[Cryptography] distrusted root CA: WoSign

Ben Laurie ben at links.org
Mon Oct 3 01:16:34 EDT 2016


On 2 October 2016 at 11:49, Georgi Guninski <guninski at guninski.com> wrote:
> On Sat, Oct 01, 2016 at 08:31:01PM +0200, Jeroen van der Ham wrote:
>> Mozilla already announced they are planning to distrust StartCom, since WoSign has not been transparent about buying WoSign. Plus there are signs that they are even sharing infrastructure.
>> Apparently, when bugs were found in StartEncrypt several months ago, they also found a bug where it was possible to get StartEncrypt to issue a WoSign cert(!) for December 20th 2015.
>>
>> They are planning to distrust future certs, so there is not that much stuff breaking for the “lusers”.
>>
>
> Startcom were big CA, maybe something like 6th biggest in the world.
> Their customers will be pissed off for killing the certificates.
>
> Don't get "distrust future certs". Mozilla either trust root(s) or not.
> Root(s) can trivially sign "old" cert requests, requiring old date now.
> Having in mind the chinese have the Startcom, roots, they can issue
> essentially whatever chaining up to root as long as the roots are trusted.

"If ... back-dating is discovered (by any means), Mozilla will
immediately and permanently revoke trust in all WoSign and StartCom
roots."

>From https://docs.google.com/document/d/1C6BlmbeQfn4a9zydVi2UvjBGv6szuSB4sMYUcVrR8vQ.


More information about the cryptography mailing list