info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
QuoVadis: Failure to revoke key-compromised certificates within 24 hours
197 views
Skip to first unread message
Matt Palmer
Mar 22, 2020, 1:23:28 AM3/22/20
to mozilla-dev-s...@lists.mozilla.org
Three certificates were reported as having private keys which had
been publicly disclosed, by e-mailing compl...@quovadisglobal.com at
2020-03-20 03:05:14 UTC. E-mail was received by a QuoVadis server at
2020-03-20 03:05:18 UTC. As of 2020-03-22 05:17:37, OCSP still shows all of
these certificates as being "Good".
The unrevoked certificates are:
https://crt.sh/?id=2605016622
https://crt.sh/?id=1757153116
https://crt.sh/?id=1432019792
Interestingly, at least one other certificate using the same private key as
each of the above certificates, and also issued by QuoVadis, are now showing
as revoked, suggesting that (a) QuoVadis did indeed consider the private
keys as compromised, and (b) there are no caching or delayed publishing
issues at play here.
- Matt
been publicly disclosed, by e-mailing compl...@quovadisglobal.com at
2020-03-20 03:05:14 UTC. E-mail was received by a QuoVadis server at
2020-03-20 03:05:18 UTC. As of 2020-03-22 05:17:37, OCSP still shows all of
these certificates as being "Good".
The unrevoked certificates are:
https://crt.sh/?id=2605016622
https://crt.sh/?id=1757153116
https://crt.sh/?id=1432019792
Interestingly, at least one other certificate using the same private key as
each of the above certificates, and also issued by QuoVadis, are now showing
as revoked, suggesting that (a) QuoVadis did indeed consider the private
keys as compromised, and (b) there are no caching or delayed publishing
issues at play here.
- Matt
Stephen Davidson
Mar 22, 2020, 10:03:10 PM3/22/20
to Mozilla, Matt Palmer
Hello:
(Apologies if multiple copies of this are received. The initial send was bounced by mdsp.)
Summary: The certificates noted in Matt Palmer's email below were not in his original problem report to QuoVadis. The certificates he reported were revoked in a time manner, and we acknowledged that additional certificates existed using the compromised private keys, and that they would be revoked as we identified them. The client was notified of these additional certificates this morning which are scheduled to be revoked tonight.
Detail: An email was received from Matt Palmer on Friday 3/20/2020 at 12:05 AM AST reporting compromised private keys for certificates with the following SPKI fingerprints.
6ca25b96d613ed380d4285a450b1737346ab167bb32dcd8289f4bb9445e4521f
051c7cd46144458d508021dd721460b718c8bf5b3a4a20cfb2a7d9dd1f25470e
1737e8265beefa81310deaacb8e957231fc412f1babb5c3b4fe59b0dcae09cf7
1e71edcb5c1c93180ce063cb50e11ea5867638ec8af9f0be39c8da618e41dd3a
37c5f57216ce204702c60587e0f0b6c821f9ebb145129a780512f444e48d79fe
4a92dfd0de92af47e2a0b90f50854316bb07cc58ceb5dd82f817de51f7f8851d
5eef28fbfe1e59b19d4b7db546d95701ea618aef0ed355a2b7f41ebaf5bd07d7
7cf87d510b4bd8899ea9c48956e8fdc6893778c613148fd174d7d1a030797dc1
8317e90c1fcc6398b4530554d298a4d9268ca115806e231a1b7e9744930ea535
84adaec99f45eb4412fab4b4553670c56e920d998d7bc7611193568f88a000a0
91c1befee55e20f7d972aef5305083cf4ee0c9c951e17516fcfe51a372450839
9f6d02a745bfcc796d3270ed25f5a01654d503f464f50d2274c297b58567193e
aad925a8b38626c0b16eeb6e7d4aba571bd4f0d0232a34b9315c1034920b451e
bec0799a6122e65be89ca6f992b62ef71c3d1c566fd7d55438d88a75d685436f
bf7ee7afb5a618e9c67ef188f6ccb9f9a1d909b0e3958ad860b32d4db9cd181d
c39395e26c5401740fc4d3aef6feab97dda7509be7608b4029d7ea08b33c46d5
cc10498794c701df174e7cdeaeaa15c891f9b8ec8babe58138ae3fffc3b720cc
d03309be836b28243fa9a3a97d0e8d85ebe9e4a93e21f8842e261550f042f78d
da443e4cadd5109e564676ade6140a3f18ce36550be207006d672e808f9fdf17
dbc3dc447144ad3d9da596527fa8dfb86e6b4d7dc2919ea5b45c91679e250619
e5582b0b3dc60008bacc27e484934439c1a4ba12b328ed45e9628772ff40f1b8
ea87fa7963c0c97c98a6595da74ce650325eeb8d8d44c1aabf2239db376b3412
ebc35ec62cb941ada24fd53376c80bb76650aeab27e969174978e848adb5a776
A response was sent by QuoVadis to Matt Palmer on Saturday 3/20/2020 at 10:05 AM AST stating "We acknowledge receipt of your problem report relating to the below certificates this morning.
We will investigate the certificates and, if they are found to be noncompliant, will revoke the certificates within the stipulated 24 hours.
We will update you with the outcome at that time."
Following investigation and coordination with the customers, the certificates were revoked late on Saturday evening.
A response was sent by QuoVadis to Matt Palmer on Saturday 3/21/2020 at 12:07 AM AST stating "These certificates have been revoked. In the process, I identified some additional certificates which share certain of these Public Keys. I require additional assistance to research this thoroughly, which will take place tomorrow. Additional certificates we identify will be revoked in a further 24 hr cycle."
We notified the clients of these additional certificates this morning, and they will be revoked later tonight.
Many thanks, Stephen
QuoVadis
_______________________________________________
dev-security-policy mailing list
dev-secur...@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
(Apologies if multiple copies of this are received. The initial send was bounced by mdsp.)
Summary: The certificates noted in Matt Palmer's email below were not in his original problem report to QuoVadis. The certificates he reported were revoked in a time manner, and we acknowledged that additional certificates existed using the compromised private keys, and that they would be revoked as we identified them. The client was notified of these additional certificates this morning which are scheduled to be revoked tonight.
Detail: An email was received from Matt Palmer on Friday 3/20/2020 at 12:05 AM AST reporting compromised private keys for certificates with the following SPKI fingerprints.
6ca25b96d613ed380d4285a450b1737346ab167bb32dcd8289f4bb9445e4521f
051c7cd46144458d508021dd721460b718c8bf5b3a4a20cfb2a7d9dd1f25470e
1737e8265beefa81310deaacb8e957231fc412f1babb5c3b4fe59b0dcae09cf7
1e71edcb5c1c93180ce063cb50e11ea5867638ec8af9f0be39c8da618e41dd3a
37c5f57216ce204702c60587e0f0b6c821f9ebb145129a780512f444e48d79fe
4a92dfd0de92af47e2a0b90f50854316bb07cc58ceb5dd82f817de51f7f8851d
5eef28fbfe1e59b19d4b7db546d95701ea618aef0ed355a2b7f41ebaf5bd07d7
7cf87d510b4bd8899ea9c48956e8fdc6893778c613148fd174d7d1a030797dc1
8317e90c1fcc6398b4530554d298a4d9268ca115806e231a1b7e9744930ea535
84adaec99f45eb4412fab4b4553670c56e920d998d7bc7611193568f88a000a0
91c1befee55e20f7d972aef5305083cf4ee0c9c951e17516fcfe51a372450839
9f6d02a745bfcc796d3270ed25f5a01654d503f464f50d2274c297b58567193e
aad925a8b38626c0b16eeb6e7d4aba571bd4f0d0232a34b9315c1034920b451e
bec0799a6122e65be89ca6f992b62ef71c3d1c566fd7d55438d88a75d685436f
bf7ee7afb5a618e9c67ef188f6ccb9f9a1d909b0e3958ad860b32d4db9cd181d
c39395e26c5401740fc4d3aef6feab97dda7509be7608b4029d7ea08b33c46d5
cc10498794c701df174e7cdeaeaa15c891f9b8ec8babe58138ae3fffc3b720cc
d03309be836b28243fa9a3a97d0e8d85ebe9e4a93e21f8842e261550f042f78d
da443e4cadd5109e564676ade6140a3f18ce36550be207006d672e808f9fdf17
dbc3dc447144ad3d9da596527fa8dfb86e6b4d7dc2919ea5b45c91679e250619
e5582b0b3dc60008bacc27e484934439c1a4ba12b328ed45e9628772ff40f1b8
ea87fa7963c0c97c98a6595da74ce650325eeb8d8d44c1aabf2239db376b3412
ebc35ec62cb941ada24fd53376c80bb76650aeab27e969174978e848adb5a776
A response was sent by QuoVadis to Matt Palmer on Saturday 3/20/2020 at 10:05 AM AST stating "We acknowledge receipt of your problem report relating to the below certificates this morning.
We will investigate the certificates and, if they are found to be noncompliant, will revoke the certificates within the stipulated 24 hours.
We will update you with the outcome at that time."
Following investigation and coordination with the customers, the certificates were revoked late on Saturday evening.
A response was sent by QuoVadis to Matt Palmer on Saturday 3/21/2020 at 12:07 AM AST stating "These certificates have been revoked. In the process, I identified some additional certificates which share certain of these Public Keys. I require additional assistance to research this thoroughly, which will take place tomorrow. Additional certificates we identify will be revoked in a further 24 hr cycle."
We notified the clients of these additional certificates this morning, and they will be revoked later tonight.
Many thanks, Stephen
QuoVadis
dev-security-policy mailing list
dev-secur...@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
Matt Palmer
Mar 22, 2020, 10:56:24 PM3/22/20
to dev-secur...@lists.mozilla.org
On Mon, Mar 23, 2020 at 02:02:18AM +0000, Stephen Davidson via dev-security-policy wrote:
> Summary: The certificates noted in Matt Palmer's email below were not in
> his original problem report to QuoVadis.
While this may be true in an extremely narrow and literal sense, I don't
> Summary: The certificates noted in Matt Palmer's email below were not in
> his original problem report to QuoVadis.
believe this is a reasonable description of the situation. It is true that
I did not list the certificates that QuoVadis failed to revoke in my
certificate problem report. However, I did not list *any* certificates in
my initial problem report. Despite that, QuoVadis were able to revoke a
number of certificates based on the information I did provide, including
other certificates with the same public key to those that they did not
revoke.
What I did provide was a list of SPKI fingerprints of private keys in my
possession, along with a method of constructing crt.sh URLs which could be
used to lookup impacted certificates by SPKI fingerprint and a method of
constructing URLs which would provide CSR-format attestations of compromise.
This appeared to be sufficient for QuoVadis to revoke the vast majority of
the certificates impacted, and I do not have any record of QuoVadis
objecting to the form or substance of the information I provided.
> The certificates he reported
> were revoked in a time manner, and we acknowledged that additional
> certificates existed using the compromised private keys, and that they
> would be revoked as we identified them.
as we find them, and we'll take 24 hours from when we find them to do it"
meets the letter of the BRs, let alone the spirit.
- Matt
Ryan Sleevi
Mar 23, 2020, 12:57:19 PM3/23/20
to Stephen Davidson, Mozilla, Matt Palmer
On Sun, Mar 22, 2020 at 10:03 PM Stephen Davidson via dev-security-policy <
dev-secur...@lists.mozilla.org> wrote:
> Hello:
> (Apologies if multiple copies of this are received. The initial send was
> bounced by mdsp.)
>
dev-secur...@lists.mozilla.org> wrote:
> Hello:
> (Apologies if multiple copies of this are received. The initial send was
> bounced by mdsp.)
>
> Summary: The certificates noted in Matt Palmer's email below were not in
> his original problem report to QuoVadis. The certificates he reported were
> revoked in a time manner, and we acknowledged that additional certificates
> existed using the compromised private keys, and that they would be revoked
> existed using the compromised private keys, and that they would be revoked
> as we identified them. The client was notified of these additional
> certificates this morning which are scheduled to be revoked tonight.
>
Stephen:
> certificates this morning which are scheduled to be revoked tonight.
>
This seems like a valid incident report, and worth following up on in
Bugzilla. Would you like to open one with your preliminary findings, or
would you like me to create one to be filled in by QuoVadis?
When it comes to reports of private key compromises, it seems the CA should
be able to effectively determine the affected certificates (based on SPKI)
and ensure these are all revoked in a timely fashion. Revoking some of
them, but not all of them, seems like a BR violation.
It may be there are facts or understanding that's missing, and an incident
report can help identify those, as well as any root causes or systemic
mitigations to be deployed.
Stephen Davidson
Mar 23, 2020, 1:12:51 PM3/23/20
to ry...@sleevi.com, Mozilla, Matt Palmer
Hi Ryan:
As you wish. I will start an incident report. I do not believe there is a compliance failure here.
Regards, Stephen
From: Ryan Sleevi <ry...@sleevi.com>
Sent: Monday, March 23, 2020 1:57 PM
To: Stephen Davidson <Stephen....@digicert.com>
Cc: Mozilla <mozilla-dev-s...@lists.mozilla.org>; Matt Palmer <mpa...@hezmatt.org>
Subject: Re: QuoVadis: Failure to revoke key-compromised certificates within 24 hours
As you wish. I will start an incident report. I do not believe there is a compliance failure here.
Regards, Stephen
From: Ryan Sleevi <ry...@sleevi.com>
Sent: Monday, March 23, 2020 1:57 PM
To: Stephen Davidson <Stephen....@digicert.com>
Cc: Mozilla <mozilla-dev-s...@lists.mozilla.org>; Matt Palmer <mpa...@hezmatt.org>
Subject: Re: QuoVadis: Failure to revoke key-compromised certificates within 24 hours
0 new messages