Certificate Authorities Warned By Mozilla About Issuing MITM SSL Certs

Mozilla executives are considering sending letters to certificate authorities (CAs) warning them that issuing subordinate root certificates would violate its root CA programme policies.

The draft letter was posted on the Mozilla.dev.security.policy group a few days after Trustwave voluntarily revoked the certificate it had issued to a customer and said it will not issue similar certificates in the future. Issuing that certificate had been a one-time deal, according to Nicholas Percoco, head of Trustwave’s SpiderLabs.

No more snooping

“Subordinate CAs chaining to CAs in Mozilla’s root programme cannot be used for MITM [man-in-the-middle], or traffic management of domain names, or IPs that the party does not legitimately own or control – regardless of whether it is in a closed and controlled environment or not,” Kathleen Wilson, owner of Mozilla’s CA Certificates Module, wrote in the draft.

Trustwave had issued a subordinate root that was used by an unnamed corporate customer to view and monitor employee Internet activity, even if the sessions were encrypted. The so-called man-in-the-middle-attack certificate was securely stored within a data leak prevention product. Trustwave decided to abandon the practice because of “events of the last year” Percoco said.

The letter being drafted will be sent to all the CAs currently included in Mozilla’s trusted root list and warns that issuing subordinate certificates that can be used to eavesdrop on traffic would not be tolerated. Mozilla’s draft letter made it clear that it would not tolerate whether the customer planned to eavesdrop only on its own network or outside its environment.

“Please review all of your subordinate CAs to make sure that they cannot be used in this way,” Wilson wrote. The review should include the extended-validation Secure Socket Layer certificates to make sure they aren’t also being used in this manner, according to the letter.

Existing subordinate CAs that can be used for this kind of eavesdropping purposes “must be revoked and any corresponding HSMs destroyed as soon as possible”, Wilson said. While it is not clear when the letter will be sent out, the companies will have approximately two to three months after receiving the letter to take action, according to Wilson.

Several security and privacy experts have called on Mozilla to remove Trustwave from its trusted root list for violating trust.

“Regardless of the fact that Trustwave has since realised that this is not a good business practice to be engaged in, the damage is done,” Christopher Soghoian, a security and privacy researcher, wrote on a discussion thread on Mozilla’s Bugzilla bug tracking system.

Mozilla declined to take that step, noting that Trustwave had voluntarily revoked and disclosed the issue. “We encourage any other CAs with similar certificates to follow Trustwave’s example of disclosure and revocation,” said Johnathan Nightingale, Mozilla’s director of Firefox engineering.

Offenders uprooted

If a certificate authority is found to still be using man-in-the-middle certificates after the date in the letter, Mozilla will take necessary action, including removing the root certificate from its trusted list.

“Based on Mozilla’s assessment, we may also remove any of your other root certificates, and root certificates from other organisations that cross-sign your certificates,” according to the letter.

Security experts and privacy advocates questioned why Trustwave had issued the certificate in the first place, and criticised the practice. While Trustwave claimed other CAs allegedly issue similar certificates and that it was a “common practice” within the industry, no one is admitting to taking part in light of recent controversy. Comodo’s CEO Melih Abdulhayoglu claimed his company had turned down a “sizeable offer” to issue these types of certificates.