• United States




Sloppy certificate authorities put on notice

Nov 08, 20114 mins
Application SecurityAuthenticationData and Information Security

In the wake of GlobalSign, Comodo, and DigiNotar attacks, Microsoft, Mozilla, and Opera revoke untrustworthy certs

Microsoft has taken the unusually bold step of revoking the Windows Root Certificate Program’s trust in a specific certification authority (CA), and the same CA is being blacklisted by browser makers Mozilla and Opera. These moves are not a reactionary maneuver to a malicious compromise, as seen with GlobalSign, Comodo, and DigiNotar. Rather, they’re the result of the CA, Digicert Sdn Bhd (Digicert Malaysia), having violated several key best practices. The decisions of Microsoft, Mozilla, and Opera — with more vendors likely to follow — should send a clear warning that the industry is becoming less tolerant of shoddy digital-certificate security, particularly in light of recent hacks.

In the case of Microsoft (my full-time employer), this means that Windows will no longer vouch for the CA as being trusted. Windows will not reflexively have the CA prepopulated or placed on demand in its Trusted Certificate Authorities container. If a user receives a digital certificate signed by Digicert, his or her application will probably display at least a digital certificate error and refuse to instantly accept it as trusted. Depending on the application, users may have the option to ignore the warning and proceed.

[ Download Roger Grimes’s “Data Loss Prevention Deep Dive” PDF expert guide today! | Stay up to date on the latest security developments with InfoWorld’s Security Central newsletter. | Get a dose of daily computer security news by following Roger Grimes on Twitter. ]

According to Jerry Bryant, group manager of Microsoft’s Trusthworthy Computing branch, Digicert Malaysia — subordinated under Entrust and Verizon (GTE CyberTrust) — was found to have violated several key digital certificate best practices. Among them, the CA issued certificates with weak 512-bit keys, without appropriate usage extensions, and without appropriate revocation information.

In today’s world, 512-bit keys are considered extremely short and easily crackable. For public key cryptography keys, standard key sizes is 1,024 bits or bigger. Many companies, including Microsoft, now recommend 2,048-bit keys as the bare minimum. Smaller key sizes are acceptable and expected with certain digital certificate algorithms, such as Elliptical Curve Cryptography (ECC). The Digicert Sdn Bhd keys were probably RSA keys, which are traditionally used more often in public digital certificates.

Usage extensions are part of the digital certificate X.509 PKI standard governing digital certificates, indicating uses for an issued digital certificate. For example, usage extensions might specify which DNS domains the certificate is valid for, whether or not it can be used to sign other CA digital certificates, and whether or not it can be used for encryption or code signing. Without designated extensions, a digital certificate might be used for unintended expanded purposes. Public CAs should always issue digital certificates with defined extensions.

Lack of revocation information means that the issued digital certificates cannot be verified back to the issuing authority (and/or its parents) to check whether it is valid and has not been revoked. Revocation information, often a HTTP link, allows users and applications to verify whether a certificate is still considered valid. Whether a consumer checks the revocation information is often optional, but as the industry puts greater reliance on public PKI, revocation information is becoming a more important requirement.

Microsoft’s removal of Digicert from its Root Certificate program marks a rare event, especially given that the CA was not maliciously compromised. All public CAs are expected to follow best practices — and usually do.

Clearly, this is Microsoft’s warning to other CAs that poor certificate issuing practices will not be tolerated. There are many other CAs that do not include revocation information or don’t appropriately restrain their issued certificates using extensions. Just check the ones located in your certificate store database on your computer. It’s likely you’ll see a few missing the same items. You can bet those CAs are paying closer attention now.

This story, “Sloppy certificate authorities put on notice,” was originally published at Keep up on the latest developments in network security and read more of Roger Grimes’s Security Adviser blog at For the latest business technology news, follow on Twitter.


Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

More from this author