I am now opening this proposal up to public discussion. Please respond to this discussion if you have any knowledge of this root that would help in making this decision.
By the way, To see the complete list of all of the root certificate authorities that are included in NSS, and who currently owns/operates them, go to http://www.mozilla.org/projects/security/certs/ and click on the "List of all included root certificates" link. This will display the public and published version of a spreadsheet that I maintain. There is a column called "Company Website" which indicates the current owner of each root.
> I propose that the "RSA Security 1024 V3" root certificate authority be > removed from NSS.
> OU = RSA Security 1024 V3 > O = RSA Security Inc > Valid From: 2/22/01 > Valid To: 2/22/26 > SHA1 Fingerprint: > 3C:BB:5D:E0:FC:D6:39:7C:05:88:E5:66:97:BD:46:2A:BD:F9:5C:76
> I have not been able to find the current owner of this root. Both RSA > and VeriSign have stated in email that they do not own this root.
> Therefore, to my knowledge this root has no current owner and no current > audit, and should be removed from NSS.
Who owns the cert named "RSA Security 2048 V3"? It was put into nssckbi at the same time as the 1024 v3 cert. Is that one also owned by nobody? If so, let's nuke 'em both together.
> On 4/3/10 2:19 AM, Kathleen Wilson wrote: >> I have not been able to find the current owner of this root. Both RSA >> and VeriSign have stated in email that they do not own this root.
>> Therefore, to my knowledge this root has no current owner and no >> current audit, and should be removed from NSS.
> I concur.
> Separately, do we know how a root with such a name (if RSA was not the > owner) was installed?
> Separately, do we know how a root with such a name (if RSA was not > the owner) was installed?
They do not own it now, but the company likely created it.
For instance, the Equifax root isn't controlled by Equifax anymore, and there a couple of such examples. There was a time when roots were traded heavily.
> I have not been able to find the current owner of this root. Both RSA > and VeriSign have stated in email that they do not own this root.
That's rather worrying. Do we know for certain that one or other created it originally? Do we know if it's in any other root stores other than our own?
The lack of transparency in 2002 re: the source of added roots means we have no idea whether e.g. some malicious actor slipped an extra one into whatever list they were keeping internally to Netscape, and has been MITMing people ever since.
> On 02/04/10 18:19, Kathleen Wilson wrote: >> I have not been able to find the current owner of this root. Both RSA >> and VeriSign have stated in email that they do not own this root.
> That's rather worrying. Do we know for certain that one or other created > it originally?
Both "RSA Security 1024 V3" and "RSA Security 2048 V3" have the same validity dates of 2001 Feb 22 to 2026 Feb 22. I believe that both of these roots were created by RSA. I have not been able to ascertain from RSA whether the "RSA Security 1024 V3" root has been simply retired by RSA versus transferred to another company via M&A activity.
On Apr 5, 2:53 pm, Kathleen Wilson <kathleen95...@yahoo.com> wrote:
> Both "RSA Security 1024 V3" and "RSA Security 2048 V3" have the same > validity dates of 2001 Feb 22 to 2026 Feb 22. I believe that both of > these roots were created by RSA.
The same validity range is not a proof of any kind. It should really be checked if this CA was created by RSA or - which i do hope not - is a rogue one by someone who just set the same date range in his certificate and then somehow got it included.
This could be a utter security desaster. Lets hope it isn't.
> Both "RSA Security 1024 V3" and "RSA Security 2048 V3" have the same > validity dates of 2001 Feb 22 to 2026 Feb 22. I believe that both of > these roots were created by RSA.
Do you believe that based solely on the validity dates?
If I had access to the machine of a Netscape NSS developer who was about to update the root store, and I wanted to slip in a cert I had the private key for, I'd add another entry to the store which was very similar to an existing one but with one obvious difference, so that people would assume they were a set.
Perhaps this is far-fetched and paranoid. But the fact that RSA know nothing whatsoever about this root is rather concerning.
> Both "RSA Security 1024 V3" and "RSA Security 2048 V3" are shown as > valid in Apple's System Roots.
Hmm. Do we have contacts at Apple who we can ask to see if they have documentation on the provenance of this root?
According to bonsai, the certificate was installed in version 1.17 (http://bonsai.mozilla.org/cvsview2.cgi? diff_mode=context&whitespace_mode=show&subdir=mozilla/security/nss/lib/ ckfw/ builtins&command=DIFF_FRAMESET&file=certdata.txt&rev1=1.16&rev2=1.17&root=/ cvsroot) by Julien Pierre as part of bug #139874 (https:// bugzilla.mozilla.org/show_bug.cgi?id=139874).
> According to bonsai, the certificate was installed in version 1.17 > (http://bonsai.mozilla.org/cvsview2.cgi? > diff_mode=context&whitespace_mode=show&subdir=mozilla/security/nss/lib/ > ckfw/ > builtins&command=DIFF_FRAMESET&file=certdata.txt&rev1=1.16&rev2=1.17&root=/ > cvsroot) by Julien Pierre as part of bug #139874 (https:// > bugzilla.mozilla.org/show_bug.cgi?id=139874).
You should better reread that message. Valicert has nothing to do with this. The "RSA Security 1024 V3" CA was only shown as an example of a CA by RSA in that message.
> You should better reread that message. Valicert has nothing to do with > this. The "RSA Security 1024 V3" CA was only shown as an example of a > CA by RSA in that message.
You are absolutely correct, I shall return to my corner now (and try to determine why Google isn't using my real name).
I have received email from official representatives of RSA confirming that RSA did indeed create the "RSA Security 1024 V3" root certificate that is currently included in NSS (Netscape/Mozilla) and also in Apple's root cert store.
Kathleen, I'm glad to hear that you've received confirmation that RSA Security did indeed create this Root Certificate. However, the fact that "Both RSA and VeriSign have stated in email that they do not own this root" begs the question: Who (if anyone) possesses the private key now?
IMHO, this Root Certificate should definitely be removed from NSS unless the current owner steps forward and: 1. Asks for it to not be removed, and... 2. Provides evidence that it is covered by an appropriate audit, and... 3. Provides evidence that the private key has been kept secure since it was initially created by RSA Security.
On Tuesday 06 April 2010 20:22:04 Kathleen Wilson wrote:
> I have received email from official representatives of RSA confirming > that RSA did indeed create the "RSA Security 1024 V3" root certificate > that is currently included in NSS (Netscape/Mozilla) and also in Apple's > root cert store. > _______________________________________________ > dev-security-policy mailing list > dev-security-pol...@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
Rob Stradling Senior Research & Development Scientist C·O·M·O·D·O - Creating Trust Online Office Tel: +44.(0)1274.730505 Office Fax: +44.(0)1274.730909 www.comodo.com
Comodo CA Limited, Registered in England No. 04058690 Registered Office: 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to the e-mail containing this attachment. Replies to this email may be monitored by Comodo for operational or business reasons. Whilst every endeavour is taken to ensure that e-mails are free from viruses, no liability can be accepted and the recipient is requested to use their own virus checking software.
On Tuesday 06 April 2010 22:04:07 Rob Stradling wrote:
> Kathleen, I'm glad to hear that you've received confirmation that RSA > Security did indeed create this Root Certificate. However, the fact that > "Both RSA and VeriSign have stated in email that they do not own this > root" begs the question: > Who (if anyone) possesses the private key now?
> IMHO, this Root Certificate should definitely be removed from NSS unless > the current owner steps forward and: > 1. Asks for it to not be removed, and... > 2. Provides evidence that it is covered by an appropriate audit, and... > 3. Provides evidence that the private key has been kept secure since it was > initially created by RSA Security.
Kathleen, are you satisfied that the private keys for all the other Root Certificates currently in NSS (especially those added back in the Netscape era) were created securely and have always been held securely?
Or are there any others that need to be investigated in the same manner that you've just been doing with "RSA Security 1024 V3"?
> On Tuesday 06 April 2010 20:22:04 Kathleen Wilson wrote: > > I have received email from official representatives of RSA confirming > > that RSA did indeed create the "RSA Security 1024 V3" root certificate > > that is currently included in NSS (Netscape/Mozilla) and also in Apple's > > root cert store. > > _______________________________________________ > > dev-security-policy mailing list > > dev-security-pol...@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-security-policy
> Rob Stradling > Senior Research & Development Scientist > C·O·M·O·D·O - Creating Trust Online > Office Tel: +44.(0)1274.730505 > Office Fax: +44.(0)1274.730909 > www.comodo.com
> Comodo CA Limited, Registered in England No. 04058690 > Registered Office: > 3rd Floor, 26 Office Village, Exchange Quay, > Trafford Road, Salford, Manchester M5 3EQ
> This e-mail and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error please notify the sender by > replying to the e-mail containing this attachment. Replies to this email > may be monitored by Comodo for operational or business reasons. Whilst > every endeavour is taken to ensure that e-mails are free from viruses, no > liability can be accepted and the recipient is requested to use their own > virus checking software. > _______________________________________________ > dev-security-policy mailing list > dev-security-pol...@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy
Rob Stradling Senior Research & Development Scientist C·O·M·O·D·O - Creating Trust Online Office Tel: +44.(0)1274.730505 Office Fax: +44.(0)1274.730909 www.comodo.com
Comodo CA Limited, Registered in England No. 04058690 Registered Office: 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to the e-mail containing this attachment. Replies to this email may be monitored by Comodo for operational or business reasons. Whilst every endeavour is taken to ensure that e-mails are free from viruses, no liability can be accepted and the recipient is requested to use their own virus checking software.
> Perhaps this is far-fetched and paranoid. But the fact that RSA know > nothing whatsoever about this root is rather concerning.
In case it's not clear by now, this is not true, RSA did create the root, and any suggestion that the private key is in the hands of unknown people was wild speculation on my part utterly unbacked by evidence.
> On Tuesday 06 April 2010 22:04:07 Rob Stradling wrote: >> Kathleen, I'm glad to hear that you've received confirmation that RSA >> Security did indeed create this Root Certificate. However, the fact that >> "Both RSA and VeriSign have stated in email that they do not own this >> root" begs the question: >> Who (if anyone) possesses the private key now?
>> IMHO, this Root Certificate should definitely be removed from NSS unless >> the current owner steps forward and: >> 1. Asks for it to not be removed, and... >> 2. Provides evidence that it is covered by an appropriate audit, and... >> 3. Provides evidence that the private key has been kept secure since it was >> initially created by RSA Security.
Email from RSA indicates that this "RSA Security 1024 V3" root is retired and should be removed from NSS.
> Kathleen, are you satisfied that the private keys for all the other Root > Certificates currently in NSS (especially those added back in the Netscape > era) were created securely and have always been held securely?
> Or are there any others that need to be investigated in the same manner that > you've just been doing with "RSA Security 1024 V3"?
This was the only root that I could not get answers from a CA from in regards to recent audit, state of the root, and recommendation to remove or disable the root.
To see the complete list of all of the root certificate authorities that are included in NSS, and who currently owns/operates them, go to http://www.mozilla.org/projects/security/certs/ and click on the "List of all included root certificates" link. This will display the public and published version of a spreadsheet that I maintain. There is a column called "Company Website" which indicates the current owner of each root.
> On 4/6/10 2:24 PM, Rob Stradling wrote: > > On Tuesday 06 April 2010 22:04:07 Rob Stradling wrote: > >> Kathleen, I'm glad to hear that you've received confirmation that RSA > >> Security did indeed create this Root Certificate. However, the fact > >> that "Both RSA and VeriSign have stated in email that they do not own > >> this root" begs the question: > >> Who (if anyone) possesses the private key now?
> >> IMHO, this Root Certificate should definitely be removed from NSS unless > >> the current owner steps forward and: > >> 1. Asks for it to not be removed, and... > >> 2. Provides evidence that it is covered by an appropriate audit, and... > >> 3. Provides evidence that the private key has been kept secure since it > >> was initially created by RSA Security.
> Email from RSA indicates that this "RSA Security 1024 V3" root is > retired and should be removed from NSS.
> > Kathleen, are you satisfied that the private keys for all the other Root > > Certificates currently in NSS (especially those added back in the > > Netscape era) were created securely and have always been held securely?
> > Or are there any others that need to be investigated in the same manner > > that you've just been doing with "RSA Security 1024 V3"?
> This was the only root that I could not get answers from a CA from in > regards to recent audit, state of the root, and recommendation to remove > or disable the root.
> To see the complete list of all of the root certificate authorities that > are included in NSS, and who currently owns/operates them, go to > http://www.mozilla.org/projects/security/certs/ and click on the "List > of all included root certificates" link. This will display the public > and published version of a spreadsheet that I maintain. There is a > column called "Company Website" which indicates the current owner of > each root.
Rob Stradling Senior Research & Development Scientist C·O·M·O·D·O - Creating Trust Online Office Tel: +44.(0)1274.730505 Office Fax: +44.(0)1274.730909 www.comodo.com
Comodo CA Limited, Registered in England No. 04058690 Registered Office: 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to the e-mail containing this attachment. Replies to this email may be monitored by Comodo for operational or business reasons. Whilst every endeavour is taken to ensure that e-mails are free from viruses, no liability can be accepted and the recipient is requested to use their own virus checking software.
> On 06/04/10 16:15, Gervase Markham wrote: >> Perhaps this is far-fetched and paranoid. But the fact that RSA know >> nothing whatsoever about this root is rather concerning.
> In case it's not clear by now, this is not true, RSA did create the > root, and any suggestion that the private key is in the hands of > unknown people was wild speculation on my part utterly unbacked by > evidence.
Errr...RSA and Verisign both indicated that they didn't own the root NOW...or something like this. RSA probably created it though.
An official representative of RSA has sent me email to confirm that RSA is still in possession of the private key for the "RSA Security 1024 V3" root certificate.
RSA has also agreed that the "RSA Security 1024 V3" root certificate should be removed from NSS.
> An official representative of RSA has sent me email to confirm that > RSA is still in possession of the private key for the "RSA Security > 1024 V3" root certificate.
> RSA has also agreed that the "RSA Security 1024 V3" root certificate > should be removed from NSS.
Excellent, so all is fine then. And the root can be removed.
> > An official representative of RSA has sent me email to confirm that > > RSA is still in possession of the private key for the "RSA Security > > 1024 V3" root certificate.
> > RSA has also agreed that the "RSA Security 1024 V3" root certificate > > should be removed from NSS.
> Excellent, so all is fine then. And the root can be removed.
