Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Internet Security

Dutch Government Revokes Diginotar Certificates 78

An anonymous reader writes "After previously claiming that the Iranian hack of CA Diginotar did not compromise certificates of the Dutch government, it has now been decided that there is too much risk and the certificates will have to be revoked after all (original Dutch text). Since the Dutch government has been using only Diginotar-supplied certificates, this will leave all government websites with invalid certificates while a new supplier is being searched for. The minister of internal affairs recommends people not to use the websites if a warning about an invalid certificate appears." Related: Reader TheAppalasian links to Johnathan Nightingale of Mozilla Engineering explaining in clear terms why DigiNotar should no longer be trusted.
This discussion has been archived. No new comments can be posted.

Dutch Government Revokes Diginotar Certificates

Comments Filter:
  • by Killjoy_NL ( 719667 ) <slashdot@noSpAm.remco.palli.nl> on Saturday September 03, 2011 @07:32AM (#37295490)

    Since we have to use the sites to send in our digital tax forms, that would have been a way bigger mess.

    • by todorb ( 169225 )

      yes, those paper forms suck. :)

    • by Co0Ps ( 1539395 )
      Meh. I think the dutch government can get a certificate validated pretty quickly and installing a new certificate should take a couple of hours at most anyway.
      • by lhuiz ( 614322 )
        But there are a *lot* of sites. A lot of municipalities use certificates issues by Diginotar as well.

        • But there are a *lot* of sites. A lot of municipalities use certificates issues by Diginotar as well.

          Big deal. Certs are renewed every year or two anyway. All they need to do is call up whoever handles that sort of thing and get a new cert. If your local municipality doesn't have SSL for a day or two it's hardly a major disaster. Replacing a cert is very easy. I'll bet there's a million people around the world that could do it in a pinch, myself included.

          • by kwark ( 512736 )

            There are client certificates in use for some gov related sites. These have to be reissued in a secure way.

            • Relying on genuine certificates is not insecure. Revoking genuine certificates solves nothing. If someone's browser is relying on the genuine government certificates issued by Diginotar, then there is no security vulnerability with that particular communication, regardless of anything that happened at Diginotar. If somebody is fed a bogus certificate issued by Diginotar, and their browser relies on the bogus certificate, then revoking the genuine government certificates won't help.

              Of course it is necessary

              • I was mistaken above. Pe1chl explained below that it was the Dutch Government that acted as certificate authority and issued an intermediate certificate to DigiNotar, which used the intermediate certificate to issue certificates to various government agencies. The government needs to revoke the intermediate certificate it issued to DigiNotar and thus invalidate all the government certificates issued under it.

          • You obviously have no clue of all the steps involved...
            Most sites are hosted externally, usually with 2-3 parties involved per site. You need to go through all those hosters change / support systems, which might take hours but can also easily take days (if not weeks....) Add in that it's still holiday season, the fact that the severity of the incident means that many politicians and public servants will want to have their piece of the actions and you have a recipe for a longwinded mess.

            With cert renewal you


            • Most sites are hosted externally, usually with 2-3 parties involved per site. You need to go through all those hosters change / support systems, which might take hours but can also easily take days (if not weeks....)

              Oh well. Now they pay the price of making something that's a few hours work into a game of telephone tag.

              I actually don't really agree with you. No matter how much administrative gobbledygook you stack on top of each other, ultimately there's one, maybe two people per site that will actually d

              • Obviously you're not Dutch...

                Every big city has between like 5 and over a 100 websites, of which almost 50% nowadays uses SSL (which by itself is a good thing!) Things like social housing, requesting a new passport/drivers license, every city has their own website(s) and almost all are secured by SSL as all those things involve personal data.

                I used to work for a big hosting company who hosted stuff for many bigger cities. I remember Amsterdam having over 4 dozen websites just running at our company, linked

  • Overview (Score:5, Informative)

    by Anonymous Coward on Saturday September 03, 2011 @07:47AM (#37295534)
    If you haven't been following this story, Gerv (one of the Mozilla people directly dealing with this) has a good overview post with something of a timeline [gerv.net], hitting all the salient points about just how much DigiNotar has fucked up.
    • The whole system of transitive trust is messed up. Fatally flawed at the foundation, promoted because certain large vendors of system software find the transitive trust concept easier to systemize and monetize than the way it should really work.

      (Every system has vulnerabilities. It's a feature of systems in general, not just software or information systems.)

      You can't really trust anyone you don't know, and that's the real problem with the current state of the computer/information systems industries. It's al

  • Does anyone even look at the certs? I consider them worthless, and ignore them 100% of the time.

    • I have looked at them when using an anonymous SSL proxy to access a UK restricted webshop, to make sure the proxy wasn't MIM'ing me.

  • The revocation of certain certificates hasn't been as comprehensive as originally stated, before this point. SANS did a good write-up of this, where they dug into the details of the CRL updates and update history to try and figure out exactly what happened when with revocation, and they couldn't find evidence of a lot of the claimed revocations. In my opinion, this demonstrates an underlying problem with the architecture of PKI as it exists today, and how revocation of trust works...in the name of reliabi

    • by Rich0 ( 548339 )

      Yup. SSL is really messed up. The best fix would be to just put certs in DNS and protect it with DNSSEC. Then you have a hierarchical system for managing them that doesn't cost anything that people aren't already paying. You could still allow for CAs when you need to add some level of real-world identification, or maybe the domain registries could provide this service (so it would be an attribute of the domain one level higher). However, the main threat is from MITM and domain-only checks are generally

  • by plsuh ( 129598 ) <plsuh@go[ ]ast.com ['ode' in gap]> on Saturday September 03, 2011 @08:17AM (#37295636) Homepage

    Apple is behind the curve on this, almost certainly due to a bug in the handling of Extended Validation certificates that needs to be fixed. Until then, I have info and tools on my web page to help users with the problem.

    http://ps-enable.com/articles/diginotar-revoke-trust [ps-enable.com]

    --Paul

  • At this point, everyone should remove the trust for the Diginotar Root CA. I guess most people know how to do this around here, but just for informative purposes:

    First, visit their web site to ensure their root certificate is in your certificate store:

    https://onlineaanvraag.diginotar.nl/Digiforms/StartPage.aspx?FORM_ID=12 [diginotar.nl]

    On Mac OS X go to Applications, Utilities, open Keychain Access. Click on System Roots, then find the "Diginotar Root CA". Select it then do CMD-I. Open the Trust Panel and choose "When usi

    • Re:Untrust Diginotar (Score:4, Informative)

      by iceperson ( 582205 ) on Saturday September 03, 2011 @08:46AM (#37295748)
      Yeah, it's super hard in windows...
      http://www.microsoft.com/technet/security/advisory/2607712.mspx [microsoft.com]
      All supported editions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certificate authority. There is no action required for users of these operating systems because Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List.

      I don't have an XP box here to look at, but I'm pretty sure you can get to the Trusted Root Cert Authorities by going IE >Internet Options > Content > Certificates > Trusted Root Cert Authorities, doubleclick DigiNotar and uncheck all.
      • Interesting, it was still trusted on my Win7 box.

        I just checked another machine here also running Win7 and that certificate is not trusted on it.

      • by blowdart ( 31458 )

        Don't forget that the automatic untrusting in Windows doesn't affect browsers with their own CRLs which ignore the OS, like, err, Chrome and Mozilla, those needed to be updated separately.

      • by antdude ( 79039 )

        Shouldn't MS be releasing a hot fix to remove these bad certificates in XP SP3's IE versions with a hot fix or something? I had two of them in mine. I didn't check Windows 2000 SP4 machines. I assume they have them.

        • by pe1chl ( 90186 )

          They should, but they haven't done that yet.
          There is a security bulletin 2607712 that explains what they did for Vista and newer, but for XP and 2003 they should release a new version of rootsupd.exe that will update the list of root certificates.
          This is not an update to IE but to a separate Windows component that stores the root certificates.

    • What about in Ubuntu? MacOS? Android for mobiles?

      These instructions should be on every Dutch government website, and on many others besides (community spirit). The browsers themselves (IE, Firefox, Chrome, Opera, etc) should release upgrades with the root cert deleted.

      And all of this should be automatic. Diginotar should pay the cost, or their insurer should. Or the Dutch government should, if it's going to create the exposure to this risk by elevating Diginotar to this critical role.

      And of course the Dutch

  • "The minister of internal affairs recommends people not to use the websites if a warning about an invalid certificate appears." While that is basically good advice, it suggests that it is okay to use the websites as long as the warnings are not appearing yet. Most browsers still trust the CA, but that doesn't mean that the CA is trustworthy. He should have recommended not to use the websites as long as they are still using Diginotar certificates.
  • Should we really trust revocation of certificates?

    It might make more sense to change domain names than to trust that the bogus certificates won't be used.

  • There's a much bigger problem here, why trust ANY certificate anymore? Who's to say other certificateproviders haven't been breached? this one happened to be discovered, but I'm pretty sure it isn't the only provider that was comprimised..
    • by drougie ( 36782 )

      Why? Because, if you think about it, that's an unrealistic, unhelpful and an undesirable alternative.

  • Since the Dutch government has been using only Diginotar-supplied certificates, this will leave all government websites with invalid certificates while a new supplier is being searched for.

    The government should never have had a single point of failure waiting to fail. There should have been at least a second, and probably also a third (instead of creating a new SPF at #2) , source of certificates, at least ready to replace Diginotard (not a typo :P) when it failed. There should now absolutely be a backup s

  • If certificates could have multiple signers, we could nix the authority of any one CA and still keep the cert.

    An analogous change would be to enable multiple signatures on a single certificate. Recall that a single X.509 certificate contains a public key, a subject, and a signature binding the two together from a CA. There's no reason (in principle) that we couldn't declare a certificate as a public key, a subject, and a set of signatures, each from a different CA. It turns out that there is a proposal for this kind of alternate, multi-signature certificate (using the OpenPGP standard), which i'll talk about later.

    I mentioned earlier that there is an alternate proposal — OpenPGP Certificates instead of X.509 certificates [ietf.org] — which allows multiple signatures per certificate. The proposal is designed to be implementable in parallel with existing X.509 certificates. However, it is not widely implemented or adopted yet.

    http://lair.fifthhorseman.net/~dkg/tls-centralization/ [fifthhorseman.net]

    That is, if we're bothering with CAs in the future, instead of notaries (e.g. Perspectives or Convergence) or some other technology.

    • by BZ ( 40346 )

      Cross-signed certificates exist right now. It's completely standard practice in many cases. In particular when a new CA starts, it often cross-signs all its stuff with existing CAs for a bit so that its customers have working certs even when dealing with clients who have never heard of the new CA.

      • When you say "cross-signed certificate", do you mean website certificates where more than one CA has signed them? I'd thought "cross-signed" or "bridge" certificates were like CA certificates in that they sat in your browser and linked CAs. If that's the case, that's different in a way that doesn't get you the aforementioned value from having multiple CAs sign a single web certificate independently.

        • by BZ ( 40346 )

          > do you mean website certificates where more than
          > one CA has signed them?

          That's what I was talking about, yes. I'm not aware offhand of anything preventing such, and I was under the impression that they were in fact used in various cases.

          But yes, one CA signing another CAs certificate is the more common way that sort of thing is done.

          • I haven't seen website certs with multiple signers. If anyone knows for sure this is possible or has an example to share, please speak up.

            Cross-signing IIUC is only when CAs authorize other CAs:

            A cross-certificate is a certificate issued by one Certificate Authority (CA) that signs the public key for the root certificate of another Certificate Authority. Cross-certificates provide a means to create a chain of trust from a single, trusted, root CA to multiple other CAs.

            (Note, I believe you can sign a CA's intermediate instead of their root; this appears to be what happened with the DigiNotar incident.)

            • Various DigiNotar intermediate certificates had been cross-signed by other trusted CAs. In order to achieve full blocking, we implemented code which checks for DigiNotar's name in the certificate chain.

              http://blog.gerv.net/2011/09/diginotar-compromise/ [gerv.net]

              Implemented code to compensate for the DigiNotar chaining?

              Stark example of how the current model is well and truly fucked.

  • It's impossible for a reasonable person to go through the list and verify whether any individual one is really necessary or not. Conversely, it's far too difficult for most people to add a CA they need, but which shouldn't be globally trusted. One which primarily serves Dutch users definitely belongs in the latter category. There's no reason for a Californian to automatically trust them.

    As for any CA which has any breach whatsoever, the only responsible thing for anyone who maintains a list of trusted CAs i

  • It's not that Diginotar can no longer be trusted, it's that they never should have been trusted at all. Clearly their security was faulty and moreover, someone in management over there had the gall to try to cover up the security breach. The for this should be obvious - they have a vested interest in appearing secure, even if they aren't.

    How long until we find the same is true for virtually every CA in the world?

FORTUNE'S FUN FACTS TO KNOW AND TELL: A black panther is really a leopard that has a solid black coat rather then a spotted one.

Working...