Microsoft has taken the unusually bold step of revoking the Windows Root Certificate Program's trust in a specific certification authority (CA), and the same CA is being blacklisted by browser makers Mozilla and Opera. These moves are not a reactionary maneuver to a malicious compromise, as seen with GlobalSign, Comodo, and DigiNotar. Rather, they're the result of the CA, Digicert Sdn Bhd (Digicert Malaysia), having violated several key best practices. The decisions of Microsoft, Mozilla, and Opera -- with more vendors likely to follow -- should send a clear warning that the industry is becoming less tolerant of shoddy digital-certificate security, particularly in light of recent hacks.
In the case of Microsoft (my full-time employer), this means that Windows will no longer vouch for the CA as being trusted. Windows will not reflexively have the CA prepopulated or placed on demand in its Trusted Certificate Authorities container. If a user receives a digital certificate signed by Digicert, his or her application will probably display at least a digital certificate error and refuse to instantly accept it as trusted. Depending on the application, users may have the option to ignore the warning and proceed.
[ Download Roger Grimes's "Data Loss Prevention Deep Dive" PDF expert guide today! | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. | Get a dose of daily computer security news by following Roger Grimes on Twitter. ]
According to Jerry Bryant, group manager of Microsoft's Trusthworthy Computing branch, Digicert Malaysia -- subordinated under Entrust and Verizon (GTE CyberTrust) -- was found to have violated several key digital certificate best practices. Among them, the CA issued certificates with weak 512-bit keys, without appropriate usage extensions, and without appropriate revocation information.
In today's world, 512-bit keys are considered extremely short and easily crackable. For public key cryptography keys, standard key sizes is 1,024 bits or bigger. Many companies, including Microsoft, now recommend 2,048-bit keys as the bare minimum. Smaller key sizes are acceptable and expected with certain digital certificate algorithms, such as Elliptical Curve Cryptography (ECC). The Digicert Sdn Bhd keys were probably RSA keys, which are traditionally used more often in public digital certificates.
Usage extensions are part of the digital certificate X.509 PKI standard governing digital certificates, indicating uses for an issued digital certificate. For example, usage extensions might specify which DNS domains the certificate is valid for, whether or not it can be used to sign other CA digital certificates, and whether or not it can be used for encryption or code signing. Without designated extensions, a digital certificate might be used for unintended expanded purposes. Public CAs should always issue digital certificates with defined extensions.