
Reason: Not listed in recent audit statement 
http://cert.webtrust.org/SealFile?seal=1082&file=pdf

CN = Trusted Certificate Services
O = Comodo CA Limited
SHA1: E1:9F:E3:0E:8B:84:60:9E:80:9B:17:0D:72:A8:C5:BA:6E:14:09:BD
Reason: Not listed in recent audit statement 
http://cert.webtrust.org/SealFile?seal=1082&file=pdf

CN = NetLock Kozjegyzoi (Class A) Tanusitvanykiado
O = NetLock Halozatbiztonsagi Kft.
SHA1: AC:ED:5F:65:53:FD:25:CE:01:5F:1F:7A:48:3B:6A:74:9F:61:78:C6
Reason: This MD5 root has been replaced by a new root.

CN = NetLock Uzleti (Class B) Tanusitvanykiado
O = NetLock Halozatbiztonsagi Kft.
SHA1: 87:9F:4B:EE:05:DF:98:58:3B:E3:60:D6:33:E7:0D:3F:FE:98:71:AF
Reason: This MD5 root has been replaced by a new root.

CN = NetLock Expressz (Class C) Tanusitvanykiado
O = NetLock Halozatbiztonsagi Kft.
SHA1: E3:92:51:2F:0A:CF:F5:05:DF:F6:DE:06:7F:75:37:E1:65:EA:57:4B
Reason: This MD5 root has been replaced by a new root.

OU = TC TrustCenter Class 2 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 83:8E:30:F7:7F:DD:14:AA:38:5E:D1:45:00:9C:0E:22:36:49:4F:AA
Reason: Expired

OU = TC TrustCenter Class 3 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 9F:C7:96:E8:F8:52:4F:86:3A:E1:49:6D:38:12:42:10:5F:1B:78:F5
Reason: Expired

OU = Class 1 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 90:AE:A2:69:85:FF:14:80:4C:43:49:52:EC:E9:60:84:77:AF:55:6F
Reason: This MD2 root has been replaced by a new root

OU = Class 2 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 67:82:AA:E0:ED:EE:E2:1A:58:39:D3:C0:CD:14:68:0A:4F:60:14:2A
Reason: This MD2 root has been replaced by a new root

OU = Class 3 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2
Reason: This MD2 root has been replaced by a new root

OU = Class 4 Public Primary Certification Authority - G2
O = "VeriSign, Inc."
SHA1: 0B:77:BE:BB:CB:7A:A2:47:05:DE:CC:0F:BD:6A:02:FC:7A:BD:9B:52
Reason: No longer in use.
Status: NEW → ASSIGNED
To the representatives of Comodo, NetLock, TC TrustCenter, and VeriSign/Symantec,

Please review the list above and reply in this bug to indicate whether the listed root certificates may be removed or have certain trust bits turned off.
OS: Mac OS X → All
Hardware: x86 → All
(In reply to Kathleen Wilson from comment #1)
> To the representatives of Comodo, NetLock, TC TrustCenter, and
> VeriSign/Symantec,
> 
> Please review the list above and reply in this bug to indicate whether the
> listed root certificates may be removed or have certain trust bits turned
> off.


All, I realize that we've all been very busy, but I would greatly appreciate your response.

Please take a moment to review the certs listed in this bug and add a comment to this bug to indicate if you agree with removing those certs from NSS or if you still need to keep them in NSS (and why).
> CN = NetLock Kozjegyzoi (Class A) Tanusitvanykiado
> O = NetLock Halozatbiztonsagi Kft.
> SHA1: AC:ED:5F:65:53:FD:25:CE:01:5F:1F:7A:48:3B:6A:74:9F:61:78:C6
> Reason: This MD5 root has been replaced by a new root.
> 
> CN = NetLock Uzleti (Class B) Tanusitvanykiado
> O = NetLock Halozatbiztonsagi Kft.
> SHA1: 87:9F:4B:EE:05:DF:98:58:3B:E3:60:D6:33:E7:0D:3F:FE:98:71:AF
> Reason: This MD5 root has been replaced by a new root.
> 
> CN = NetLock Expressz (Class C) Tanusitvanykiado
> O = NetLock Halozatbiztonsagi Kft.
> SHA1: E3:92:51:2F:0A:CF:F5:05:DF:F6:DE:06:7F:75:37:E1:65:EA:57:4B
> Reason: This MD5 root has been replaced by a new root.

Dear Kathleen, 
Sorry, I missed the letter previosly.

All of those are in use, please keep them in the browser.
The latest govermental regulations endline for new certificate issuance is att the end of 2011. The maximum lifetime for the issued certificates is 2 years, and all of them will expire until the end of 2013. (as the MS and the latest NIST document says).
Sorry for the late response Kathleen,

The following Symantec roots can be removed

OU = TC TrustCenter Class 2 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 83:8E:30:F7:7F:DD:14:AA:38:5E:D1:45:00:9C:0E:22:36:49:4F:AA
Reason: Expired

OU = TC TrustCenter Class 3 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 9F:C7:96:E8:F8:52:4F:86:3A:E1:49:6D:38:12:42:10:5F:1B:78:F5
Reason: Expired

OU = Class 1 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 90:AE:A2:69:85:FF:14:80:4C:43:49:52:EC:E9:60:84:77:AF:55:6F
Reason: This MD2 root has been replaced by a new root

OU = Class 2 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 67:82:AA:E0:ED:EE:E2:1A:58:39:D3:C0:CD:14:68:0A:4F:60:14:2A
Reason: This MD2 root has been replaced by a new root

OU = Class 4 Public Primary Certification Authority - G2
O = "VeriSign, Inc."
SHA1: 0B:77:BE:BB:CB:7A:A2:47:05:DE:CC:0F:BD:6A:02:FC:7A:BD:9B:52
Reason: No longer in use.

We think it is safer to retain the "OU = Class 3 Public Primary Certification Authority" at this stage to avoid issues with legacy issued certificates.

Regards
Tony
(In reply to Kathleen Wilson from comment #1)
> To the representatives of Comodo, NetLock, TC TrustCenter, and
> VeriSign/Symantec,

Please review the list above and reply in this bug to
> indicate whether the listed root certificates may be removed or have certain
> trust bits turned off.
(In reply to Varga Viktor from comment #3)
> > CN = NetLock Kozjegyzoi (Class A) Tanusitvanykiado
> > O = NetLock Halozatbiztonsagi Kft.
> > SHA1: AC:ED:5F:65:53:FD:25:CE:01:5F:1F:7A:48:3B:6A:74:9F:61:78:C6
> > Reason: This MD5 root has been replaced by a new root.
> > 
> > CN = NetLock Uzleti (Class B) Tanusitvanykiado
> > O = NetLock Halozatbiztonsagi Kft.
> > SHA1: 87:9F:4B:EE:05:DF:98:58:3B:E3:60:D6:33:E7:0D:3F:FE:98:71:AF
> > Reason: This MD5 root has been replaced by a new root.
> > 
> > CN = NetLock Expressz (Class C) Tanusitvanykiado
> > O = NetLock Halozatbiztonsagi Kft.
> > SHA1: E3:92:51:2F:0A:CF:F5:05:DF:F6:DE:06:7F:75:37:E1:65:EA:57:4B
> > Reason: This MD5 root has been replaced by a new root.
> 
> Dear Kathleen, 
> Sorry, I missed the letter previosly.
> 
> All of those are in use, please keep them in the browser.
> The latest govermental regulations endline for new certificate issuance is
> att the end of 2011. The maximum lifetime for the issued certificates is 2
> years, and all of them will expire until the end of 2013. (as the MS and the
> latest NIST document says).


Dear Viktor,

Is it the case that the non-expired certs (intermediate and end-entity) under these MD5 roots do not use MD5 themselves?
Hi Kathleen,
 For the two roots of ours in question we would like them to remain in the program for the time being, if possible.  They are held in the same infrastructure and operated to the same WebTrust-audited policy and practices as our other roots.

  Regards

Robin Alden
Comodo
(In reply to Robin Alden from comment #6)
>  For the two roots of ours in question we would like them to remain in the
> program for the time being, if possible.  They are held in the same
> infrastructure and operated to the same WebTrust-audited policy and
> practices as our other roots.

Are certificates still being issued under the "Secure Certificate Services" and "Trusted Certificate Services" roots?

I also noticed that the following three roots are included in NSS, but I could not find them in the recent audit statement. May these three AddTrust roots be removed?

CN = AddTrust Class 1 CA Root
CN = AddTrust Public CA Root
CN = AddTrust Qualified CA Root
> Dear Viktor,
> 
> Is it the case that the non-expired certs (intermediate and end-entity)
> under these MD5 roots do not use MD5 themselves?

Yes.
The issued certs have SHA1 signatures on them. The keys are 2048 bit keys, and the the certificate has some non predictable randomnes too.

So please keep them until the ned of 2013.
(In reply to Kathleen Wilson from comment #7)
> (In reply to Robin Alden from comment #6)
> >  For the two roots of ours in question we would like them to remain in the
> > program for the time being, if possible.  They are held in the same
> > infrastructure and operated to the same WebTrust-audited policy and
> > practices as our other roots.
> 
> Are certificates still being issued under the "Secure Certificate Services"
> and "Trusted Certificate Services" roots?
>
> I also noticed that the following three roots are included in NSS, but I
> could not find them in the recent audit statement. May these three AddTrust
> roots be removed?
> 
> CN = AddTrust Class 1 CA Root
> CN = AddTrust Public CA Root
> CN = AddTrust Qualified CA Root

We've not used these 5 Roots actively for a while, but they all remain in-scope for issuing certificates.  We've not yet determined if/when to return them to active use.

They are not listed in our audit report simply because our auditors (for reasons best known to themselves!) only list Roots from which certificates were issued during the period since the previous audit.
For this round of root cleanup, I will recommend that the following root certificates be removed:

OU = TC TrustCenter Class 2 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 83:8E:30:F7:7F:DD:14:AA:38:5E:D1:45:00:9C:0E:22:36:49:4F:AA
Reason: Expired

OU = TC TrustCenter Class 3 CA
O = TC TrustCenter for Security in Data Networks GmbH
SHA1: 9F:C7:96:E8:F8:52:4F:86:3A:E1:49:6D:38:12:42:10:5F:1B:78:F5
Reason: Expired

OU = Class 1 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 90:AE:A2:69:85:FF:14:80:4C:43:49:52:EC:E9:60:84:77:AF:55:6F
Reason: This MD2 root has been replaced by a new root

OU = Class 2 Public Primary Certification Authority
O = "VeriSign, Inc."
SHA1: 67:82:AA:E0:ED:EE:E2:1A:58:39:D3:C0:CD:14:68:0A:4F:60:14:2A
Reason: This MD2 root has been replaced by a new root

OU = Class 4 Public Primary Certification Authority - G2
O = "VeriSign, Inc."
SHA1: 0B:77:BE:BB:CB:7A:A2:47:05:DE:CC:0F:BD:6A:02:FC:7A:BD:9B:52
Reason: No longer in use.
(In reply to Kathleen Wilson from comment #10)
> For this round of root cleanup, I will recommend that the following root
> certificates be removed:
> 

I have posted this information in the m.d.s.policy discussion forum.
Whiteboard: In public discussion
I have closed the discussion in mozilla.dev.security.policy about removing these root certificates. No concerns were raised.

I will file the NSS bug for the actual changes.
Depends on: 708009
I have filed bug #708009 for the actual changes in NSS.
Whiteboard: In public discussion → Approved - awaiting NSS
I have confirmed that in FF 11 the root certs listed in Comment #10 are not longer Builtin Object Tokens.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Whiteboard: Approved - awaiting NSS → Removed in FF 11
Product: mozilla.org → NSS
You need to log in before you can comment on or make changes to this bug.