Trouble at DigiCert ?
Nohk Two
High Assurance EV Root CA"
I list both firefox builtin one and the likely fake one as below:
===== Firefox Builtin
CN=DigiCert High Assurance EV Root CA
O=DigiCert Inc
OU=www.digicert.com
SN=02:AC:5C:26:6A:0B:40:9B:8F:0B:79:F2:AE:46:25:77
Issuer:
CN=DigiCert High Assurance EV Root CA
O=DigiCert Inc
OU=www.digicert.com
Issuedate=2006/11/10
Expire=2031/11/10
Fingerprint:
SHA1=5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25
MD5=D4:74:DE:57:5C:39:B2:D3:9C:85:83:C5:C0:65:49:8A
===== Fake one ?
CN=DigiCert High Assurance EV Root CA
O=DigiCert Inc
OU=www.digicert.com
SN=07:27:58:3D
Issuer:
CN=GTE CyberTrust Global Root
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
Issuedate=2010/1/14
Expire=2015/10/1
Fingerprint:
SHA1=67:51:18:8F:0E:55:63:59:32:23:30:05:64:35:94:11:58:5B:0C:33
MD5=9A:5D:35:34:F6:06:B6:AF:AC:C5:AF:CB:5F:51:62:2F
Eddy Nigg
> High Assurance EV Root CA"
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: star...@startcom.org
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
Paul Tiemann
I have good news -- it's a real certificate. It is a cross-signed certificate, used as an intermediate certificate for very old legacy devices that don't have our "DigiCert High Assurance EV Root CA". Modern browsers that already have our roots embedded will just ignore this certificate during SSL handshakes, but legacy browsers will use it as a "bridge" leading to the "GTE CyberTrust Global Root"
Paul Tiemann
CTO, DigiCert
On Sep 30, 2011, at 12:22 AM, Nohk Two wrote:
> Today I found firefox stored an intermediate CA has the CN "DigiCert
> High Assurance EV Root CA"
>
> dev-security-policy mailing list
> dev-secur...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy
Nohk Two
Good news. It looks a regular workaround.
I have a silly question about the "bridge". How can a certificate
simultaneously be signed by two CAs (the embedded and the bridged) when
browser begin to verify the certificate of a site ? Or could you give me
some material to study ?
Thank you very much ! :)
Paul Tiemann
On Oct 1, 2011, at 3:26 AM, Nohk Two wrote:
> 於 2011/9/30 20:01, Paul Tiemann 提到:
>> Hi Nohk,
>>
>> I have good news -- it's a real certificate. It is a cross-signed certificate, used as an intermediate certificate for very old legacy devices that don't have our "DigiCert High Assurance EV Root CA". Modern browsers that already have our roots embedded will just ignore this certificate during SSL handshakes, but legacy browsers will use it as a "bridge" leading to the "GTE CyberTrust Global Root"
>
> Hi Paul,
>
> Good news. It looks a regular workaround.
> I have a silly question about the "bridge". How can a certificate simultaneously be signed by two CAs (the embedded and the bridged) when browser begin to verify the certificate of a site ? Or could you give me some material to study ?
>
> Thank you very much ! :)
Hi Nohk,
That's a good question. Here's a little flow chart I made last year for an internal training. In the SSL handshake, the server sends its own certificate to the client, and the server also sends any intermediate CA certificates that connect the server's certificate (also known as the end-entity cert) to a root CA.
You can test various web servers to see what SSL chain they send to clients by using our help tool:
For example, if you check www.digicert.com in the help tool, you see this chain:
1)
certificate: www.digicert.com
issued by: DigiCert High Assurance EV CA-1
and
2)
certificate: DigiCert High Assurance EV CA-1
issued by: DigiCert High Assurance EV Root CA
and
3)
certificate: DigiCert High Assurance EV Root CA
issued by: Entrust.net Secure Server Certification Authority
If you pretend to be an up-to-date browser--with the "DigiCert High Assurance EV Root CA" embedded in your trust anchor list--then you will see that chain of certificates and step from (1) www.digicert.com to (2) DigiCert High Assurance EV CA-1 to (anchor) DigiCert High Assurance EV Root CA without using the last certificate in that chain, because when you see that (2) was issued by a root you already have in your trust anchors, you will be able to stop there.
If you pretend to be a very old browser--without "DigiCert High Assurance EV Root CA" embeded--then when you see (2) DigiCert High Assurance EV CA-1 you won't be able to stop there because you don't have that root. So you would step to the (3) cross-signed certificate and then see that it is issued by one of your trusted roots and then you could stop there.
One technical point that might help: a cross-signed cert has to have the same public key as the root certificate it is helping. This is so the browsers can verify the signatures on the (2) intermediate certificates with the public key of the (3) cross-signed certificate.
If you have any other questions, I'd be glad to help.
Paul
Moudrick M. Dadashov
> You can test various web servers to see what SSL chain they send to clients by using our help tool:
>
> https://www.digicert.com/help
far. Congratulations! :)
--
M.D.
Cell: +370-699-26662
Paul Tiemann
> On 10/1/2011 4:43 PM, Paul Tiemann wrote:
>> You can test various web servers to see what SSL chain they send to clients by using our help tool:
>>
>> https://www.digicert.com/help
> Paul, this is the most elegant application in its class I've seen so far. Congratulations! :)
Paul
Justin Dolske
>>> You can test various web servers to see what SSL chain they send to clients by using our help tool:
>>>
>>> https://www.digicert.com/help
>> Paul, this is the most elegant application in its class I've seen so far. Congratulations! :)
>
> Thanks a lot! We're always looking for suggestions to make it better… I think we still need to make it detect a lot of SSL related problems like the Qualys checker can do: https://www.ssllabs.com
Justin