Re: [Trans] Call for adoption, draft-linus-trans-gossip-ct

[Rob Stradling <rob.stradling@comodo.com>]

On 10/08/15 11:28, Ben Laurie wrote:
>
> On Sat, 8 Aug 2015 at 17:56 Bryan Ford <brynosaurus@gmail.com
> <mailto:brynosaurus@gmail.com>> wrote:
>
>     Hi Tom,
>
>>     On Aug 6, 2015, at 11:46 AM, Tom Ritter <tom@ritter.vg
>>     <mailto:tom@ritter.vg>> wrote:
<snip>
>>     The Comodo incident you reference, was that the mozilla.com
>>     <http://mozilla.com> cert in
>>     2008?  That was someone just trying a RA portal and getting a cert:
>>     http://www.theregister.co.uk/2008/12/29/ca_mozzilla_cert_snaf/
>
>>     Despite all the effort to find such certs manually, via MEKAI,
>>     Perspectives, Convergence, Cert Patrol, and others - I'm not aware of
>>     anyone ever catching a CA-signed misissued cert manually.
>
>     I think it was the March 2011 incident, where a hacker was able to
>     obtain fraudulent certificates through Comodo and then apparently
>     attempted to use at least one of them, for ‘login.yahoo.com
>     <http://login.yahoo.com>’, in some way:
>     https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
>     Comodo’s report and the other information I found don’t make it
>     clear exactly in what way the login.yahoo.com
>     <http://login.yahoo.com> cert was “seen live on the Internet” -
>     perhaps it was Google pinning as well if Google was pinning Yahoo’s
>     certs at that time (were they?), or perhaps it was manual
>     forensics.  Perhaps you or someone else has better information about
>     this.  But this is all incidental: it’s great that Google pinning
>     has caught a lot of incidents, but nobody seems to be saying that
>     means Google pinning is the best/final solution.
>
>
> In this case, though, CT would have caught the mis-issue.

Had we (Comodo) been submitting all certs to CT logs at that time, then 
yes, CT would have caught these mis-issues.

Had Chrome been doing certificate pinning at that time (which I don't 
think it was, given that 
https://www.imperialviolet.org/2011/05/04/pinning.html is dated a couple 
of months later), it would have caught these mis-issues too, if any 
Chrome users had actually been exposed to any of these certs "live on 
the Internet".

The "seen live on the Internet" claim: Within a few hours of us noticing 
the mis-issuances, we'd analyzed our webserver logs looking for activity 
on the compromised account and we'd spotted some IP addresses allocated 
to Iran.  One of my colleagues did a port 443 scan across the relevant 
IP subnets and found a server that was sending that login.yahoo.com 
cert.  IIRC, that server wasn't up for long.

Incidentally, this is pretty fair summary of the incident:
https://www.chromium.org/Home/chromium-security/root-ca-policy
"In March of 2011, Comodo issued fraudulent certs for a number of 
well-known internet sites including Microsoft, Yahoo and Google. This 
was not due to a compromise at Comodo, but rather at an authorized 
Registration Authority operating on Comodo’s behalf. In that case, 
Comodo immediately spotted the mis-issuance, revoked the certificates, 
notified the affected parties, and made a full and public disclosure of 
what had happened, albeit a week after the event. While the compromise 
itself cannot be minimized, Comodo mostly acted in a manner consistent 
with the trust placed in them as a Root CA (earlier disclosure would 
have been better)."

My one complaint is the "mostly...earlier disclosure would have been 
better" part.  We wanted to disclose ASAP, but one of the browser 
providers said they needed 9 days to produce and test patches.  That may 
sound implausible now, but remember that this was before any of the 
browsers had introduced their certificate blacklisting mechanisms (i.e. 
Google's CRLSets, Microsoft's disallowed.stl, etc).

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online