«
»

DigiNotar #epic #fail #apple #too


Digging more into the DigiNotar CA compromise and how to fix it temporarily on Mac OS X until Apple releases a patch lets things getting even worse, both from the compromise and the Mac OS X side.

#1) The compromise side

From what is known now, DigiNotar not only had its own Root CA compromised, but also were in possession of two intermediate CA certificates issued by the Entrust Root CA – also compromised (the intermediate certs, not the Entrust Root CA). Where they seem to know which fraudulent certificates were issued with their Root CA certificate (see the list here), they seem to have no clue which fraudulent certificates were issued with the compromised intermediate CA certificates. This is a huge problem. Where we can go and simply untrust the DigiNotar Root CA certificate, e.g., using the Keychain utility, we can not untrust the intermediate CA certificates, because they are not listed in the certificate store. (And we can also not go and untrust the Entrust Root CA, because that would clearly break all other Entrust-signed certificates.)

What Mozilla, Google, and Microsoft did about the intermediate cert issue is simply blacklist them directly in their browsers. This is what Apple should also do and do it quickly!

#2) The Mac OS X side

On wednesday, I posted a screenshot as a howto on how to revoke the DigiNotar Root CA certificate in Mac OS X. Now with the intermediate CA certificate issue in mind it shows that this is not sufficient. You would either have to import (sic!) the two intermediate CA certs into the certificate store and explicitly mark them as untrusted, untrust the Entrust Root CA (s.a.), or wait for a fix from Apple.

And last but not least, Apple must have somehow misinterpreted how EV-SSL certificates are validated. When you visit a site that has an EV-SSL certificate, Mac OS X (Lion tested) seems to ignore (yes, really!) the trust level of the Root CA. Test it with this site. For the DigiNotar certificates this means that any fraudulent certificates are still valid for Mac OS X as long as they are EV-SSL certificates. BOOM.

What to do now? Delete the DigiNotar Root CA cert from the certificate store? That could work around the EV-SSL certificate bug in Mac OS X – you think (me also did). To my surprise, what you get then (at least from the test site mentioned above) is another EV-SSL certificate, this time signed by a DigiNotar intermediate certificate, signed by the Entrust Root CA. POW POW. You loose.

Anything left to say? No.

Update: There’s one more thing. It seems that this is not the first time Apple has problems with validating EV-SSL certificates the right way, see CVE 2009-1682 and CVE 2011-0199.

This entry was posted on September 3, 2011, 23:52 and is filed under security. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. No comments yet.
(will not be published)