G’day Folks, It was a pleasure meeting many of the Mozilla community face to face at the CAB Forum meeting at Apple HQ last week. There are many others of you however, whose interface to the community is right here on this list, and so I wanted to share my perspective and feedback here on the recent dialogue so that the openness and transparency of the community is preserved.
Over the past few weeks, there’s been much debate and shared points of view around DarkMatter’s multi-year process to have our CA Roots included in Mozilla’s Root Store. Who could have predicted that along the way, the community would have such wide-spread impact from the serialNumber entropy issue? I do think the BRs are a little ambiguously worded in this regards, and this is what certainly tripped us up, but upon learning what was intended by the standard, DarkMatter has completed its revocation of every still valid affected TLS certificate (~175), and we actioned that immediately, completing the process over about 72 hrs (timing over the week-end in the UAE was not optimal for us otherwise we could have completed it sooner). We still need to re-issue the Issuing CAs and submitted Roots – these are dependent on the availability of our WebTrust Auditors, but we expect this to be finalized in the next week or so. Many others in the community are also evaluating replacement of affected certificates e.g. see [1] [2] [3], etc. But the volumes these organizations are dealing with will make it difficult to meet BR revocation timelines, which is why I think Mozilla’s recent acknowledgement of this challenge with a proposal for an updated best practice for revocation is the right discussion to have. I think this is where the community is at its best: working together to identify and manage issues, learning from each other in how best to take action and resolving it as quickly as possible while maintaining the security and integrity of services for end users. After all, we ultimately share the same goal: transparent community-based processes that promote participation, accountability and trust [4]. Resolving this issue together is a good example of this principle in action. As I reflect on the many discussions in this community, and also with the 40-odd companies at last week’s CA/B Forum, it is clear that there is quite an interest in the DarkMatter story. Unfortunately, the one that has often been promoted as evidence in this community – is one that is not based on truth, and one that has consistently been refuted by DarkMatter. I would like to set the record straight once and for all, and share with all of you why DarkMatter’s story is not what some have claimed, but is, I believe, actually completely aligned with Mozilla’s own manifesto. DarkMatter Group was founded by Faisal Al Bannai, one of the most accomplished business leaders in the Middle East [5], as a commercial business entity that specializes in Cyber Security services, and solutions. Al Bannai served as CEO and founder until recently (2018), when he handed over the leadership role of the company to Karim Sabbagh, formerly the CEO of the world leading satellite fleet operator SES [6]. Al Bannai is the sole beneficial shareholder of the DarkMatter Group. The CA business that I head within the DarkMatter Group, and which I will provide further details below, is a completely independent business unit housed in a legally separate subsidiary company. The general business of the DarkMatter Group is all centered around cybersecurity. DarkMatter is very active in our local constituency [7], [8], [9], we have even developed and launched our own mobile phone [10]. The Cybersecurity divisions of DarkMatter are fully engaged in and participate in identifying and disclosing malicious applications that attack the security and privacy of individuals everywhere. Some recent examples of this are where DarkMatter researchers identified and informed Google of a malicious application available on the Google play store [11], and DarkMatter researchers also made a responsible disclosure to Apple of a significant attack that “bypasses all native macOS security measures”, (which findings were also presented at Hack-In-the-Box conference in Singapore [12]. This just highlights a couple. For those who have questioned who is really in the driving seat of the DarkMatter CAs, I want to assure you that DarkMatter’s PKI business has always been operated independently. We are a legally separate entity – housed under a subsidiary of the DarkMatter Group. Only myself and my handpicked team ever have hands on key material, and no single individual can effect an issuance without the validation of a counterpart and always under multiparty and multifactor authentication. We have stringent controls around who is eligible to hold a trusted role, and they must continue to meet operational KPIs, training and risk evaluation metrics to remain in their role. These are validated via process review and audit. It’s worth noting why DarkMatter decided to launch our commercial CA three years ago - because citizens, residents and visitors to the UAE currently don’t have access to local providers who can provide them with digital protections all in local dialect and with local support - these are things perhaps taken for granted in other parts of the world. We recognized this and want to make sure our community has the same digital protections as everyone else because every nation deserves the right to build secure, trusted digital environments for the benefit of its citizens. As the operator for the UAE National PKI, acceptance of the UAE Global Roots is critical for this nation that is at the forefront of driving deployment of smart cities but where only 32% of its websites are protected compared to the 65% enjoyed by the rest of the world. At DarkMatter, we are committed to ensuring that all HTTP traffic is transitioned to HTTPS nation-wide, and region-wide where we can provide service. As we work towards the resolution of this issue, it is a good example of the principle in action: where individuals’ security and privacy on the internet are fundamental and must not be treated as optional [13]. As part of our long-term plan, our certificates will shortly be issued from CA’s chaining to Roots of the independent PKI subsidiary – which is currently undertaking a rebranding exercise (the original name attracted too many cyber squatters). Once the branding is complete, the DarkMatter CA subsidiary will be completely and wholly separate from the DarkMatter Group of companies in their entirety, and operations will continue under this independent entity. Although we have been planning this for some time, we are expediting the process now as the serial number issue has brought about an opportunity to rename the DM Roots as we re-issue them. The DarkMatter CA subsidiary, is the fourth commercial CA that I have contributed my services to for different companies over the course of my 20 years in this industry. Over that time, as now, I have seen that the commercial involvement in the development of the internet brings many benefits and a balance between commercial profit and public benefit is critical [14]. The fact that the UAE has decided to outsource the operations of its National PKI to a private entity, is I think is clear acknowledgement that the principles of trust and transparency don’t change, and it is best accomplished by those who have demonstrated expertise. I therefore believe that a sovereign UAE CA is a good example of the principle in action where the public benefit to digitally securing the nation is overwhelming, especially with the UAE experiencing a higher risk of suffering cyber-attacks. Together we have an opportunity to make a real difference in this part of the world and this is what I am passionate about and why I’ve been doing this work here for the past three years. Of course underpinning the benefits to the UAE and the rest of the world is having free and open source software that promotes the development of the internet as a public resource [15]. This goes beyond any company’s direct commercial interests and I am committed to working with the community to demonstrate this principle in action and the part we can all play in advancing a safe and secure internet that is open and accessible to all [16]. I understand that today the Mozilla community is not taking advantage of the CT Logs as much as other browsers are. Submitting all our TLS certificates to CT Logs has been a key initiative of our CA to demonstrate transparency in all that we are doing. I would be happy for my team to contribute code back to the open source community for validating TLS connections based on CT log data, so that FireFox and other Mozilla products have more options for verifying the work that we, and other CAs, are doing. No one is an island in this business of trust – we all swim in the same ocean. There should be consistent controls applied for all trust operators and I think our current environment of standards communally developed by CAB Forum and also codified in the Mozilla Root Store Policy help ensure that. We are committed to trust everywhere on the internet and here at the DarkMatter CA, we are working to ensure that protections are in place for our local community commensurate with the rest of the world. We intend to take a more active role in the Mozilla community and are pleased that our goals and objectives are so closely aligned. I hope that in future we can continue to move forward DarkMatter related discussions based on fact and transparency. These principles are not only necessary, but critical to ensuring the integrity of the trust community that Mozilla has built. Refs: 1. https://www.thesslstore.com/blog/mass-revocation-millions-of-certificates-revoked-by-apple-google-godaddy/ 2. https://www.zdnet.com/article/apple-google-godaddy-misissued-tls-certificates-with-weak-serial-numbers/ 3. https://www.theregister.co.uk/2019/03/13/tls_cert_revoke_ejbca_config/ 4. https://www.mozilla.org/en-US/about/manifesto/ Principle 8: Transparent community-based processes promote participation, accountability and trust 5. https://www.arabianbusiness.com/lists/392531-100-inspiring-leaders-in-the-middle-east-94faisal-al-bannai 6. https://spacenews.com/ses-sabbagh-takes-ceo-job-at-uae-cyber-firm/ 7. https://gulfnews.com/technology/darkmatter-named-expo-2020s-cybersecurity-solutions-provider-1.2246547 8. http://www.itp.net/618203-blockchain-breaks-new-ground-at-gitex 9. https://www.prnewswire.com/news-releases/darkmatter-introduces-blockchain-solutions-for-governments-and-enterprises-in-the-uae-597226021.html 10. https://www.darkmatter.ae/KATIM/ 11. https://www.darkmatter.ae/blogs/darkmatter-identifies-app-stealing-personal-information/ 12. https://www.forbes.com/sites/thomasbrewster/2018/08/30/apple-mac-loophole-breached-in-middle-east-hacks/#7791c17a6fd6 13. https://www.mozilla.org/en-US/about/manifesto/ Principle 4: Individuals’ security and privacy on the internet are fundamental and must not be treated as optional 14. https://www.mozilla.org/en-US/about/manifesto/ Principle 9: Commercial involvement in the development of the internet brings many benefits; a balance between commercial profit and public benefit is critical 15. https://www.mozilla.org/en-US/about/manifesto/ Principle 7: Free and open source software promotes the development of the internet as a public resource 16. https://www.mozilla.org/en-US/about/manifesto/ Principle 2: the internet is a global public resource that must remain open and accessible Regards, -- Scott Rea On 3/6/19, 11:15 PM, "dev-security-policy on behalf of Kathleen Wilson via dev-security-policy" <[email protected] on behalf of [email protected]> wrote: All, Thank you to those of you that have been providing thoughtful and constructive input into this discussion. I have been carefully reading and contemplating all of the messages posted in the mozilla.dev.security.policy forum. As the owner of Mozilla’s CA Certificates Module[1] and in an effort to respond to Matthew’s concerns about transparency[2], I would like to share my current thoughts about DarkMatter’s intermediate certificates and root inclusion request. I will make a decision after this discussion has run its full course. I appreciate that representatives of DarkMatter are participating in this discussion, and reiterate that I have not yet come to a decision. I would also like to remind everyone that we have not yet started the public discussion phase of DarkMatter’s root inclusion request. This discussion is separate from Mozilla’s root inclusion process, but will determine if the process will continue for DarkMatter’s root inclusion request. If this discussion concludes that DarkMatter’s intermediate certificates should be added to OneCRL, then the root inclusion request will be closed. However, if this discussion concludes that DarkMatter’s intermediate certificates should not be added to OneCRL, then DarkMatter’s root inclusion request will continue to follow the normal process. == Regarding DarkMatter’s current intermediate certificates == The current DarkMatter intermediate certificates are not constrained or technically controlled by the parent CA, as was confirmed by a representative of DigiCert[3]. This means that currently DarkMatter has all of the certificate issuance capability of a root certificate that is directly included in Mozilla’s root store. This is why we are having this discussion to determine if DarkMatter’s current intermediate certificates should be added to OneCRL. In my opinion, there are other options for DarkMatter. For example, a CA who is currently included in Mozilla’s program such as Digicert, could issue DarkMatter new intermediate certificates that are owned and controlled by DigiCert and for which DigiCert performs additional domain validation before issuance of end-entity certs in that CA hierarchy. I think that an option like this would provide sufficient oversight of DarkMatter’s certificate issuance, if we decide to add DarkMatter’s current intermediate certificates to OneCRL. == Regarding DarkMatter’s root inclusion request == Since I began working on Mozilla’s CA Program in 2008 I have rarely seen this much interest and opinions from the media and general public on root inclusion requests, even though all of our process is performed in the open[4] and includes a public discussion phase[5]. In my opinion, we should pay attention to the messages we're receiving, and subject this CA to additional scrutiny. As others have already pointed out[6] DarkMatter’s root inclusion request is reminiscent of CNNIC’s root inclusion request in 2009 [7] and their request to include an additional root in 2012 [8]. As Ryan reminded us[9] in his excellent analysis, the decisions about the inclusion of the CNNIC root certificates was based on “a rigid application of policy”. In one of my posts[10] about CNNIC’s root inclusion requests I stated: “There was a lot of discussion about government, politics, legal jurisdiction, what-if scenarios, and people’s opinions about the Chinese government. While I sympathize with people’s feelings about this, Mozilla’s root program is based on policy and evidence. While CNNIC has provided all of the required information to demonstrate their compliance with Mozilla’s CA Certificate Policy, no usable evidence has been provided to show non-compliance with Mozilla’s CA Certificate Policy.” As we all know, in 2015 Mozilla revoked trust in CNNIC certificates[11] after discussion[12] in this forum regarding the discovery that an intermediate CA under the CNNIC root was used to mis-issue TLS certificates for some domains, and subsequently used for MiTM. In that case, rigid application of the policy left our users at risk. This was an important learning experience for us. Root inclusion requests rarely receive this much attention. Another one that we have been reminded of is TeliaSonera’s root inclusion discussion[13], in which I stated: “Typically this would have been considered a very standard request, but this discussion turned into a political sounding board. Approval of this root-renewal request means that the CA complies with Mozilla’s CA Certificate Policy and provides annual audit statements attesting to their compliance. It in no way reflects my opinion, or that of Mozilla, on the actions of the owner of the CA in regards to their non-CA related businesses and practices.” Unlike CNNIC, TeliaSonera still has root certificates in Mozilla’s root store. Similar to many CAs in our program, TeliaSonera has had some compliance problems[14], but (to my knowledge) no evidence has been provided of TeliaSonera knowingly issuing certificates without the knowledge of the entities whose information is referenced in the certificates, or knowingly issuing certificates that appear to be intended for fraudulent use. TeliaSonera’s reported compliance problems have not yet been deemed to be egregious enough to warrant removal of their root certificates. Therefore, it is not as simple as saying that this DarkMatter root inclusion request seems similar to the CNNIC situation, so we should not approve DarkMatter’s root inclusion request. However, I believe that the CNNIC experience is a valuable lesson that should be taken into account when making a decision on DarkMatter. During CNNIC’s root inclusion process, the community expressed grave concerns about the company based on credible reports that they had been involved in interception and surveillance of web traffic, including providing malware products to others such as their government. Even with these credible news reports, the community was unable to obtain technical evidence of intentional certificate mis-issuance, so I approved their root inclusion request. In essence this meant ignoring the evidence that had been provided because I deemed that it was not directly applicable to the policy requirements for being a CA in our program. However, it wasn’t until much later that there was sufficient evidence to remove the CNNIC’s root certificate. Therefore, we should not ignore credible news reports regarding DarkMatter. Matthew correctly stated[15] that he “can not recall use of subjective discretion to deny admission to the program.” As demonstrated in both the CNNIC and TeliaSonera requests I have always tried to be as objective as possible in regards to root inclusion requests. However, as Ryan pointed out[16] “the program is, and has always been, inherently subjective and precisely designed to support discretionary decisions.” And Wayne said[17]: “A stronger argument along these lines is that we have plenty of CAs, so there is no good reason to take a risk on one that we lack confidence in.” I do not believe that we should take a certain action just because it is what we have always done. And we should use all of the information that is available to us in analyzing the risk that comes with including new root certificates, even if that means the decision is more subjective than previous decisions. The ultimate purpose of our transparency and our standards is to bolster trust in our CA program. Ignoring information that doesn’t fall within strict criteria does not serve that purpose. Mozilla’s root store policy[18] says: “We will determine which CA certificates are included in Mozilla's root program based on the risks of such inclusion to typical users of our products.” To me this means that if the risks of including a root certificate appear to outweigh the benefits, then we should deny the root inclusion. There are credible reports from multiple sources[19] providing reason to not trust the DarkMatter organization to issue TLS certificates without constraints. I think that the decision about DarkMatter should consider if the risk of including DarkMatter’s root certificates outweighs the potential benefit to consumers of Mozilla’s root store. As always, I continue to appreciate your thoughtful and constructive input. Thanks, Kathleen [1] https://wiki.mozilla.org/Modules/All#CA_Certificates [2] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/hi3WDHlYAgAJ [3] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/I8CYOScMBgAJ [4] https://wiki.mozilla.org/CA/Dashboard [5] https://wiki.mozilla.org/CA/Application_Verification#Public_Discussion [6] https://www.eff.org/deeplinks/2019/02/cyber-mercenary-groups-shouldnt-be-trusted-your-browser-or-anywhere-else [7] https://bugzilla.mozilla.org/show_bug.cgi?id=476766 [8] https://groups.google.com/d/msg/mozilla.dev.security.policy/QEwyx6TQ5TM/qzX_WsKwvIgJ [9] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/rNWEMEkUAQAJ [10] https://groups.google.com/d/msg/mozilla.dev.security.policy/QEwyx6TQ5TM/c3GXKsASCX4J [11] https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/ [12] https://groups.google.com/d/msg/mozilla.dev.security.policy/czwlDNbwHXM/Fj-LUvhVQYEJ [13] https://groups.google.com/d/msg/mozilla.dev.security.policy/mirZzYH5_pI/5LJ-X-XfIdwJ [14] https://wiki.mozilla.org/CA/Incident_Dashboard [15] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/ew5ZnJtVAgAJ [16] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/IfewIb0hAgAJ [17] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/joyWkf5TAgAJ [18] https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ [19] https://groups.google.com/d/msg/mozilla.dev.security.policy/nnLVNfqgz7g/YiybcXciBQAJ Scott Rea | Senior Vice President - Trust Services Tel: +971 2 417 1417 | Mob: +971 52 847 5093 [email protected] The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
