[cryptography] Google tears Symantec a new one over rogue SSL certs

Jeffrey Walton noloader at gmail.com
Sun Dec 13 20:50:39 EST 2015


Google has read the riot act to Symantec, scolding the security biz
for its slapdash handling of highly sensitive SSL certificates.

In September it emerged that Symantec's subsidiary Thawte generated a
number of SSL certs for internal testing purposes.

One of these certificates masqueraded as a legit cert for Google.com,
meaning it could be used to trick web browsers into thinking they had
connected to Google's site when really the browser had connected to a
potentially malicious server.

The Chocolate Factory discovered the rogue cert using its Certificate
Transparency project, and it was furious: Google never gave Thawte
permission to generate the certificates, and was irked by Symantec's

Thawte insisted the rogue certificates never at any point left the
lab, and that no one outside the company had obtained copies of the
SSL certs.

Alarmed that Thawte's engineers were playing around with highly
sensitive and powerful certificates, Google demanded a full
investigation. Symantec found 23 dodgy certs, fired some of the staff
involved, and conducted what it said was a full review, but now it
turns out the biz botched that too.

According to Google software engineer Ryan Sleevi, the internet
goliath found several more certificates that weren't mentioned in
Symantec's report, and demanded the firm look again. On October 12,
Symantec said they had found that another 164 rogue certificates had
been issued in 76 domains without permission, and 2,458 certificates
were issued for domains that were never registered.

"It's obviously concerning that a certificate authority would have
such a long-running issue and that they would be unable to assess its
scope after being alerted to it and conducting an audit," Sleevi said
on Wednesday.

"Therefore, we are firstly going to require that as of June 1st, 2016,
all certificates issued by Symantec itself will be required to support
Certificate Transparency. In this case, logging of non-EV certificates
would have provided significantly greater insight into the problem and
may have allowed the problem to be detected sooner."

If Symantec wants its certificates recognized by the Chrome web
browser, Google has said the firm must update the original report with
all the details and an explanation of what went wrong. This Symantec
has now done (you can read it here), but the biz has more hoops to
jump through if it wants Chrome to accept its certificates going

Symantec will also need to give Google a detailed timeline for the
process behind the creation of each certificate and a list of things
it will do to make sure it doesn't happen again. Since this involves
confidential information, Google won't be making that information

In addition, Symantec must hire a third-party security auditor to
conduct a full audit and check that private keys have not been exposed
and that auditing software works as specified. In addition, the
auditors will ensure that Symantec is compliant in the following

 * WebTrust Principles and Criteria for Certification Authorities
 * WebTrust Principles and Criteria for Certification Authorities –
SSL Baseline with Network Security [PDF]
 * WebTrust Principles and Criteria for Certification Authorities –
Extended Validation [PDF]

If Symantec bungles this second chance, come June 2016, Google Chrome
and other Google apps will warn netizens not to trust any websites
that use new Symantec-backed certificates.

This will encourage web developers to avoid using Symantec-issued SSL
certs for their HTTPS-encrypted websites, and similar services,
dealing a damaging blow to Symantec.

"While there is no evidence that any harm was caused to any user or
organization, this type of product testing was not consistent with the
policies and standards we are committed to uphold," Symantec told The
Register in a statement.

"To prevent this type of testing from occurring in the future, we have
already put additional tool, policy, and process safeguards in place,
and announced plans to begin Certificate Transparency logging of all
certificates. We have also engaged an independent third party to
evaluate our approach, in addition to expanding the scope of our
annual audit."

This may not be the end of the matter, however, since other groups are
now reaching for their pitchforks. Firefox-maker Mozilla has examined
Google's proposal, and is considering insisting that Symantec do the
same for them; others may follow their example.

More information about the cryptography mailing list