Mozilla is drafting a letter that warns certificate authorities that issuing subordinate root certificates that can be used to eavesdrop on Internet traffic will not be tolerated.
Mozilla executives are
considering sending letters to certificate authorities (CAs) warning them that
issuing subordinate root certificates would violate its root CA program
The draft letter was posted
on the Mozilla.dev.security.policy
group a few days after Trustwave
voluntarily revoked the certificate it had issued to a customer and said it
would not issue similar certificates in the future. Issuing that certificate
had been a one-time deal, according to Nicholas Percoco, head of Trustwave's
chaining to CAs in Mozillas root program cannot be used for MITM or traffic
management of domain names or IPs that the party does not legitimately own or
control, regardless of whether it is in a closed and controlled environment or
not," Kathleen Wilson, owner of Mozilla's CA Certificates Module, wrote in
the Feb. 12 draft.
Trustwave had issued a
subordinate root that was used by an unnamed corporate customer to view and
monitor employee Internet activity, even if the sessions were encrypted. The
so-called man-in-the-middle-attack certificate was securely stored within a
data-leak-prevention product. Trustwave decided to abandon the practice because
of "events of the last year," Percoco said.
The letter being drafted
will be sent to all the CAs currently included in Mozilla's trusted root list
and warns that issuing subordinate certificates that can be used to eavesdrop
on traffic would not be tolerated. Mozilla's draft letter made it clear that it
would not tolerate eavesdropping, whether the customer planned to eavesdrop
only on its own network or outside its environment.
"Please review all of
your subordinate CAs to make sure that they cannot be used in this way,"
Wilson wrote. The review should include the extended-validation Secure Sockets
Layer (SSL) certificates to make sure they aren't also being used in this
manner, according to the letter.
Existing subordinate CAs
that can be used for this kind of eavesdropping purpose "must be revoked
and any corresponding HSMs [hardware-security modules] destroyed as soon as possible," Wilson said.
While it is not clear when the letter will be sent out, the companies will have
approximately two to three months after receiving the letter to take action,
according to Wilson.
Several security and privacy
experts have called on Mozilla to remove Trustwave from its trusted root list
for violating trust.
"Regardless of the fact
that Trustwave has since realized that this is not a good business practice to
be engaged in, the damage is done," Christopher Soghoian, a Washington,
D.C.-based security and privacy researcher, wrote on a discussion thread on Mozilla's Bugzilla
Mozilla declined to take
that step, noting that Trustwave had voluntarily revoked and disclosed the
issue. "We encourage any other CAs with similar certificates to follow
Trustwave's example of disclosure and revocation," said Johnathan Nightingale,
Mozilla's director of Firefox engineering.
If a certificate authority
is found to still be using man-in-the-middle certificates after the date in the
letter, Mozilla will take necessary action, including removing the root
certificate from its trusted list.
"Based on Mozilla's
assessment, we may also remove any of your other root certificates, and root
certificates from other organizations that cross-sign your certificates,"
according to the letter.
Security experts and privacy
advocates questioned why Trustwave had issued the certificate in the first
place, and criticized the practice. While Trustwave claimed other CAs allegedly
issue similar certificates and that it was a "common practice" within
the industry, no one is admitting to taking part in light of recent
controversy. Comodo's CEO Melih Abdulhayoglu claimed his company had turned
down a "sizeable offer" to issue these types of certificates.