Saturday, July 4, 2015

June 30, 2015 Apple iOS / OS X Certificate Trust update

Apple Certificates Trust List changes in iOS 8.4 an OS X

List of available trusted root certificates in iOS 8
List of available trusted root certificates in OS X Yosemite

Both show Last Modified: Jun 30, 2015, the previous modification was April 9, 2015.  I downloaded them and compared a difference with the previous versions.  They're big lists, so to make it simple:

The only change affects the CNNIC, China Internet Network Information Center. Two Root Certificates from CNNIC were removed from the Trust Store, and a whitelist of previously issued certificates were added.







Apple says: "An intermediate certificate was incorrectly issued by the certificate authority CNNIC. This issue was addressed through the addition of a mechanism to trust only a subset of certificates issued prior to the mis-issuance of the intermediate."


The CNNIC / MCS incident received substantial coverage, I won't rehash it here but link to the major primary source commentaries.  


  1. Maintaining digital certificate security - Google
  2. The MCS Incident and Its Consequences for CNNIC - Mozilla (PDF)
  3. MCS Response to Google Blog - MCS 
  4. Clarification on some media’s claim that “CNNIC has issued certificates for MITM attack” - CNNIC
  5. Google Chrome will banish Chinese certificate authority for breach of trust - Arstechnica.com


While the CNNIC root certificates are not trusted, Apple added a lot of existing certificates issued by CNNIC before April 1, 2015.  Comparing to the actions others, it seems Google (1) is using the "publicly disclosed whitelist" while Mozilla (2) decided to implement a date based approach.  Mozilla has a tracking bug for items that CNNIC must address in order to get reinstated.



Removed:
SHA1 Fingerprint: 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E
China Internet Network Information Center EV Certificates Root  China Internet Network Information Center EV Certificates Root  RSA  2048 bits  SHA-1  48 9F 00 01  07:11:25 Aug 31, 2030  1.3.6.1.4.1.29836.1.10 
SHA1 Fingerprint: 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F
CNNIC ROOT  CNNIC ROOT  RSA  2048 bits  SHA-1  49 33 00 01  07:09:14 Apr 16, 2027  Not EV 

Apple provides more information about the "partial set" of CNNIC issued certificates that are being grandfathered in.

  1. About the security partial trust allow list


CNNIC EV Certificates Root -> CNNIC EV SSL

       Some interesting entries are below.  These don't appear to conform to EV baseline requirements (unqualified) unless the hostname is just not printed correctly, or they may not be server authentication certificates.  Five are already expired.  The unqualified names appear to be be CNNIC internal for PKI operations (RA=Registration Authority, etc).


Certificate NameAlgorithmSerial NumberExpiration
aa01 1024 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 DC 11-2016
RASERVER 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 7D 9-2015
auth.cnidrz.cn 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 C0 4-2015
www.cnidrz.cn 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 C1 4-2015
www.e-shenhua.com 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 BB 5-2015
www.sfn.cn 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 C5 5-2015
www.sudu.cn 2048 bits  SHA-1 1A 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 C2 4-2015

CNNIC Root -> CNNIC SSL
      This list has 1429 certificates, 318 of which are expired. I picked out some hosts below that are of interest.  I checked a few sites to see if they are reachable, and wasn't able to verify any.  I did find a few that are using WoSign certs (www.escience.cn) for example.  The addresses in the table below might be CNNIC internal (RA means Registration Authority in a PKI for example).


Certificate NameAlgorithmSerial NumberExpiration
218.241.98.161 1024 bits  SHA-1 44 F3 00 01 9-2015
218.241.98.167 1024 bits  SHA-256 00 92 E0 FA DA E7 0E D8 01 3A 5B C7 9E A0 63 76 F2 11-2024
61.135.129.80 2048 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 15 C9 9-2015
61.135.129.88 2048 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 15 CA 9-2015
aa001 1024 bits  SHA-1 1C 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 E0 5-2015
aa001 1024 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 18 8D 5-2015
aa003 1024 bits  SHA-1 1C 2F DD D9 35 3B 65 EE 1B B4 66 19 4D F3 10 E1 5-2015
admin 1024 bits  SHA-256 00 D4 BA 5D 74 09 B2 E9 8A DF 20 57 D2 3A C8 18 F6 12-2015
admin 1024 bits  SHA-256 5A B1 E6 B4 CA F6 9D 97 CA 8E 61 AC D1 25 D5 19 2-2020
admin 1024 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 18 9F 6-2016
eee 2048 bits  SHA-256 00 E5 B6 35 17 43 47 B6 D0 FD 11 14 5B 34 8D 56 22 12-2015
firstpa 1024 bits  SHA-256 00 EF 1E 7B DE 2C D0 20 CC 34 D2 EF 30 EC 8B 9E 60 11-2024
firstpa 1024 bits  SHA-1 44 F3 00 02 9-2015
ra 1024 bits  SHA-256 00 8F B6 2D 47 FE 73 F1 00 EE BA 22 D0 7B 4B 6B 9F 12-2019
ra 1024 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 15 5E 3-2017
raadmin 1024 bits  SHA-256 79 3E 14 07 1F 0E 08 8C 7F 6D 15 95 2A A3 C8 69 12-2015
rads 1024 bits  SHA-256 25 79 DF 31 EC 34 B4 8D 5F DA 82 AD B6 E2 10 90 12-2019
radstest 1024 bits  SHA-256 00 C7 05 AA 86 67 C1 27 A6 08 8A 09 E3 8E B5 DD F5 12-2015
sslsecondpa 1024 bits  SHA-1 10 C0 97 CE 7B C9 07 15 B3 4B 95 F7 B1 41 14 74 7-2015
t1 2048 bits  SHA-256 25 D8 B2 5E 3C 7A 78 CD AB 97 06 4F 0C 9C 9B 84 12-2015
test 1024 bits  SHA-256 25 EB 7D 72 B9 C0 47 62 73 22 C8 E7 ED 26 57 A9 12-2015
test 2048 bits  SHA-256 48 98 DF D6 CE 28 ED B9 6A 55 82 65 B2 AD 92 26 12-2015
test.cnnic.cn 1024 bits  SHA-256 00 C3 8B 4C D7 E9 81 FD 71 B5 71 A8 74 65 B6 F1 CE 12-2015
test1 1024 bits  SHA-256 00 C1 DF C2 8A 44 80 44 25 82 62 8C 66 C8 02 31 FD 12-2015
test1.cnnic.cn 1024 bits  SHA-256 6C F8 68 07 8F 67 DA 11 F9 30 E7 B2 5D CD 49 9F 12-2015





No comments:

Post a Comment