SoylentNews is people
SoylentNews
A major operational error by GoDaddy, Apple, and Google has resulted in the issuance of at least 1 million browser-trusted digital certificates that don’t comply with binding industry mandates. The number of non-compliant certificates may be double that number, and other browser-trusted authorities are also likely to be affected.
The snafu is the result of the companies' misconfiguration of the open source EJBCA software package that many browser-trusted authorities use to generate certificates that secure websites, encrypt email, and digitally sign code. By default, EJBCA generated certificates with 64-bit serial numbers, in keeping, it seemed, with an industry mandate that serial numbers contain 64 bits of output from a secure pseudo-random number generator. Upon further scrutiny, engineers discovered that one of the 64 bits must be a fixed value to ensure the serial number is a positive integer. As a result, the EJBCA default produced a serial number with 63 bits of entropy.
[...]Section 7.1 of the Baseline Requirements for publicly trusted certificates [SUB: link is to a PDF] is clear that the minimum threshold for serial numbers must be no fewer than 64 bits of entropy. The 2016 ballot that enacted this requirement referred to a 2008 proof-of-concept hack in which researchers, using a raft of PlayStation consoles to generate cryptographic collisions in the MD5 hash algorithm, essentially became a rogue authority that could generate browser-trusted certificates at will. In 2012, state-sponsored malware dubbed Flame used a similar technique to hijack Microsoft’s widely used Windows update mechanism.
“This is a big deal for CAs and their customers,” Caudill told Ars. “The impact of replacing large numbers of certificates is substantial. From a threat perspective though, this isn’t exploitable. It would require a major breakthrough in cryptography, and even then, 63 bits of entropy provides a huge safety margin. This is a problem because of impact to people and companies; hackers aren’t going to start forging certificates because of this.”
In online forums discussing the problem, a GoDaddy official initially said his company issued more than 1.8 million certificates that didn’t comply with the 64-bit requirement. Under industry rules, GoDaddy had five days to revoke the certificates, but GoDaddy said it wouldn’t be able to make that deadline for all the certificates identified.
(Score: 2) by driverless on Saturday March 23 2019, @03:00AM
Read the mind-numbingly dull series of threads covering this [google.com] that have been going on for over a month now. The value of 64 bits is an arbitrary number pulled out of thin air, somewhere in the discussion some guy went and tracked down a bunch of academic papers that cover this and none of them give this value anywhere. There's been an endless debate over what is and isn't compliant, which eventually boiled down to "you must have 64 bits in this form because the spec says so even if it doesn't make any sense". So now some CA's are coming forward to say they probably aren't compliant, while the rest seem to be keeping quiet and hoping it'll blow over if no-one notices them.
The important point is that it's not a security issue, it's failure to engage in sufficient virtue signalling to satisfy the CA/Browser Forum who created the docs.