On Tuesday, December 11, 2018 at 11:27:52 AM UTC-6, Hector Martin 'marcan' wrote: > On 12/12/2018 01.47, Ryan Sleevi via dev-security-policy wrote: > > Is this new from the past discussion? > > I think what's new is someone actually tried this, and found 5 CAs that > are vulnerable and for which this attack works in practice. > > > https://groups.google.com/d/msg/mozilla.dev.security.policy/KvQc102ZTPw/iLQLKfbbAwAJ > > Looking back, this attack is also documented in the paper linked in that > thread, but unfortunately it's not open access. I get the feeling this > may be why that discussion didn't really proceed further in that thread. > I certainly missed it. > > The paper does list the vulnerable CAs, which are: > > > • COMODO, InstantSSL, NetworkSolutions, SSL.com: these CAs > > use the same MX email server mcmail1.mcr.colo.comodo.net > > which uses the same caching DNS resolver. The results from our > > cache overwriting methods indicates that the DNS resolver software > > is New BIND 9.x with DNSSEC-validation.
I want to clarify that the only DNS mappings to Comodo from SSL.com are crl and crt CNAMEs for UserTrust issued SSL.com SubCAs operated and maintained wholly by Sectigo. The SSL.com Root CA, which is operated and maintained by SSL.com, does not have any dependency on the Comodo/Sectigo DNS and therefore should not be listed as one of the vulnerable CAs. Regards, Leo Grove SSL.com _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
