info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Key compromise and root cert with shared key in german lawyer communication software (beA)
1,852 views
Skip to first unread message
Hanno Böck
Dec 23, 2017, 11:27:15 AM12/23/17
to dev-secur...@lists.mozilla.org
Hi,
The german bar association has a software for secure communication
between lawyers called "besonderes elektronisches
Anwaltspostfach" (beA).
They used a local https server run on the client with a valid
certificate for bealocalhost.de (the domain resolves to 127.0.0.1).
This means the private key is part of the software, so this is a key
compromise. This has been reported by Markus Drenger to the CA and it
got revoked.
Here's the cert:
https://crt.sh/?id=285821301
What happened after that is no longer relevant for the PKI as a whole,
but is even worse for the users of beA: They used a self-signed
certificate and asked the users to import that into the Windows root
certificate store. Thus the same problem appears as with Superfish,
edell and similar: Everyone can now sign certificates for arbitrary
hosts and use them to perform man in the middle attacks against the
users who followed these instructions.
Starting January 1st all lawyers in Germany have to use this beA
software.
Article in German:
https://www.golem.de/news/bea-bundesrechtsanwaltskammer-verteilt-https-hintertuere-1712-131845.html
--
Hanno Böck
https://hboeck.de/
mail/jabber: ha...@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
The german bar association has a software for secure communication
between lawyers called "besonderes elektronisches
Anwaltspostfach" (beA).
They used a local https server run on the client with a valid
certificate for bealocalhost.de (the domain resolves to 127.0.0.1).
This means the private key is part of the software, so this is a key
compromise. This has been reported by Markus Drenger to the CA and it
got revoked.
Here's the cert:
https://crt.sh/?id=285821301
What happened after that is no longer relevant for the PKI as a whole,
but is even worse for the users of beA: They used a self-signed
certificate and asked the users to import that into the Windows root
certificate store. Thus the same problem appears as with Superfish,
edell and similar: Everyone can now sign certificates for arbitrary
hosts and use them to perform man in the middle attacks against the
users who followed these instructions.
Starting January 1st all lawyers in Germany have to use this beA
software.
Article in German:
https://www.golem.de/news/bea-bundesrechtsanwaltskammer-verteilt-https-hintertuere-1712-131845.html
--
Hanno Böck
https://hboeck.de/
mail/jabber: ha...@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
0 new messages