Re: WoSign: updated report and discussion

在 2016年11月1日星期二 UTC+8下午6:43:53，Gervase Markham写道： > On 31/10/16 18:25, Percy wrote: > > According to http://se.360.cn/event/gmzb.html, the browser needs to send a > > http header Accept-Protocal: SM-SSL. > > That seems like an odd mechanism, because SSL connection establishment > happens before

Re: WoSign: updated report and discussion

On 31/10/16 18:25, Percy wrote: > According to http://se.360.cn/event/gmzb.html, the browser needs to send a > http header Accept-Protocal: SM-SSL. That seems like an odd mechanism, because SSL connection establishment happens before HTTP header transmission. Does this header mean "Next time you

Re: WoSign: updated report and discussion

According to http://se.360.cn/event/gmzb.html, the browser needs to send a http header Accept-Protocal: SM-SSL. Perhaps someone can do an Internet scan against Chinese sites (especially gov) to observe SM2 certs Percy Alpha(PGP ) On

Re: WoSign: updated report and discussion

在 2016年10月31日星期一 UTC+8下午11:50:46，Gervase Markham写道： > On 30/10/16 19:47, Han Yuwei wrote: > > SM2 is widely used in Chinese government websites. There is a openssl > > branch (https://github.com/guanzhi/GmSSL) who implemented > > SM2/SM3/SM4. And I don't see any other depolyment in HTTPS. > >

Re: WoSign: updated report and discussion

On 30/10/16 19:47, Han Yuwei wrote: > SM2 is widely used in Chinese government websites. There is a openssl > branch (https://github.com/guanzhi/GmSSL) who implemented > SM2/SM3/SM4. And I don't see any other depolyment in HTTPS. Right, but my question remains: can you find a site with a WoSign

Re: WoSign: updated report and discussion

On Sunday, October 30, 2016 at 6:15:48 AM UTC-7, Gervase Markham wrote: > On 29/10/16 22:42, Percy wrote: > > However, on the official website > > (https://www.wosign.com/about/Why_WoSign.htm) WoSign stated that "沃通是 > > 中国唯一一家也是全球唯一一家能签发全球信任的采用国产加密算法(SM2) 的SSL证书和代码签名证书的商业CA。" WoSign is > > the

Re: WoSign: updated report and discussion

On 29/10/16 22:42, Percy wrote: > However, on the official website > (https://www.wosign.com/about/Why_WoSign.htm) WoSign stated that "沃通是 > 中国唯一一家也是全球唯一一家能签发全球信任的采用国产加密算法(SM2) 的SSL证书和代码签名证书的商业CA。" WoSign is > the only commercial CA in China -- only commercial CA in the world > that can Sign SM2

Re: WoSign: updated report and discussion

Gerv, I believe I found the new updated report still has intentional deception. Issue P: Use of SM2 Algorithm (Nov 2015) WoSign stated that it's only used for testing purposes. However, on the official website (https://www.wosign.com/about/Why_WoSign.htm) WoSign stated that

Re: WoSign: updated report and discussion

On 13/10/2016 04:36, 谭晓生 wrote: The HSM is stored offline, in the Vault of Qihoo 360’s head quarter, a little bit surprised by this question, I don’t know if there other CAs put their Root Certificates online? If anybody have evident to say “Wosign have the private key of StartCom”, please

Re: WoSign: updated report and discussion

+richard=wosign@lists.mozilla.org] > > On Behalf Of Percy > > Sent: Thursday, October 13, 2016 8:25 AM > > To: mozilla-dev-security-pol...@lists.mozilla.org > > Subject: Re: WoSign: updated report and discussion > > > > WoSign has so far announced nothing

Re: WoSign: updated report and discussion

riginal Message- > From: dev-security-policy > [mailto:dev-security-policy-bounces+richard=wosign@lists.mozilla.org] On > Behalf Of Percy > Sent: Thursday, October 13, 2016 8:25 AM > To: mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: WoSign: updated rep

Re: WoSign: updated report and discussion

On 10/11/2016 11:57 AM, Gervase Markham wrote: There is also the case of StartEncrypt. While no known cert-to-wrong-person misissuance occurred because the researchers in question used domains they already controlled to prove their point, but there seemed to be multiple holes by which this

Re: WoSign: updated report and discussion

On 13/10/16 01:40, Percy wrote: > (Hmm, my previous comment about two faced WoSign disappeared from > Google group probably due to anti-spam. Gerv, can you recover it for > me?) I have that message via the news interface, so it did get posted. It's not in the spam filter. Gerv

Re: WoSign: updated report and discussion

(Hmm, my previous comment about two faced WoSign disappeared from Google group probably due to anti-spam. Gerv, can you recover it for me?) I also want to point out that WoSign is currently asking customers to go to StartCom to get DV certs. If we continue to trust StartCom, then WoSign

Re: WoSign: updated report and discussion

On Monday, October 10, 2016 at 2:16:53 PM UTC-7, Matt Palmer wrote: > On Mon, Oct 10, 2016 at 10:33:15AM -0700, Nick Lamb wrote: > > Would anybody here _seriously_ be shocked to read next month that a black > > hat group is auctioning some StartCom private keys ? On the evidence > > available we

Re: WoSign: updated report and discussion

On 09/10/2016 15:54, 谭晓生 wrote: Dear All, This is the information that would be released by Inigo in the coming week, Percy asked me to answer the question, so, it is here: ... 3. PKI – signing service Code: Same code with WoSign’s one. Server: Shared Server. Location: The primary

Deception (was: WoSign: updated report and discussion)

elissen.nl; mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: WoSign: updated report and discussion I don't believe this aspect of things is worth spending time on. However: On 10/10/16 09:44, i...@matthijsmelissen.nl wrote: > On Saturday, October 8, 2016 at 8:18:09 AM UTC+2, uri...@gmai

Re: WoSign: updated report and discussion

On 11/10/16 15:08, Nick Lamb wrote: > Mozilla could choose to do that too, and agree that when a new CA is > added to NSS it will use the Mozilla CA (trusted but never used to > issue end entity certificates) to cross sign the new CA. The > resulting certificate could be included in chains for the

Re: WoSign: updated report and discussion

On Tue, Oct 11, 2016 at 7:08 AM, Nick Lamb wrote: > > Some of the major root trust stores (e.g. Microsoft, Apple) also operate > their own root CA, which they include in that store, for internal purposes at > least. I believe none of them is trusted by another root trust

Re: WoSign: updated report and discussion

On Tuesday, 11 October 2016 09:47:20 UTC+1, Gervase Markham wrote: > I guess you could ask a trusted competitor to generate them on new > hardware and hold the HSMs securely, then you include the roots in > Firefox straight away, and then only tell the competitor to release the > HSMs to CA Foo

Re: WoSign: updated report and discussion

Process to apply a SSL certificate of StartCom: Step 1. StartCom customer sign-in his/her account on official website of StartCom; Step 2. Customer do the domain validation via “Validations Wizard”; Step 3. PKI validation system send the verification code to domain name whois admin email, the

Re: WoSign: updated report and discussion

Hi Eddy, While I have sympathy with what you say, your analysis is incomplete in one respect. On 11/10/16 09:41, Eddy Nigg wrote: > The problematic issue in relation to StartCom is obviously the _two > backdated SHA1 certificates_ There is also the case of StartEncrypt. While no known

Re: WoSign: updated report and discussion

On 11/10/16 02:55, Ryan Sleevi wrote: > CAs would and could address that continuinity by signing their new > root with their old (distrusted) root, and only issuing certificates > with the new root, while the old root fades into obsolecence. > > This offers continuity because the certs issued by

Re: WoSign: updated report and discussion

On 11/10/16 01:04, Kathleen Wilson wrote: > I think what you are saying is that the CA needs to re-apply for > inclusion with new root certificates (not their old root certs). > Correct? If yes, I am inclined towards that idea too. I've heard that > it would cause continuity issues, but I don't

Re: WoSign: updated report and discussion

Hi Kathleen, On 10/10/2016 09:39 PM, Kathleen Wilson wrote: I would like to remind everyone that when making decisions about what to do about CA mis-issuance, it is expressly *not* a goal for me to mete out punishment. Rather, my primary goal is to help keep end-users safe, based on the

Re: WoSign: updated report and discussion

On Tuesday, 11 October 2016 01:04:14 UTC+1, Kathleen Wilson wrote: > Why do we need a minimum of 1 year? > What purpose does that serve? > If they meet all our requirements earlier, why couldn't we discuss it earlier > than 1 year? The exact period of one year is of course arbitrary. However I

Re: WoSign: updated report and discussion

On 10/10/16 23:00, Ryan Hurst wrote: > I also believe there are a few core questions that are relevant to > “what it depends on”, these include: Is it reasonable for the > operational and technical failures StartCom made prior to the > acquisition to be handled as a separate incident? I presume

Re: WoSign: updated report and discussion

On Monday, October 10, 2016 at 5:04:14 PM UTC-7, Kathleen Wilson wrote: > Based on the information that I have seen regarding WoSign, I believe that > WoSign intentionally bent the rules in order to continue issuing SHA-1 SSL > certs, when they knew full well that was no longer allowed. WoSign

Re: WoSign: updated report and discussion

On Monday, October 10, 2016 at 1:08:24 PM UTC-7, Ryan Sleevi wrote: > On Monday, October 10, 2016 at 11:39:19 AM UTC-7, Kathleen Wilson wrote: > > I would like to remind everyone that when making decisions about what to do > > about CA mis-issuance, it is expressly *not* a goal for me to mete out

Re: WoSign: updated report and discussion

Gerv, Again, this mail represents my own personal beliefs and does not necessarily represent the beliefs of my employer, Google, or Let’s Encrypt where I am an advisor. I agree an appropriate response depends on the facts, so as you say, it depends. I also believe there are a few core

Re: WoSign: updated report and discussion

On Mon, Oct 10, 2016 at 10:33:15AM -0700, Nick Lamb wrote: > Would anybody here _seriously_ be shocked to read next month that a black > hat group is auctioning some StartCom private keys ? On the evidence > available we have to assume that the keys underpinning both WoSign and > StartCom may

Re: WoSign: updated report and discussion

On Monday, October 10, 2016 at 11:39:19 AM UTC-7, Kathleen Wilson wrote: > I would like to remind everyone that when making decisions about what to do > about CA mis-issuance, it is expressly *not* a goal for me to mete out > punishment. Rather, my primary goal is to help keep end-users safe,

Re: WoSign: updated report and discussion

I greatly appreciate the significant amount of effort that you all have been putting into this investigation and discussion. As Gerv pointed out, since I am Mozilla's CA Certificate Module owner, I have the responsibility of making some decisions... I am continuing to mull over all of your

Re: WoSign: updated report and discussion

On Monday, 10 October 2016 12:49:37 UTC+1, Gervase Markham wrote: > I think that's an over-generalisation of my position :-) Whether sacking > people is an acceptable response depends on what has happened. I'm very doubtful that it is ever really relevant to the relying parties or trust stores.

Re: WoSign: updated report and discussion

On 10/10/16 16:47, 谭晓生 wrote: > Yes, the certificate issuance process is performed by each of these > five components, except, TSA is used for code issuance and PDF > issuance, not related with SSL certificates issuance. Right :-) But can you explain what each component does specifically? E.g.:

Re: WoSign: updated report and discussion

Dear Gervase, Yes, the certificate issuance process is performed by each of these five components, except, TSA is used for code issuance and PDF issuance, not related with SSL certificates issuance. Thanks， Xiaosheng Tan 在 2016/10/10 下午7:11，“Gervase Markham” 写入: Hi

Re: WoSign: updated report and discussion

On Mon, 10 Oct 2016 12:11:49 +0100 Gervase Markham wrote: > > During the time that the incidents > > occurred, StartCom and WoSign were for all intents and purposes the > > same company, one wholly owned by the other, both managed by the > > same disgraced CEO, and sharing

Re: WoSign: updated report and discussion

On 07/10/16 17:50, Ryan Sleevi wrote: > One possible issue with this is that there hasn't been a similar > question about StartCom's past practices. I think that, up until the > discussion began, particularly around the backdating of certificates, > it might have been said the same about WoSign -

Re: WoSign: updated report and discussion

On 09/10/16 23:43, Percy wrote: > Tan said, for StartCom and WoSign’s infrastructure, the PKI servers > were/are shared, the CRL/OCSP, TSA code were cloned and the StartCom > and WoSign shared the software development team. > > Also some management team are shared I assume since Richard Wang >

Re: WoSign: updated report and discussion

Hi Ryan, I agree with your five tenets. And you ask a very important question: On 07/10/16 18:43, Ryan Hurst wrote: > The problem is that this sets a dangerous precedent. Let’s assume a > similar situation happens in the future with another CA who owns > multiple brands. Would you ignore the

Re: WoSign: updated report and discussion

I don't believe this aspect of things is worth spending time on. However: On 10/10/16 09:44, i...@matthijsmelissen.nl wrote: > On Saturday, October 8, 2016 at 8:18:09 AM UTC+2, uri...@gmail.com > wrote: >> Did anyone ever determine if "Andy Ligg" is in fact a real person? >> (As discussed here

Re: WoSign: updated report and discussion

On Saturday, October 8, 2016 at 8:18:09 AM UTC+2, uri...@gmail.com wrote: > Did anyone ever determine if "Andy Ligg" is in fact a real person? > (As discussed here > https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/0pqpLJ_lCJQ/7QRQ7oqGDwAJ > ) I believe Andy Ligg is a pseudonym

Re: WoSign: updated report and discussion

I also said that the official website, ordering system, certificate management system are different and independent, which is the major cause of the bugs from technical perspective, that’s why Wosign suffered the incidents of bugs but StartCom haven’t. The validation team, customer care team

Re: WoSign: updated report and discussion

Tan said, for StartCom and WoSign’s infrastructure, the PKI servers were/are shared, the CRL/OCSP, TSA code were cloned and the StartCom and WoSign shared the software development team. Also some management team are shared I assume since Richard Wang approved Tyro's backdated cert from

Re: WoSign: updated report and discussion

On Sun, Oct 09, 2016 at 08:47:59AM -0700, Peter Bowen wrote: > I think the proposal from 360 to operate WoSign and StartCom as > separate subsidiaries is interesting and something that is well worth > reviewing if/when they apply to rejoin the program. However that does > not change the past.

Re: WoSign: updated report and discussion

His writing style is very similar to StartCom's website which is produced in China. As we're examining the infrastructure of the two companies, could Mozilla ask Qihoo 360 to disclose the current personnel and technical infrastructure shared between WoSign and StartCom. WoSign has denied that

Re: WoSign: updated report and discussion

Did anyone ever determine if "Andy Ligg" is in fact a real person? (As discussed here https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/0pqpLJ_lCJQ/7QRQ7oqGDwAJ ) If he in fact was a pseudonym for a WoSign employee, then arguably there was no distinction between WoSign and

Re: WoSign: updated report and discussion

On 07/10/2016 19:25, Andrew Ayer wrote: On Fri, 7 Oct 2016 12:12:58 +0100 Gervase Markham wrote: * WoSign and StartCom are to be legally separated, with the corporate structure changed such that Qihoo 360 owns them both individually, rather than WoSign owning StartCom. *

Re: WoSign: updated report and discussion

在 2016年10月7日星期五 UTC+8下午7:13:42，Gervase Markham写道： > As noted by Richard Wang, WoSign have just published an updated Incident > Report: > https://www.wosign.com/report/WoSign_Incident_Report_Update_07102016.pdf > > I think we are now in a position to discuss whether the plan proposed here: >

Re: WoSign: updated report and discussion

On Friday, October 7, 2016 at 9:10:29 AM UTC-7, Gervase Markham wrote: > I should start by reiterating what you already know, but might be a > useful reminder for others - no agreement has been made between Mozilla > and Qihoo/StartCom/WoSign. We gave them advice on what we thought the > community

Re: WoSign: updated report and discussion

Hi Ryan, I should start by reiterating what you already know, but might be a useful reminder for others - no agreement has been made between Mozilla and Qihoo/StartCom/WoSign. We gave them advice on what we thought the community might like to see, but they are responsible for their plan, and the

Re: WoSign: updated report and discussion

On Friday, October 7, 2016 at 4:13:42 AM UTC-7, Gervase Markham wrote: > As noted by Richard Wang, WoSign have just published an updated Incident > Report: > https://www.wosign.com/report/WoSign_Incident_Report_Update_07102016.pdf > > I think we are now in a position to discuss whether the plan

Re: WoSign: updated report and discussion

On 07/10/16 13:23, Jakob Bohm wrote: > On 07/10/2016 13:12, Gervase Markham wrote: >> ... * WoSign agrees it should have been more forthcoming about its >> purchase of StartCom, and announced it earlier. >> >> * WoSign and StartCom are to be legally separated, with the >> corporate structure

Re: WoSign: updated report and discussion

On 07/10/16 12:23, Jakob Bohm wrote: > As an outsider, here is one question: If StartCom has not yet decided > on a technical separation plan, could one acceptable option for such a > plan be to reactivate the old (pre-acquisition) infrastructure and > software and take it from there? > > An

Re: WoSign: updated report and discussion

On 07/10/2016 13:12, Gervase Markham wrote: ... * WoSign agrees it should have been more forthcoming about its purchase of StartCom, and announced it earlier. * WoSign and StartCom are to be legally separated, with the corporate structure changed such that Qihoo 360 owns them both individually,

Re: WoSign: updated report and discussion

On 07/10/16 12:12, Gervase Markham wrote: > Mozilla is minded to agree that it is reasonable to at least consider > the two companies separately, although that does not preclude the > possibility that we might decide to take the same action for both of > them. Accordingly, Mozilla continues to

WoSign: updated report and discussion

As noted by Richard Wang, WoSign have just published an updated Incident Report: https://www.wosign.com/report/WoSign_Incident_Report_Update_07102016.pdf I think we are now in a position to discuss whether the plan proposed here: