Microsoft Dumps Notorious Chinese Secure Certificate Vendor

Soon, neither Internet Explorer nor Edge will recognize new security certificates from Chinese Certificate Authorities WoSign and its subsidiary StartCom. ZDNet reports: A CA is a trusted entity that issues X.509 digital certificates that verify a digital entity's identity on the internet. Certificates include its owner's public key and name, the certificate's expiration date, encryption method, and other information about the public key owner. Typically, these are used to secure websites with the https protocol, lock down internet communications with Secure Sockets Layer and Transport Layer Security (SSL/TLS), and secure virtual private networks (VPNs). A corrupted certificate is barely better than no protection at all. It can be used to easily hack websites and "private" internet communications.

Microsoft has joined [Mozilla, Google and Apple] in abandoning trust in their certificates. A Microsoft representative wrote: "Microsoft has concluded that the Chinese CAs WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and multiple CAB Forum Baseline Requirements (BR) [issuance and management rules for public certificates] violations." Microsoft will start "the natural deprecation of WoSign and StartCom certificates by setting a 'NotBefore' date of 26 September 2017. This means all existing certificates will continue to function until they self-expire. Windows 10 will not trust any new certificates from these CAs after September 2017."

Re:

[Anonymous Coward]

I'm on it!

Only mousetraps offer free cheese

[Tablizer]

Unfortunately, both CAs had large installed user bases, largely because both had offered free certificates. [Emph. added]

If it sounds too good to be true, it probably is.

Re:

[Otter87]

Unfortunately, both CAs had large installed user bases, largely because both had offered free certificates. [Emph. added]

If it sounds too good to be true, it probably is.

So "letsencrypt" is too good to be true as well ?

Re: Only mousetraps offer free cheese

[Anonymous Coward]

No, Letsencrypt is just bad, in my opinion. Certs expiring after just a few months sucks. I know, I know, cert renewals are supposedly 'automated'. But that's only true when this automation doesn't break, and it broke for some reason when I tried it. I just bought a year-long cert instead from another vendor. It was well worth paying to not have to deal with Letsencrypt.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[badzilla]

Letsencrypt sounded great but broke on installation for me. Broke (differently) for a work colleague also. When your product majors on ease of use then this is not good, not good at all. OK it's free, thank you, but especially as it rather bizarrely wants unusually frequent cert renewal why take the risk of it eating all your support time?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[higuita]

letsencrypt is not 100% free... you are required to use your time to setup the automation... if your time is more expensive than buying a normal certificate, go for it... if not, adding a cron and email notification when the script fails is probably "cheaper".

It is your server, your decision

Re:

[DarkOx]

Let's Encrypt is bad for a whole host of other reasons. They don't even do real domain verification at least not when I looked. You only had to have access to the host. What's more likely? Compromise a 3rd party DNS provider, or compromise someones terrible website? As far as access to the host goes you might not even need much access to the host, a simple path traversal bug that lets you write inside the wwwroot would be enough. You don't even need to full pwn it, likely.

The bigger issue though is LE

Re:

[realxmp]

I agree HTTP challenges leave much to be desired but DNS based challenges aren't really much better. The scenario where someone compromises your DNS provider and can both answer a DNS based challenge and redirect traffic is equally as nasty and not as unlikely as you suggest. The more likely scenario is still a similar domain name attack anyway, as it's a lot easier to do. If you're compromised you need to check certificate transparency records for that domain and force a revoke, use CAA, and key pinning.

It

Re:

[JohnFen]

Certs expiring after just a few months sucks.

And it sucks hard, even when the automation does work. That's why I avoid Let's Encrypt -- it's just not for me. That said, it's probably fine for most people.

Re:

[Billly Gates]

It is. I read here system administrators ban then from their networks due to them allowing anyone to buy a cert with phisy websites.

NotAfter

[Anonymous Coward]

Setting NotBefore will expire all current certificates and allow WoSign and StartCom to issue certificates that will be trusted in the future. Setting NotAfter will no longer trust these certs in the future. Hopefully, the Microsoft engineers are more attentive than ZDNet writers and editors.

Re:

[skids]

Either will allow them to issue new certificates since:

Observed unacceptable security practices include back-dating SHA-1 certificates

...one could argue they did this to work around some SHA-1 retirement quirk, but it is only a shade of difference for them to resort to back-dating anything. Of course, if they get caught doing that, store maintainers could escalate to just removing their root entirely. Which they may or may not care about depending on the legal system over there.

Re:

[thsths]

They did get caught for it, so why should we trust them not to do it in the future?

Work done, no need to continue

[whoever57]

Wosign's work is clearly done now and presumably the Chinese government will move on to another certificate vendor.

Wait... What?

[Anonymous Coward]

Observed unacceptable security practices include back-dating SHA-1 certificates

Windows 10 will not trust any new certificates from these CAs after September 2017.

So what's to prevent them from back dating new certificates?

Re:

[freeze128]

They should do that now.

If I may quote Vilos Cohaagen (Ronny Cox) from 1990's Total Recall:

"Fuck 'em. It'll be a lesson to the others."

Re:Wait... What?

[Nkwe]

So what's to prevent them from back dating new certificates?

Removal of the CA's root certificate from the browser's (operating system's in the case of IE) list of trusted root authorities would do it, but it sounds like they are not doing that yet.

Sounds like Microsoft is playing nice and not yanking the root cert now, instead they are creating a soft landing where they will not honor new certs (with the assumption that new backdated certs won't be created.) In a year when all of the certs would have expired anyway, the root cert would be removed.

Personally I would have just yanked the root cert at the first sign of weirdness from the CA. After all we are only talking about the default list of trusted roots, users can add their own if they feel the need to trust something untrustworthy.

Re:

[JohnFen]

But the entire basis and reason for removing trust in the first place is that WoSign refuses to follow the rules set forth for CAs.

The entire basis for removing trust in the first place is that Microsoft has decided they don't trust WoSign certs. It's not some sort of "punishment" for breaking the rules.

Conversely, If Microsoft decided that a CA wasn't trustworthy but didn't yank their cert because they were technically following the rules, then Microsoft would be doing wrong.

Re:

[DarkOx]

Agreed, they should not be adding custom code paths to handle individual CAs. That is a recipe for bugs and errors in what is supposed to be an AAA function.

If MS does anything they should add a Do-Not-Trust-After-Date option to their certificate manager for all CAs, and make this visible and settable by end users. Ideal with an additional flag "Set-by-Microsoft" to indicate its value that came down thru windows update. Their update process should never set a later date than a user has set.

Re:

[lachlan76]

There is a trade-off, though—if you suddenly remove a large certificate vendor, you risk training users to click through the warnings, and end up potentially worse-off than you were before. The more recent trend seems to have been to require the use of Certificate Transparency by issuers that have been caught misbehaving.

Re:

[JohnFen]

Personally I would have just yanked the root cert at the first sign of weirdness from the CA. After all we are only talking about the default list of trusted roots, users can add their own if they feel the need to trust something untrustworthy.

I would have done this as well. But, since most Windows users are not technically savvy, I'm sure that Microsoft took one look at the shitstorm that would hit their support desks (and the press) and flinched.

Re:

[Shimbo]

So what's to prevent them from back dating new certificates?

They've been caught once. It wouldn't be hard to run a query against the EFF SSL Observatory (or similar) and see if there is a pattern of new certificates appearing with dates before the cutoff.

Re:

[JohnFen]

I don't want to trust any CA outside of those regions, and perhaps even some within those regions.

Your assumption that CAs can be considered trustworthy by default simply because they're in countries you like is charming. Dangerous, but charming.

Question remains:

[fustakrakich]

What good is https if you can't trust the certs?

In today's world any system based on trust is just not sustainable. What we need is verification, not trust.

Re:

[skids]

There are still benefits... not everyone who wants to p0wn you has a MITM; some can only eavesdrop. But yes, trust has obviously been spread too widely.

Re:

[JohnFen]

Personally, I don't actually trust any cert just because a commercial CA has signed it.

Screw WoSign

[jez9999]

I used StartCom's free certs for years with no problem. First I hear of WoSign it's that they bought out StartCom and ruined it. It's a real shame, and Let's Encrypt is no alternative. I'd rather pay for a year cert than put up with a few months.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Zemran]

Agreed, Let's Encrypt is better than the rest and free. How could anything be better?

Must use NSA-compromised CAs!

[gweihir]

Quite frankly, that probably means that WoSign was unwilling to issue faked certificates for the NSA or that they failed to hack it. Sure, it _will_ issue faked certificates for the Chinese Government, but the security arguments cited are nonsense. Various saboteurs (a strong contributor the US) have ensured that "official" certificates are worthless.

So, the 10 people still using IE will care...

[Zemran]

... but not the rest of us.

Until the CA starts falsifying NotBefore dates.

[mysidia]

Windows 10 will not trust any new certificates from these CAs after September 2017."

Seriously.... you're going to rely on the CA's NotBefore date to decide to invalidate the cert?
Did you forget that this CA doesn't participate in certificate transparency AND NotBefore date can
technically be set to whatever the CA wants?

The so-called "Backdating certificates" issue, Although in reality, the NotBefore date is not an issuance date;
it's a date before which the certificate should be treated as an