Gervase Markham <[email protected]> wrote: > On 23/02/16 18:57, Gervase Markham wrote: > > Mozilla and other browsers have been approached by Worldpay, a large > > payment processor, via Symantec, their CA. They have been transitioning > > to SHA-2 but due to an oversight have failed to do so in time for a > > portion of their infrastructure, and failed to renew some SHA-1 server > > certificates before the issuance deadline of 31st December 2015. > > In relation to this issue, we just published a blog post: > > https://blog.mozilla.org/security/2016/02/24/payment-processors-still-using-weak-crypto/
This is all very disappointing. Effectively, Mozilla is punishing, economically, all of WorldPay's and Symantec's competitors who spent real money and/or turned down money in an effort to comply with Mozilla's guidance on SHA-1. Meanwhile, no doubt Symantec receives a hefty fee in return for issuing these certificates. Thus, Mozilla has effectively reversed the economic incentives for CAs so that it is profitable to go against Mozilla's initiatives to improve web security. And, in the course of doing so, Mozilla has damaged its own credibility and reduced leverage in enforcing its CA policies going forward. Even worse, Firefox still hasn't been changed to block SHA-1 certificates that chain to publicly-trusted CAs with a notBefore date after 2016-01-01. After I left Mozilla, I continued to work on mozilla::pkix in part to make it easy for Mozilla to implement such blocking, specifically, so I know as well as anybody that it is easy to do. If such blocking were implemented then Firefox users wouldn't even be affected by the above-mentioned certificates. This was (is) an opportunity for Firefox to lead other browsers in at least a small part of certificate security. The existing bug [1] for this was closed when the botched attempt to implement it was checked in, but it wasn't re-opened when the botched patch was reverted. I've reopened the bug. It would be great to see somebody working on it. Even the bug about passively warning users about SHA-1 certificates in the chain [2] is currently assigned to *nobody*. AFAICT, Google Chrome has been doing this since 2014. Firefox needs to catch up, at least. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=942515 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1183718 Cheers, Brian _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
