Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Server Gated Cryptography

26 views
Skip to first unread message

Gervase Markham

unread,
Jan 19, 2009, 5:11:33 PM1/19/09
to
Does anyone know where I can find a definitive list of browsers for whom
SGC is helpful? That is to say, a list of browsers for which, if I
connected to a site with an SGC certificate, would provide a higher
grade of encryption than if I connected to an identical site with a
non-SGC certificate?

Also, are there technical reasons why some CAs cannot issue SGC
certificates? Does it require specially-marked roots?

Thanks,

Gerv

Nelson Bolyard

unread,
Jan 19, 2009, 9:43:46 PM1/19/09
to
Gervase Markham wrote, On 2009-01-19 14:11:
> Does anyone know where I can find a definitive list of browsers for whom
> SGC is helpful? That is to say, a list of browsers for which, if I
> connected to a site with an SGC certificate, would provide a higher
> grade of encryption than if I connected to an identical site with a
> non-SGC certificate?

You appear to be asking specifically about Microsoft's SGC, which (as you
may know) is quite different than "SSL Step Up", which is what was
implemented in Netscape and Mozilla products long long ago.

SGC was implemented in Windows' SSL DLL known as SChannel. AFAIK, it was
used only in various versions of IE, and products that embedded IE browsers
into them. This includes the version of IE that ran on MacOS, IINM.

Do you mean to ask only about SGC? or do you mean to ask about SGC and all
similar schemes, such as SSL Step Up?

> Also, are there technical reasons why some CAs cannot issue SGC
> certificates? Does it require specially-marked roots?

There are (or were) technical reasons that were side effects of legal
reasons. Yes, it required specially marked roots.

Jean-Marc Desperrier

unread,
Jan 20, 2009, 8:47:16 AM1/20/09
to
Gervase Markham wrote:
> Does anyone know where I can find a definitive list of browsers for whom
> SGC is helpful? That is to say, a list of browsers for which, if I
> connected to a site with an SGC certificate, would provide a higher
> grade of encryption than if I connected to an identical site with a
> non-SGC certificate?

I'll assume you mean to ask about SGC and all similar schemes, such as
SSL Step Up.

The list is constituted of the export versions of browsers subject to US
export restriction that were produced before the restriction was lifted
back in well it must be around 2001, so that's IE until 5.01, Netscape
until around the 4.6 version (you remember it went up to 4.78 or maybe
4.8 ?).

All of them are unsupported with major security issues.

One could find oneself using that by installing the first version of
Windows 2000 (or an even earlier OS), and not installing any update. The
survival time of such a configuration on the internet is probably
counted in seconds.

> Also, are there technical reasons why some CAs cannot issue SGC
> certificates? Does it require specially-marked roots?

Yes, those browsers allowed SGC/Step-up only for a restricted list of
pre-installed root CA certificates.

srdav...@gmail.com

unread,
Jan 20, 2009, 2:48:51 PM1/20/09
to

> Yes, those browsers allowed SGC/Step-up only for a restricted list of
> pre-installed root CA certificates.

Anyone have a list of the specific roots that are SGC enabled? Many
of them must be due for expiry soon.
Is the intent to renew/replace them with SGC super-powers, or to let
SGC fade away?

Nelson B Bolyard

unread,
Jan 20, 2009, 10:53:44 PM1/20/09
to mozilla's crypto code discussion list
srdav...@gmail.com wrote, On 2009-01-20 11:48:
>> Yes, those browsers allowed SGC/Step-up only for a restricted list of
>> pre-installed root CA certificates.
>
> Anyone have a list of the specific roots that are SGC enabled?
> Many of them must be due for expiry soon.

SSL Step Up is different from SGC. Certs that are marked as valid
for SGC are not necessarily also valid for SSL Step Up, and vice versa.
Both SSL Step Up and SGC have separate OIDs that enable them.

In Mozilla products, no roots have ever been SGC enabled.
Some roots were, and still are, marked as trusted for SSL Step Up.
Here's a list.

Verisign/RSA Secure Server CA
GTE CyberTrust Root CA
GTE CyberTrust Global Root
Thawte Server CA
Thawte Premium Server CA
ABAecom (sub., Am. Bankers Assn.) Root CA
Digital Signature Trust Co. Global CA 1
Digital Signature Trust Co. Global CA 2
Digital Signature Trust Co. Global CA 3
Digital Signature Trust Co. Global CA 4
Verisign Class 3 Public Primary Certification Authority
Verisign Class 4 Public Primary Certification Authority - G2
Verisign Class 4 Public Primary Certification Authority - G3

> Is the intent to renew/replace them with SGC super-powers, or to let
> SGC fade away?

SSL Step Up is completely moot in all Mozilla (and Netscape) browsers made
since year 2001 or 2002. It was only ever relevant to "export" class
browsers exported from the USA. That does not include any Mozilla browser
made since PSM was integrated into Mozilla.

Today, if there remains ANY relevance of SSL Step Up (or SGC) to anything,
it is only to the extent that export client products developed in the USA
before year 2002 are still in use. Some of us believe that few, if any,
such clients are still in use. The security concerns for any such old
products would be very grave indeed.

I suspect that the reason for Gerv's inquiry was to try to collect
statistics on the number of such clients actually still in use. It is
necessary to know which clients to look for when amassing such stats.

The set of browsers using SGC would include products that embed IE's
http engine and run on old export-grade versions of Windows, probably
pre-dating XP.

Gervase Markham

unread,
Jan 20, 2009, 11:33:08 PM1/20/09
to
Nelson B Bolyard wrote:
> In Mozilla products, no roots have ever been SGC enabled.
> Some roots were, and still are, marked as trusted for SSL Step Up.
> Here's a list.

Is the marking internal to or external to the cert? The fact that you
say no certs have ever been SGC-enabled makes me suspect that it's the
latter, because some of the major certs on the list are ones I would
expect to be SGC-enabled in IE.

If it is the latter, what would be the effect of us removing the SSL
Step Up trust bit in NSS for the list of roots you give?

Gerv

Nelson Bolyard

unread,
Jan 20, 2009, 11:53:05 PM1/20/09
to
Gervase Markham wrote, On 2009-01-20 20:33:
> Nelson B Bolyard wrote:
>> In Mozilla products, no roots have ever been SGC enabled.
>> Some roots were, and still are, marked as trusted for SSL Step Up.
>> Here's a list.
>
> Is the marking internal to or external to the cert? The fact that you
> say no certs have ever been SGC-enabled makes me suspect that it's the
> latter, because some of the major certs on the list are ones I would
> expect to be SGC-enabled in IE.

SSL Step Up is enabled by a trust flag. There has never been any UI for
setting or clearing that flag. It is set "at the factory". Any CA cert
added by the browser will not have that flag. If a root CA cert that has
that flag is deleted and re-added, it will no longer have that flag.

> If it is the latter, what would be the effect of us removing the SSL
> Step Up trust bit in NSS for the list of roots you give?

No effect whatsoever. The bit has no effect today in any Mozilla browser
produced in the last 6 years (at least). It is purely a historic artifact,
of interest now only to software historians and archeologists, and some CAs
who still sell certs with those OIDs as holy relics. The only way you could
have any effect would be to retroactively remove that trust bit in browsers
that are now 6+ years old.

SGC and SSL Step up are simply irrelevant to modern browsers. They may have
some slight relevance to ancient browsers still in use, but I doubt it. I
hope no-one is doing online banking with Netscape Communicator 4.5!

> Gerv

Gervase Markham

unread,
Jan 26, 2009, 8:27:08 AM1/26/09
to
Nelson Bolyard wrote:
>> If it is the latter, what would be the effect of us removing the SSL
>> Step Up trust bit in NSS for the list of roots you give?
>
> No effect whatsoever.

Super. Would you care to file a bug to do that, or shall I? :-)

Gerv

Nelson B Bolyard

unread,
Jan 26, 2009, 4:15:52 PM1/26/09
to mozilla's crypto code discussion list

What would the motive be for writing a patch that has no effect?

Kyle Hamilton

unread,
Jan 26, 2009, 5:38:03 PM1/26/09
to mozilla's crypto code discussion list
"what is THIS bit? And why is it set on some and not others?" It's
vestigial, and it should be removed simply as good housekeeping.

If this is the attitude of all of the Mozilla devs, no wonder it's
impossible to figure out the codebase without devoting weeks to
studying it.

I humbly suggest the adoption of this rule: reduce complexity where
possible, to reduce the cost of entry. It doesn't help to have a
"write a patch to fix it" attitude (very common in open-source
projects) when it costs appreciable time (weeks or months) to figure
out the code to figure out where the problem actually is -- and this
reduces the number of patches that are submitted.

-Kyle H

On Mon, Jan 26, 2009 at 1:15 PM, Nelson B Bolyard <nel...@bolyard.me> wrote:
> Gervase Markham wrote, On 2009-01-26 05:27:

> What would the motive be for writing a patch that has no effect?

> --
> dev-tech-crypto mailing list
> dev-tec...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>

Gervase Markham

unread,
Jan 28, 2009, 8:49:59 AM1/28/09
to
Nelson B Bolyard wrote:
> What would the motive be for writing a patch that has no effect?

Because any CA which still uses Step Up or SGC to sell their certs over
those of their competitors is either just using FUD or is promoting the
use of insecure browsers. I want our code to have nothing to do with
encouraging the suggestion that these technologies are still relevant,
and one way to do that is to say that we've removed support for it.

Gerv

0 new messages