Accountapprovers, antispam, confirm, emeritus
4,925
edits
Changes
Update Issue P to note WoSign's further comments
Richard Wang: "This is another case that we will include it in our report. We issued two test cert using SM2 algorithm that used the same serial number as the RSA cert (same subject) to test if we can setup a gateway that install this two type cert, it can shake hand automatically using different cert based on the browser algorithm support." (Unable to find this message in the groups.google.com archive.)
This issue is also covered in WoSign's [https://www.wosign.com/report/WoSign_Incident_Final_Report_09162016.pdf final incident report].Their later [https://www.wosign.com/report/WoSign_final_statement_09232016.pdf final statement] document says: "being a Chinese licensed CA, we must abide by local laws and regulations, we must actively cooperate with domestic browsers to test the SSL certificate using SM2 algorithm issued by aglobal trusted root in the real Internet, not intranet."
===Further Comments and Conclusion===
There are plenty of ways of testing this scenario without using public roots - and, in fact, WoSign has said they have updated their systems to avoid issuing test certificates from public roots in future. Mozilla is sceptical of the claim that Chinese law or regulation required WoSign to issue these certificates. However, if that were true, the Baseline Requirements contain a mechanism (section 9.16.3) by which a CA can break the BRs if required to do so by local law, with appropriate disclosure to the CAB Forum. That was not done in this case.
We note that Symantec was penalised in late 2015 for issuing non-BR-compliant test certificates in their publicly-trusted certificate hierarchies. Their problems were first revealed in September, and one big discussion of these problems happened in m.d.s.policy starting on 13th October 2015. All of these dates are prior to WoSign's test certificate misissuances.
==Issue R: Purchase of StartCom (Nov 2015)==
