Changes

==Issue B: Issuance of 1024-bit Certificate Issued Directly From Root Expiring After Deadline (Dec 2013 - Jan 2014)==

Symantec issued a cert to one of its customers, Pitney Bowes, that did not comply with at least two provisions one provision of both the CA/Browser Forum Baseline Requirements and Mozilla policy. Firstly, it was issued directly from a root, and secondly it It was a 1024-bit cert which expired after the end of 2013. Symantec believed this was the only technical way to ensure continuity of service for the customer concerned.

This cert was issued directly from the root. Recently, Symantec have produced a [https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/x_vrJtv7A0Y longer write-up] of the incident. In it, they point out that issuance from the root is permitted by [https://cabforum.org/wp-content/uploads/Baseline_Requirements_V1_1_6.pdf version BRs 1.1.6], the version in force at the time, if 5 conditions are met, and they say they were met. This cert was backdated, but that is not a BR or Mozilla policy violation, as long as it was not done to evade a technical control. It also als so has a short serial number. Entropy in the serial number is a SHOULD in the relevant version of the BRs ([https://cabforum.org/wp-content/uploads/Baseline_Requirements_V1_1_6.pdf version 1.1.6]). 20 bits of entropy is a MUST in the Mozilla policy ([https://github.com/mozilla/pkipolicy/blob/2.2/rootstore/policy.md version 2.2]), but it doesn't say it has to be in the serial number - it could be that they randomised the notBefore time. I am told Microsoft removed the allowance for doing entropy in the Date field on 11th November 2013, so this was a violation of their policies. Symantec say that they got a verbal exception from Microsoft.

Given that we did not query it at the time, we must accept that the BR criteria for direct issuance from the root were met. The Mozilla policy does not include the exceptions directly, but does reference BRs chapter 12, and so could be said to include the exceptions by reference.  The lack issuance of discussion in advance, a 1024-bit cert expiring after the delayed disclosure deadline was both a BR and a Mozilla policy violation. Symantec say: "we did not engage the broader browser community due to the time pressure around the holiday." This seems like a weak excuse. The inclusion of a BR-compliant OID in a certificate Symantec knew non-BR cert was not BR-compliant are all disappointing, but can be accepted as an oversight.