We had a conversation with the tg registry, and it looks like the TLD was
compromised until Nov 10. Here's a snippet:
TG Registry (FR): Nous sommes C.A.F.E Informatique & Télécommunications,
gestionnaire technique du .tg. Nous répondons à vos requêtes avec l'accord
de l'ART&P, le gestionnaire administratif du .tg.
TG Registry (EN): We’re C.A.F.E Informatique & Télécommunications, technical
manager of the .tg registry. We respond to your request in agreement with
the Administrative Managers of ART&P.
CAS (FR): On a ete informes qu’il y a quelque jours le bureau
d’enregistrement pour l’extension .tg a eu des problemes de securite.
CAS (EN): We’ve recently been informed that the .tg Registry experienced
some security problems.
TG Registry (FR): En effet, notre plateforme de gestion de noms de domaine a
subi des attaques. Certaines attaques ont eu pour conséquence d'altérer les
informations des noms de domaines appartenant à certains de nos clients.
TG Registry (EN): In effect, our management platform for domain names
suffered an attack. Some attacks did result in the alteration of domain
name ownership records for some of our clients.
CAS (FR): On a besoin de savoir exactement la nature de la probleme que vous
avez eu. Aussi on a besoin de savoir quand le probleme a commence et quand
a ete finalisee.
CAS (EN): What was the exact nature of the problem? Also, we need to know
when the problem started and when it was resolved?
TG Registry (FR) : Nous avons eu une altération des informations des noms de
domaines. Le problème a commencé le 01/11/2017. Il a été réglé et confirmé
comme tel le 10/11/2017.
TG Registry (EN): Alteration of domain name information were made. The
problem started on 1 Nov 2017. We confirmed the problem was resolved 10 Nov
2017.
Hope this helps!
Jeremy
-----Original Message-----
From: dev-security-policy
[mailto:
dev-security-policy-bounces+jeremy.rowley=digice...@lists.mozilla
.org] On Behalf Of Kathleen Wilson via dev-security-policy
Sent: Tuesday, November 14, 2017 9:31 AM
To:
mozilla-dev-s...@lists.mozilla.org
Subject: Re: .tg Certificates Issued by Let's Encrypt
On 11/14/17 4:34 AM,
douglas...@gmail.com wrote:
>
> Do we believe that this issue has been resolved by the Registry and
issuance an resume as normal, or are there ongoing concerns which CAs should
be aware of when issuing certificates to .tg domains?
>
Based on information from folks that are monitoring their NS Records, we
believe that the .tg Registry problems were fixed on November 1, and have
remained fixed since then.
I have not looked into how Registries are operated and maintained, so here
is my personal (uneducated) opinion: I think it is possible that the .tg
Registry could be compromised again. I have no idea if all of the newer
Registries are using good network and security protocols, infrastructure,
etc.
I think that we will need to have much deeper investigation and discussions
about Registries, so I have added this to my to-do list, but I will not be
able to get to it until January.
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-secur...@lists.mozilla.org
https://clicktime.symantec.com/a/1/mcEC05Cw_1xqHZAtMNn7EcnEg4nah8YZRDPpmi4jv
98=?d=CVUyKj1esC0iPxphVfmlXKmHgqqoVMlZEs52KqNWd2oT-ZKsOrQyh75JHM8fUOmXQvSVYN
Axaf_uL_qw2veBL1uD_NBnuxrVL03BMwmJ5WqSeO1Qyb3EGvXK-WOqcGI5ZqPNUefR37XwxjDImn
gIZ6V-qfcc_hbPRc-1pi89HlCsBAj1fejLAHOId10a-l17fqyWDPPMHNPRUc9gd9k8ulOD9XWv3W
9NzgK45lFwYcWcV9V-hzOhaCpA4j1AHVYrZ3FGrLGHNNhmK4lv4eGuAOzmuGJ19qaFW4rZ_bf-7A
qX7ZLNl5RPblcUQbUJl9jM1pEVgOedqPMkHQTaZfa4YXFkfDfo3Dk8pDlp12_sATizciDKRpPVvY
c7r7_v9B0elPw5r9mqGmYsl7kBhrLgHRBp0xZ3Qwwjoq26GhtpLHE4961NVld1nmZlPAtJ1_svO-
BrEmyoWAd-&u=https%3A%2F%
2Flists.mozilla.org%2Flistinfo%2Fdev-security-polic
y