[cabfpub] Application for SHA-1 Issuance

Peter Bowen pzb at amzn.com
Thu Jul 28 12:56:04 UTC 2016


I re-ran the same test Dr. Stevens did with the tbsCerts that Dean posted (which were just base64 encoded and slightly lower in the email.  No MD5 or SHA1 issues.  Here are the hashes and subject from each tbsCert presented.

md5 f0520d562945c239841b834ce5f3b254 CN=ssl1.tsysacquiring.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 d0e91ceed6faf88ebb3489bc5a55b12d3659fa72 CN=ssl1.tsysacquiring.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 41b3b76ab9a0536901947c17372aebfc CN=ssl1.tsysacquiring.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 c88c5eb29a1981af757c357b58823fc6ca1b4533 CN=ssl1.tsysacquiring.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 0815141d15cca9a4bd058c73d5e91f1a CN=ssl1.vitalps.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 1b335f20ef2e42c4749e2dd9cccaccab74030493 CN=ssl1.vitalps.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 d2d29665b6b93f8d23934168d7f18a7c CN=ssl1.vitalps.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 61fe7aeec2bbd2499ccba62e4e7e90c969c0bad4 CN=ssl1.vitalps.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 db72b110ca0613a87898785d0bb30da7 CN=ssl3.vitalps.net,OU=TDS-PMN_Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 d8c2359f440c14afbc806274b8809b3208f41311 CN=ssl3.vitalps.net,OU=TDS-PMN_Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 fb9da346132dcf32cce99c34426245df CN=ssl2.vitalps.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 784d225138ef8bc3e027099626f0fe4c32e1f91b CN=ssl2.vitalps.net,OU=TDS-Reston,O=TSYS,L=Columbus,ST=Georgia,C=US
md5 7a0360f307137e1d7789aefd522b0dfc CN=ssl2.vitalps.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US
sha1 75b7210f19cb2ccff69f6db2fca6132455313586 CN=ssl2.vitalps.net,OU=TDS-Dallas,O=TSYS,L=Columbus,ST=Georgia,C=US




> On Jul 28, 2016, at 1:33 AM, Erwann Abalea <Erwann.Abalea at docusign.com> wrote:
> 
> Bonjour Rick,
> 
> As said, in the first set of 8 tested objects, these are really the tbsCertificate first proposed (with the magical dust in OU).
> 
> But in the second set of 7 tested objects, these are in fact the complete certificates (the original ones), and not the tbsCertificate proposed to replace them (with the same key and name, but different serial number and dates).
> 
>> […]
> [stevens TSYS2]$ time ../detectcoll_allDVs *.der 
> sha1 f75716390925b752b403a7bbf6acb349de9d8d09 ssl1.tsys.1.txt.der
> […]
>> 
> The displayed SHA1 hash is identical with the one of the certificate found at https://crt.sh/?id=12924024, on which the proposed tbsCertificate is based.
> 
> A perfectly understandable mistake.
> 
> Cordialement,
> Erwann Abalea
> 
>> Le 28 juil. 2016 à 00:08, Rick Andrews <Rick_Andrews at symantec.com> a écrit :
>> 
>> Erwann,
>> 
>> Marc Stevens said "certs" but he meant "TBSCertificates". We didn't sign
>> certificates; we published TBSCertificates.
>> 
>> -Rick
>> 
>> --------------------------
>> 
>> From: Erwann Abalea <eabalea at gmail.com>
>> Date: July 27, 2016 at 12:41:27 PM GMT-5
>> To: Dean Coclin <Dean_Coclin at symantec.com>
>> Subject: Re: [cabfpub] Application for SHA-1 Issuance
>> He tested the full certificates of the second set, not their tbs, in fact. 
>> 
>> Le mercredi 27 juillet 2016, Dean Coclin <Dean_Coclin at symantec.com> a
>> écrit :
>> I saw an email from Marc Stevens on the Mozilla list a few days ago which
>> indicated he tested both the original set of TBS certs and the 2nd set and
>> did not see any issues. 
>> (See:
>> https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/sku5NYXd
>> pOM)
>>  
>> Are there other questions that folks would like to ask or concerns that can
>> be addressed?
>>  
>> Symantec is awaiting approval from browsers to schedule the signing ceremony
>> this weekend if possible.
>>  
>> Thanks,
>> Dean
>>  
>> From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
>> Behalf Of Ryan Sleevi
>> Sent: Monday, July 25, 2016 4:26 PM
>> To: Rob Stradling <rob.stradling at comodo.com>
>> Cc: Dean Coclin <Dean_Coclin at symantec.com>; CABFPub <public at cabforum.org>
>> Subject: Re: [cabfpub] Application for SHA-1 Issuance
>>  
>>  
>>  
>> On Mon, Jul 25, 2016 at 2:20 PM, Rob Stradling <rob.stradling at comodo.com>
>> wrote:
>> IINM, both Gerv and Ryan indicated (or at least strongly implied) that
>> rigid construction was a prerequisite for their (Mozilla's and Google's)
>> approval of TSYS's request.  Did I misread something?
>>  
>> From https://cabforum.org/pipermail/public/2016-July/008096.html
>>  
>> "Certificates whose contents are entirely predictable or in line with
>> precedent would also be acceptable; but it seemed like there were
>> several questions about that floating around, and doing the serial
>> numbers by strict construction makes them all moot. If you want to try
>> dealing with all the questions about the contents instead, you are
>> welcome to try."
>>  
>> Also, I don't see the relevance of "strong consensus".  AIUI, there must
>> be unanimous agreement.  If just one root program operator rejects
>> TSYS's request, then you can't issue the SHA-1 certs.  Similarly, if
>> just one root program operator says rigidly constructed serial numbers
>> are required, then you can't use random serial numbers.
>> 
>> 
>> -- 
>> Erwann.
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public




More information about the Public mailing list