Here is the final incident report 1) How your CA first became aware of the problem (e.g. via a problem report submitted to your Problem Reporting Mechanism, via a discussion in mozilla.dev.security.policy, or via a Bugzilla bug), and the time and date.
We became aware of the issue on October 16th. 2) A timeline of the actions your CA took in response. A timeline is a date-and-time-stamped sequence of all relevant events. This may include events before the incident was reported, such as when a particular requirement became applicable, or a document changed, or a bug was introduced, or an audit was done. Timeline: 10/16: Became aware of the ROCA issue via a post to mdsp list 10/17: Created an internal ticket to run report of over all active certificates 10/18: The report showed there were 53 vulnerable SSL certificates. They are all from one customer and they are all under the ".apsch.by" domain. 10/18: Received link with a list of 35 GlobalSign issued SSL certificates, all of which were on our report, https://misissued.com/batch/28/ 10/19: Customer was contacted and we let them know about the issue. These are used within a Tolling system which, if revoked, would result in substantial disruption of commercial services. They immediately initiated process to get them replaced; however, due to the location of the devices and the need to generate the keys using a new process (which is not vulnerable), they need approximately 2 weeks to perform the replacement. They have firm plans to complete this by November 3rd. 11/3: By the end of the day, all 53 certificates will be revoked. By 10/28 we had requested and received recent certificates from our Trusted Root Customers (AT&T, Virginia tech and others) and verified that there were no vulnerable SSL certificates issued by them. 3) Whether your CA has stopped, or has not yet stopped, issuing TLS/SSL certificates with the problem. A statement that you have will be considered a pledge to the community; a statement that you have not requires an explanation. We're working on a fix to block issuance of further certificates with this vulnerability which we will have implemented no later than 11/10. In the mean time we run a report every few days to verify no new certificates were issued. To date, no new ROCA certificates have been issued. 4) A summary of the problematic certificates. For each problem: number of certs, and the date the first and last certs with that problem were issued. The fingerprints of 53 certificates are included here. The first one was issued on 2/25/2016 and the last one on 9/28/2017 01bcd319e84e198694bb986b72ab0b277ee4c357cf9a3b362541f4cb74b36f6d 061229b59546d9d81be0ffcfc04d3d72fca3d81abf98df2bd24872c3aa4d258b 065a097016e51a358f8766abb51a90ad22833bc68f3af3365ecca072029d7fb4 06d5eb043ea45e5846ad4f0b04006f3631a7dd0ec73230cb22bead450951e51a 0f78122cc28cd99618ddbf89a0c9e35eb8b73e4b1bf411369b0bb88b8a0f81ce 1084fe1f6b84bd1ac932a1433a467e127b1dc8ec328cf4aeab12a50b1fbc4b5f 17ba6090b8ef681f139796d903f984ef86d7d1949777bfa8b584c962a449b58f 18df028017a78c292bc9b6a53fe9466a9f8fd2b9e21bb05ccfad235c389f94ca 1b3afa0bfee9a48aa95867a37721f44a5e54592746159865b380f73e05aee476 1e7d489215dad2f31ed8ab240969f516cf49d5ef42ad354cb20356d671c43a2c 1ea84a84819494d7c04fc5219f7f1f0b57850f82203fe2c00fff16124a1a38c5 29f1bfad08982fceb58aa840594f52fd59593c452ec252311544e34a7faf9aee 2e442de2a9d3829151c2263d8e0da84f39a9cc09215c856dfa6d1c56a5511f6f 3057b0a731c5d18186648ef859d46dc40e163a700fdc7c5e4729d7bf1b485c7d 32ebc9849ff889a8f37b145605dede7af0bf736890ccef7a59c3d513e4efe9dc 3a3050a78cd8da38e008278458d4cad95270875bcf00c4e73cb27f390d585824 3c535de462caebd35b5bad2362ee4877fc76fe753bb1a02fbceb0c34892eb220 3fd7be044d5c67e48c62b5c739c3184408c8ca6d02b39f48612c64d4f84b3b13 4312ca0e6ed629149b4540475b0cf7aecc6fe8e99a2d95e4246e506bf731ed8e 45e786cccd940d25cb4abc0ba9155784e2dc652df8e4dd8708fd9a23e32e96ec 4639cfb1fa26a4912d2291ee92d27417a30e0f8049ac6ff8370424bec785deff 4b95a396aeb84f0397db72682a497c07b2705edbfb9990330be2c83244205b10 554f921e7086f6a6847ff7400c15c69aeca0ed8a65413efceb6abd3811ee65fc 59e3fb3644ff108d18ca6c0ceda7da0ea3d28c69a51fe33d4cffc5ba8f712aac 5a31f164d9cbe2098357c5cda18718a8f1c72f7ffb93e52064b8dac44473b398 5d40407e1cc32e9f36a490c1593f1eec04bda4924aee02e3ead97454dc0e3ed0 7152f9f0662cf24dd3e575fe62e684d388ee7ae3ae69c7529c0e2d73e9ecf2e7 742a55a6be533b24a41100867648d848cc79a885a0da2c4259c051bfd8f8c64d 755ae52776fe485bdacb7731f2cca8497b7ffa3d0e50ba933a434988e5b8b8e4 7b9891b7f0e6e4b410c27e00b4372ce35795a3439a187397853fe9f789e817f7 7f7f16754b3f8548d691ccee64864bc020159720608d09c627b68b7bdef33546 9656ae85659c4ae3514c4b1a9a6e78d167c280f6df861cc270d516530f8823b7 9a7f721fd5a3c96ce91a23d61a7abccc20cbc2260bd74ddbd643ef9aa672b79d a096d3ec93b81750d101e612e8569064a525d0c0890208bd8a10105f4f220b38 a441dcc2a2224e8cd4d1d4eaad7297cbdfc0a7bca3942783a8bb8a6c7f3d7ed3 ab4c44eb79ee0d898a78cf02d2346e41b5ff130b04c14feaef87c843acf8bace ad6d92f5f8fec8786089bbe8e47f64c780c0301e657467b5a44bf6dce6437ecd af440838907b876708470e78a6247ed3eda3b1c9c7463177ad3ce4629883fcf6 b1b06ac68bd5d63e4763401310bc9a86874af525645cea520c699921bbfced62 b2a99b03c8f4ee522dbbe359137e3dcd8e3b83c4ec50aeadfc4d876952c2acde b8599d8ed1f166e874bfe3cf4fe9c76a6ef5d41e58f67de801bf8b8e24a7e336 c1db582238be8b5462347bc1e01817fee1b78016309c5409fa11137f08c3cf3e c97086affeb797f1d8b6072b42d01f0e30dec647bc4c1453eea27d4f7a41a933 cccd38092540265556aa368bbaf3cfd9aeb5bf921ff99cb7227b3dfaca2471fe d0816b1683e708af7cbce4ea1fea597420165dc98cd8ea5e3c66b3e74c20d1ac d21ecd32bcd953fb7df159dd29e78d52ab09aeb06a2d8d37a87039ddbefa4b4e d2c80d45be2308cb4babc86aa87826205b2ff5935c4d3681e46ee1df36324519 d97f9c9898c38683a7c05ec76812d08ea698c04ccc5a13588f80c07b38174c65 da014918a26affd720d1d7aa4b949d9ed93e0d87aeb02dd24b32e6d918c9f9da e2039ccfb84f595e9734b04d3a316dc34404b491e119691a337be4826a4c2604 e500cc6ec169ad423e13b8e64a69e48a21f9b88e4fd7872e6e9282d2089a91ed f05c5cfca922a34d71bf9e61c0a6e8f35fa36bc6e60970274daca8f4dd4a77e5 f067f5b708f644c9dc6453a6d71174264cbea6758faf2be12816ee45d7a519bc 5) The complete certificate data for the problematic certificates. The recommended way to provide this is to ensure each certificate is logged to CT and then list the fingerprints or crt.sh IDs, either in the report or as an attached spreadsheet, with one list per distinct problem. The certificates are listed above and are logged in CT logs. 6) Explanation about how and why the mistakes were made or bugs introduced, and how they avoided detection until now. Not applicable, this was a new vulnerability within the client side SSL key generation process 7) List of steps your CA is taking to resolve the situation and ensure such issuance will not be repeated in the future, accompanied with a timeline of when your CA expects to accomplish these things. Not applicable to this incident. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
