Rogue digital certificates vouching for the authenticity of a crucial piece of Internet infrastructure were issued in error during internal testing by a third-party authority, and missed by network security company Cloudflare.
Three TLS credentials wrongly issued by Financial Agency (Fina) in Croatia were reported, and created consternation among engineers as the certificates were for the Cloudflare public DNS server located at the Internet Protocol address 1.1.1.1.
“It is highly unlikely that the certificate subscribers demonstrated control over this IP address,” the reporter of the apparent mis-issue of credentials said.
As digital certificates are used to validate the identity of services, concerns arose that this was an attempt to maliciously impersonate Cloudflare’s 1.1.1.1 DNS offering.
Cloudflare wrote a blog post with technical details of the incident, and noted that while Fina’s certificate authority (CA) isn’t trusted and included by default in Google’s Android and Apple’s operating systems, or the Mozilla Firefox and Chrome browsers, it is incorporated by Microsoft by default.
Adding to the concern, Cloudflare discovered in its investigation of the event that Fina had issued a total of 12 certificates for 1.1.1.1, covering 15 domains.
In a mea culpa, Cloudflare, which operates certificate transparency logs, said it failed to properly monitor the digital credentials for its own domain.
“We failed three times. The first time because 1.1.1.1 is an IP certificate and our system failed to alert on these,” Cloudflare said.
“The second time because even if we were to receive certificate issuance alerts, as any of our customers can, we did not implement sufficient filtering.
“With the sheer number of names and issuances we manage it has not been possible for us to keep up with manual reviews.
“Finally, because of this noisy monitoring, we did not enable alerting for all of our domains. We are addressing all three shortcomings,” the Cloudflare blog authors wrote.
Cloudflare’s 1.1.1.1 DNS server is run in partnership with the Asia-Pacific Network Information Centre (APNIC) using one of the regional Internet registry’s address ranges.
The publicly routable 1.1.1.1 address is notorious for being misused in testing and experimental network configurations, generating large amounts of unsolicited traffic to it.
Testing, testing
Contacted by iTNews, Fina provided its explaination of what happened.
“The issue concerns SSL/TLS certificates issued for internal testing of the certificate issuance process in the production environment,” a spokesperson for the company said.
“An error occurred during the issuance of the test certificates due to incorrect entry of IP addresses.
“As part of the standard procedure, the certificates were published on Certificate Transparency log servers.
“The private keys remained exclusively within Fina’s controlled environment and were destroyed immediately, even before the certificates were revoked.
“The error that occurred during the issuance of these TLS certificates for internal testing did not compromise users or any other systems in any way,” the spokesperson said.
Anyone can set up shop as a CA
APNIC’s chief scientist Geoff Huston described the certificate authority system as an uncomfortable trade-off to iTnews and pointed to multiple failures over the past decade and a half.
“Anyone can set themselves up as an X.509 CA and issue certificates; there is no permission required to do so,” Huston said.
“The key question is who is prepared to trust these certificates, and in particular trust the bona fides of the party identified by the certificate’s subject name.
“The commonly used arbiter of trust is the CAB Forum where the popular browsers (Chrome, Safari and Mozilla) and the common certificate issuers determine policies for browsers to trust the certificates issued under the bona fides of the member certificagte authorities,” Huston explained.
Currently, the web PKI system is one of distributed trust across multiple CAs, which provides scalability and resilience through diversity of providers.
Its weakness lies in the entire system only being as secure as its least reliable member, as any trusted CA could in theory issue certificates for any domain, or any IP address.
However, certificate flubs aren’t without their risks, past experience suggests.
In 2016, Symantec (now renamed Gen Digital) and its CA partners wrongly issued certificates for several domains, including ones used for testing, such as example.com, and test.com, as well as google.com.
The owner of example.com, the Internet Corporation for Assigned Names and Numbers (ICANN) said it never authorised the certificates or their issue by Symantec.
Even though Symantec reacted quickly and revoked the certificates, Google and other browser vendors penalised the security vendor by distrusting its TLS credentials, citing a large number of them being improperly issued.
Following widespread industry distrust after the incident, Symantec sold its certificate business to Digicert in 2017.
Source link
