Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Drop WoSign/StartCom root certs in 8.0 #9434

Closed
ChALkeR opened this issue Nov 3, 2016 · 15 comments
Closed

Drop WoSign/StartCom root certs in 8.0 #9434

ChALkeR opened this issue Nov 3, 2016 · 15 comments
Labels
discuss Issues opened for discussions and feedbacks. security Issues and PRs related to security.

Comments

@ChALkeR
Copy link
Member

ChALkeR commented Nov 3, 2016

The story: https://wiki.mozilla.org/CA:WoSign_Issues

We should probably take action on that in 8.0, especially noting that it will be an LTS version maintained until 2020-04.

Note that they might or might not be still be present in Mozilla root store at the time of 8.0 release, but they do plan removing them.

Related: #3159.

@ChALkeR ChALkeR added discuss Issues opened for discussions and feedbacks. security Issues and PRs related to security. labels Nov 3, 2016
@mscdex
Copy link
Contributor

mscdex commented Nov 3, 2016

+1

@ChALkeR
Copy link
Member Author

ChALkeR commented Nov 3, 2016

/cc @nodejs/security

@bnoordhuis
Copy link
Member

We compile the root CA list from Mozilla's certdata.txt, it's just a matter of updating before the v8.0.0 release. The WoSign and StartCom certificates haven't been removed upstream yet, I just checked.

@ChALkeR
Copy link
Member Author

ChALkeR commented Nov 3, 2016

@bnoordhuis I am aware of that, but they do plan removing those. As I mentioned above:

Note that they might or might not be still be present in Mozilla root store at the time of 8.0 release, but they do plan removing them.

I think that we should add an exception from that rule and remove the certs manually, because in case if they remove those certs e.g. one week later than we cut 8.0 rc/release, the LTS be stuck with the insecure certs for several more years (or a breaking update would be needed without a semver-major version bump).

@bnoordhuis
Copy link
Member

the LTS be stuck with the insecure certs for several more years (or a breaking update would be needed without a semver-major version bump)

We can and do update certificates in minor LTS releases so that's not an issue. We did so in v4.5.0, for example (and added a WoSign certificate in the process, I wryly note.)

@ChALkeR
Copy link
Member Author

ChALkeR commented Nov 3, 2016

@bnoordhuis Ah, if removing certs in semver-minor LTS releases is fine, then it would be much easier to adopt this change.

Another thing then — would we be able to keep the root certs until they are removed from the Mozilla root store, but distrust certs that are newer than 2016-10-21 and were signed by the affected StartCom and WoSign certs, like Google and Mozilla will do in 2017-01?

@bnoordhuis
Copy link
Member

distrust certs that are newer than 2016-10-21 and were signed by the affected StartCom and WoSign certs

We can. We already do something similar for CNNIC-issued certificates, see #1895.

@Fishrock123 Fishrock123 added this to the 8.0.0 milestone Nov 3, 2016
@silverwind
Copy link
Contributor

I too think we should not diverge from the Mozilla's certs unless absolutely necessary.

@bnoordhuis
Copy link
Member

Note to self: we can probably just take Mozilla's StartComAndWoSignData.inc from https://hg.mozilla.org/releases/mozilla-aurora/rev/f1024d90b420 but TBD how to deal with the back-dated certificates.

@shigeki
Copy link
Contributor

shigeki commented Nov 4, 2016

We cannot check backdated certs unless Certificate Transparency is supported. Mozilla says that they deprecates WoSign/StartCom certs immediately once a backdated cert is found in the future.
I think it is best to add WoSign/StartCom checks rather than to remove their root certs since the number of issued certs by them are so large that it affects a lot of Node users.

@bnoordhuis
Copy link
Member

My thinking was that, since there are only 60-something known back-dated certificates, we can simply hard-code their serial numbers.

@shigeki
Copy link
Contributor

shigeki commented Nov 4, 2016

They are all SHA-1 certs to be expired in the end of this year. I think it has little benefits to check them only for less than 2 months.

I've just made a patch to check certs issued by StartCom and WoSign as mozilla does in
shigeki@443a5ec

If there is no objections to do it, I will submit it.

@bnoordhuis
Copy link
Member

That's a good point. I left some comments on the commit. Go ahead and file a pull request.

@indutny
Copy link
Member

indutny commented Nov 4, 2016

@shigeki the commit looks quite good, please submit PR!

@ChALkeR
Copy link
Member Author

ChALkeR commented Nov 4, 2016

@indutny It's already here: #9469 =).

@shigeki shigeki closed this as completed in 89217d1 Feb 3, 2017
italoacasas pushed a commit that referenced this issue Feb 4, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
italoacasas pushed a commit to italoacasas/node that referenced this issue Feb 14, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: nodejs#9434
PR-URL: nodejs#9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
krydos pushed a commit to krydos/node that referenced this issue Feb 25, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: nodejs#9434
PR-URL: nodejs#9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
jasnell pushed a commit that referenced this issue Mar 7, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
jasnell pushed a commit that referenced this issue Mar 7, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
MylesBorins pushed a commit that referenced this issue Mar 9, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
MylesBorins pushed a commit that referenced this issue Mar 9, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: #9434
PR-URL: #9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
kevinsawicki pushed a commit to electron/node that referenced this issue May 16, 2017
When tls client connects to the server with certification issued by
either StartCom or WoSign listed in StartComAndWoSignData.inc, check
notBefore of the server certificate and CERT_REVOKED error returns if
it is after 00:00:00 on October 21, 2016.

See for details in
https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/,
https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html
and
https://support.apple.com/en-us/HT204132

Fixes: nodejs/node#9434
PR-URL: nodejs/node#9469
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
discuss Issues opened for discussions and feedbacks. security Issues and PRs related to security.
Projects
None yet
Development

No branches or pull requests

7 participants