This article is more than 1 year old

Google might shun Dutch gov certificates from DigiNotar

Chrome update prepared to kill 2 certs

Updated In the wake of hundreds of fraudulent secure sockets layer certificates issued by DigiNotar, Google developers are preparing a version of the Chrome browser that rejects some web credentials sanctioned by the Dutch government's official certificate authority.

Source code posted Thursday afternoon California time on Google's own website would prevent Chrome from trusting any secure website signed by DigiNotar under an official program set up by the Dutch government. It was set up under the auspices of PKIoverheid, the official certificate authority of the Netherlands.

After this article was first published, Mozilla developers implemented a similar change that will cause users to receive a warning when they encounter PKIoverheid certificates signed by DigiNotar. It's unclear when the changes will take effect in Firefox, Thunderbird or SeaMonkey. Mozilla representatives didn't respond to an email request comment.

Shortly after Monday's discovery that DigiNotar had issued a fraudulent google.com certificate that was used to spy on people in Iran who accessed Gmail, Google, Mozilla, and Microsoft updated their software so it would no longer trust the Netherlands-based certificate authority. What Google and Mozilla, and possibly Microsoft as well, never said in their advisories was that their browsers and email applications would continue to trust two DigiNotar certificates that were linked to PKIoverheid.

All three software makers have ducked questions for three days, but a handful of web-based discussions show members of some of them arguing that the PKIoverheid-signed intermediate certificates can still be trusted. On Friday, around the same time this article was first published, Google issued its first on-the-record comment indicating the blocking of the DigiNotar-issued PKIoverheid certificates was under active discussion.

"We're currently evaluating a number of factors, and we want to be prepared to act if we need to," a spokesman wrote in an email. "Our top priority is to protect the privacy and security of our users. To be clear, in this instance we are considering a CA operated by DigiNotar, not the Staat de Nederlanden root CA. We encourage DigiNotar to provide a complete analysis of the situation."

It's unclear if or when Google intends to implement the planned changes. A few hours after the Chromium differential was posted publicly, access to it became restricted. A volunteer Chromium developer said the source code was a sign that at least some people inside Google may have reservations.

“The fact that Google is taking this preparatory step may be anticipating the worst,” said Ryan Sleevi, a who has contributed code to the Chromium project in the past. “It also seems to suggest that they may have information that PKIoverheid has been compromised or otherwise is untrustworthy through its link to Diginotar. PKIoverheid doesn't appear to have done anything wrong other than associating with DigiNotar.”

It's unclear how many website certificates might be affected by the move, but the number and profile of sites that use DigiNotar's PKIoverheid certificate could be considerably higher than those that rely on DigiNotar's root certificate alone. The site at https://www.nicugehoorscreening.nl appears to offer neonatal intensive care unit services from the Dutch government.

It appears as a valid SSL site under Google Chrome. If the changes under consideration are made, the browser would return an error that it's not to be trusted.

On Thursday, Mozilla Vice President of Technical Strategy Mike Shaver issued a series of tweets that appeared to indicate developers of the Firefox browser and Thunderbird email client were inclined to continue trusting the intermediate certificates. Responding to one Twitter dispatch asking what in one of the excepted certificates suggested it wasn't controlled by DigiNotar, Shaver offered the following response:

“nothing in the cert does. our conversations with the dutch authorities do. it doesn't chain to digitar *root*, right?”

A separate tweet posted Wednesday by Google security researcher Adam Langley said: “PKIoverheid is still allowed for now based on assurances from the Dutch government. Conversation still ongoing.”

Microsoft declined to say whether changes it has made to the Vista and later operating systems block the two PKIoverheid certificates signed by DigiNotar.

The relevant code in the version of Chromium is as follows:

Index: net/base/x509_certificate.cc
diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc
index e96ece490ad4c32fafb735671317dae35115151e..36b0ed2bfcbf315595eb779922026c954db7d5b9 100644
--- a/net/base/x509_certificate.cc
+++ b/net/base/x509_certificate.cc
@@ -957,7 +957,7 @@ bool X509Certificate::IsBlacklisted() const {
 // static
 bool X509Certificate::IsPublicKeyBlacklisted(
     const std::vector<SHA1Fingerprint>& public_key_hashes) {
-  static const unsigned kNumHashes = 3;
+  static const unsigned kNumHashes = 5;
   static const uint8 kHashes[kNumHashes][base::SHA1_LENGTH] = {
     // Subject: CN=DigiNotar Root CA
     // Issuer: CN=Entrust.net x2 and self-signed
@@ -971,6 +971,14 @@ bool X509Certificate::IsPublicKeyBlacklisted(
     // Issuer: CN=Entrust.net
     {0xe2, 0x3b, 0x8d, 0x10, 0x5f, 0x87, 0x71, 0x0a, 0x68, 0xd9,
      0x24, 0x80, 0x50, 0xeb, 0xef, 0xc6, 0x27, 0xbe, 0x4c, 0xa6},
+    // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
+    // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
+    {0x7b, 0x2e, 0x16, 0xbc, 0x39, 0xbc, 0xd7, 0x2b, 0x45, 0x6e,
+     0x9f, 0x05, 0x5d, 0x1d, 0xe6, 0x15, 0xb7, 0x49, 0x45, 0xdb},
+    // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
+    // Issuer: CN=Staat der Nederlanden Overheid CA
+    {0xe8, 0xf9, 0x12, 0x00, 0xc6, 0x5c, 0xee, 0x16, 0xe0, 0x39,
+     0xb9, 0xf8, 0x83, 0x84, 0x16, 0x61, 0x63, 0x5f, 0x81, 0xc5},
   };
 
   for (unsigned i = 0; i < kNumHashes; i++) {

It clearly shows two additional DigiNotar certificates, including their serial numbers, that would be blocked if the changes go into effect.

Asked why the source code was originally accessible to everyone and later was restricted, a Google spokesman said: “Code diffs may be private before they are committed. Commits to the tree will of course be public.”

More about

TIP US OFF

Send us news


Other stories you might like