I certainly recall descriptions of other issuing systems in history in which it was (at least based on the description) possible to get a certificate issued without proof of control of the private key.
A scary example, I know, but StartCom's original system was once described as taking the public key data (and they emphasized _only_ the public key data) from the CSR. Everything else was populated out-of-band of any PKI protocols via the website. Frankly, I don't see how anyone permitting signature over a third party public key without proof of control of the matching private key creates a risk. I think if there are relying-party systems where this creates a problem, the error is in those relying-party systems and their respective validation logic. On Mon, May 18, 2020 at 10:05 AM Jeremy Rowley via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > It was just the one system and situation-specific. > > -----Original Message----- > From: dev-security-policy <dev-security-policy-boun...@lists.mozilla.org> > On Behalf Of Peter Gutmann via dev-security-policy > Sent: Monday, May 18, 2020 6:31 AM > To: Matt Palmer <mpal...@hezmatt.org>; Mozilla < > mozilla-dev-security-pol...@lists.mozilla.org>; Jeremy Rowley < > jeremy.row...@digicert.com> > Subject: Re: Digicert issued certificate with let's encrypts public key > > Jeremy Rowley via dev-security-policy < > dev-security-policy@lists.mozilla.org> writes: > > >For those interested, the short of what happened is that we had an old > >service where you could replace existing certificates by having > >DigiCert connect to a site and replace the certificate with a key taken > >from the site after a TLS connection. No requirement for a CSR since we > >obtained proof of key control through a TLS connection with the > >website. Turned out the handshake didn't actually take the key, but > >allowed the customer to submit a different public key without a CSR. We > >took down the service a while ago - back in November I think. I plan to > >put it back up when we work out the kink with it not forcing the key to > match the key used in the handshake. > > Thanks, that was the info I was after: was this a general problem that we > need to check other systems for as well, or a situation-specific issue that > affected just one site/system but no others. Looks like other systems are > unaffected. > > Peter. > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
