In an email to certification authorities (CAs), the Mozilla Foundation has asked CAs not to issue certificates for sub-CAs which can be used to monitor encrypted data. The request is being made in the context of a recently revealedcase, in which Trustwave set up a man-in-the-middle CA.
Trustwave sold a CA certificate to another company that enabled it to issue valid certificates for any server. This enabled the latter company to monitor encrypted traffic sent and received by its own staff using what was effectively a man-in-the-middle attack. Trustwave has since revoked the CA certificate and has announced that it will, in future, no longer facilitate sub-CAs of this nature.
The letter, signed by Kathleen Wilson, who is responsible for the CA module used in Mozilla software, requests that all CAs respond by 2 March and agree to revoke any sub-certificates which enable third parties to eavesdrop on data traffic by 27 April. Any corresponding HSMs and smartcards also have to be destroyed.
Mozilla baldly asserts that if any such sub-CAs are discovered after the 27 April deadline, the foundation will take whatever steps are necessary, including removing the root certificate from Mozilla software if required. Wilson also intends to publish the CAs responses to her email. The email includes a link to Mozilla’s rules on including root certificates in its products – these rules are currently being revised.
Mozilla developers have released a patch which marks sub-CAs chaining to Trustwave CA as untrusted. The patch would appear to remove the threat of instituting a demand made by a reader of The H’s associates at heise Security for the immediate removal of Trustwave from the list of trusted CAs. Credit has clearly been given for the fact that Trustwave voluntarily disclosed the incident and has already revoked the certificate in question.
Mozilla is nevertheless making it unambiguously clear that it will not tolerate MITM CAs in future. It will be interesting to see what sort of response it receives. On making its disclosure, Trustwave suggested that it was standard practice within the industry. Symantec, which owns CA Verisign, has not responded to an enquiry from heise Security as to whether it issues CA certificates for monitoring purposes.