Hello: Siemens Issuing CA Internet Server 2016 was taken offline upon this report while Siemens and QuoVadis investigate. It will not issue certificates until the problem is resolved.
Kind regards, Stephen Davidson QuoVadis -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+s.davidson=quovadisglobal....@lists.mozi lla.org] On Behalf Of Charles Reiss via dev-security-policy Sent: Tuesday, July 18, 2017 7:26 PM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: dNSName containing '/' / low serial number entropy https://crt.sh/?id=174827359 is a certificate issued by D-TRUST SSL Class 3 CA 1 2009 containing the DNS SAN 'www.lbv-gis.brandenburg.de/lbvagszit' (containing a '/') with a notBefore in April 2017. The certificate also seems to have a short certificate serial number, which cannot include 64 bits of entropy. Many certificates issued by this CA appears to use large serial numbers (e.g. ). But there are certificates with much shorter sequential-looking serial numbers with notBefores shortly before  and after  this certificate's and as recent as 4 July 2017 .  https://crt.sh/?id=137090990 , https://crt.sh/?id=124715040  https://censys.io/certificates/4445455caca3e9cf2ab2b673304487cb220871aa6d5ac 1bf03827f74609c3646  https://censys.io/certificates/8d08033efe732e8fb6c2f3257c52b500af991bd1f363f fd6e29ec1812a943cd9  https://crt.sh/?id=173758922 I did a cursory check on censys.io to see if there were other cases of short serial numbers in certificates with recent notBefores that are trusted by Mozilla: - Digidentity Services CA - G2 (https://crt.sh/?caid=868 ; chains to Staat der Nederlanden Root CA - G2) has issued certificates which serial numbers that appear to be of the form 0x10000000 + sequential counter with notBefores as recent as 8 June 2017. - Siemens Issuing CA Internet Server 2016 (https://crt.sh/?caid=26087 ; chains to QuoVadis Root CA 2 G3) has issued certificates with 4-byte serial numbers with notBefores as recent as 11 July 2017, though they do not appear to be assigned sequentially. D-Trust and QuoVadis both indicated no problems complying with version 2.4.1 of Mozilla's certificate policies (which requires, among other things, 64 bits of serial number entropy) by 1 June 2017 when they replied to Mozilla's April CA communication. The Government of the Netherlands indicated they needed a delay for CPS translation only. _______________________________________________ dev-security-policy mailing list firstname.lastname@example.org https://lists.mozilla.org/listinfo/dev-security-policy
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list email@example.com https://lists.mozilla.org/listinfo/dev-security-policy