Wandering Thoughts archives


Questionable TLS Certificate Authorities and Certificate Transparency

One piece of web security news of the time interval is that TrustCor Systems is, to quote the grugq's newsletter, "a root certificate authority with intelligence community ties that's registered in Panama and operates out of a UPS Store PO box in Toronto" (also, also, also). Concern over TrustCor is apparently not entirely new, but for whatever reason it didn't bubble back up in the modern era of browsers being more strict on CAs until now.

The good news is that the modern web TLS uses Certificate Transparency, which pretty much requires all TLS certificates used on the web to be logged in public to CT logs, where people can find them; this has been a significant improvement to the ecology. Based on this we can be fairly confident that TrustCor didn't (recently) issue any TLS certificates that would be generally damaging. The bad news is that this is only a partial protection against TLS certificate misuse and targeted attacks. As of now (early November 2022), Firefox doesn't require CT signatures on website TLS certificates, which means that an un-logged TrustCor TLS certificate could be used in a targeted attack against Firefox users (including possibly people using the Tor Browser, which is based on Firefox).

To go further afield, not all public TLS use is by web browsers. For non-browser use, TrustCor could issue un-logged TLS certificates that would be accepted by TLS using programs, such as malware that wants to contact a command and control server using a relatively innocent looking TLS certificate. Malware could always use its own hard-coded custom CA to sign its C2C TLS certificates, but then monitoring middleware might detect and alert on seeing such TLS certificates. Of course middleware could also alert on TLS certificates without CT log SCTs, but that's a more modern feature that you could hope monitoring middleware isn't quite up to date on.

Should you race to pull TrustCor from system root certificate stores (in browsers and elsewhere)? I don't know. For most people, it's probably not a high risk.

PS: I believe that the live TrustCor root certificates are here, here, and here, although I could have missed some in my crt.sh search and winnowing. They have a lot of intermediate certificates.

web/QuestionableCAsAndCertTrans written at 22:36:38; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.