Dear Gerv, We’ll rewrite all the code with different programing language or buy 3rd party components (for example: PKI), Wosign team using .Net, but my team never use .Net, they are good at C/C++ and PHP, Python.
Thanks, Xiaosheng Tan 在 2016/10/14 下午11:01,“dev-security-policy 代表 Gervase Markham”<dev-security-policy-bounces+tanxiaosheng=360...@lists.mozilla.org 代表 g...@mozilla.org> 写入: Hi Inigo, On 14/10/16 09:16, Inigo Barreira wrote: > In this link, > https://www.startssl.com/report/StartCom_Remediation_Plan_14102016.pdf, > you´ll find the detailed remediation plan for StartCom as was notified last > week. Thanks for this. Is this a correct summary of the situation as regards the origin of the codebases? Website/Ordering System Before: WoSign-authored, but not the same as the one WoSign uses After: Same WoSign-authored code, audited and improved by Qihoo R&D CMS Before: WoSign-authored, but not the same as the one WoSign uses After: Same WoSign-authored code, audited and improved by Qihoo R&D PKI Before: WoSign-authored, same code that WoSign uses After: StartCom-authored, improved by Qihoo R&D (short term) Third-party solution (medium term) OCSP/CRL Before: WoSign-authored, same code that WoSign uses After: Same WoSign-authored code, audited and improved by Qihoo R&D From my perspective, the "technical separation" part is more than just "not using the same servers WoSign uses" or "not running the same code that WoSign runs". One of the things we have lost confidence in is the coding of the WoSign development team, and therefore any piece of code remaining which they wrote is suspect - no matter whether it is StartCom-specific or also run by WoSign. Given that, it is concerning that after your plan is executed, 3 of the 4 key systems will still be running WoSign-authored codebases, even if they have been audited and improved to some degree by Qihoo R&D. For each system where that is true, I think that Mozilla may wish to require a full external security audit, which would both be expensive and time-consuming (and may lead to a great deal of remediation required). Was consideration given to switching back to the old StartCom codebase, or buying in a third party solution, for the website, the CMS or the OCSP/CRL function? Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy