Tens of thousands of secure websites might start to display certificate errors to their visitors in January, when Microsoft plans to stop trusting 20 CAs (certificate authorities) from around the world.
The list of certificates that are scheduled to be removed from Microsoft's Trusted Root Certificate Program belong to CAs run by private or state-owned organizations from the U.S., France, the Czech Republic, Japan, Denmark, Chile, Turkey, Luxembourg, Ireland, Slovenia, and Brazil.
With their removal from Microsoft's program, the CAs will also be removed from the certificate trust list in Windows that's used by browsers such as Google Chrome, Internet Explorer and Microsoft Edge, as well as by email clients and other applications that support secure communications over SSL/TLS.
When such applications encounter a certificate on a website or other type of server, they verify its authenticity by checking whether it has been signed by a CA listed in the Windows certificate store, or by an intermediary issuer that's itself signed by such a CA.
Therefore, the removal of a CA's certificate from the Microsoft Trusted Root Certificate Program will essentially render all certificates that chain back to it as untrusted. This doesn't apply just to SSL/TLS certificates, but also to code-signing certificates that are used to validate that software programs have been released by legitimate developers and haven't been modified.
Microsoft will remove the 20 CAs because they either voluntarily chose to leave the root program, or because they failed to comply with more stringent technical and auditing requirements that were published in June, said Aaron Kornblum, program manager for governance, risk management and compliance in Microsoft's Enterprise & Security Group, in a blog post Thursday.
It's not clear how many of the 20 organizations decided to retire their CAs willingly, but some of them were not aware that their certificates have been flagged for removal until yesterday.
"We don't have any information from Microsoft about removing our CA from the MTRCP program," said Miroslav Trávníček, project manager at PostSignum, a CA operated by the state-owned Czech Post. "We have an audit valid until December 2016, which was confirmed by Microsoft," he said via email.
PostSignum provides digital certificates for websites, email encryption and electronic signatures needed to communicate with public institutions. It is on Microsoft's list of CAs that are scheduled to be removed.
Certigna, a CA based in France with over 7,000 customers, learned about the removal plans yesterday when Microsoft published its announcement, according to Arnaud Dubois, the CEO of Dhimyotis, the CA's parent company.
It's because of a change to a contract that hasn't been taken into account, but should be fixed Monday or early next week, Dubois said.
Yannick Leplard, director of research and development at Dhimyotis, explained that the company was supposed to sign a new contract with Microsoft in June committing to respect a number of good practices that the CA already follows.
"We’ve checked and it seems that we only received the draft of the contract, and so Microsoft hasn’t had the real contract from us," he said. "We had a contract marked 'For review only,' so we signed the draft."
A root certificate belonging to DanID, a CA operated by the Danish company Nets, is also listed for removal. Nets runs NemID, an hardware-authentication system widely used in Denmark for online banking, government websites and services operated by private companies.
Nets did not immediately respond to a request for comment. Neither did Serasa Experian, the leading credit bureau in Brazil, or the American financial services company Wells Fargo, both of which have multiple root certificates flagged for removal.
Post.Trust, an Irish CA that Microsoft plans to untrust, already has a notice on its website, informing customers that it has ceased to issue SSL certificates. This might be one of the CAs that voluntarily withdrew from the program.
In its notice, the company says that "SSL certificates issued by Post.Trust will remain valid until expiry." While technically this is true, once Microsoft removes the root certificate, users will begin to see errors when they try to access websites that use Post.Trust-issued certificates. The same is true for certificates that chain back to any of the trusted CAs.
"If you use one of these certificates to secure connections to your server over https, when a customer attempts to navigate to your site, that customer will see a message that there is a problem with the security certificate," Kornblum said. "If you use one of these certificates to sign software, when a customer attempts to install that software on a Windows operating system, Windows will display a warning that the publisher may not be trusted. In either case, the customer may choose to continue."
Even though users have the option to bypass the security warnings and add to exceptions in their browsers, it's likely that many of them won't. Microsoft recommends that owners of certificates linked to the soon-to-be-removed roots obtain replacements for them from other providers. However, they might want to contact their current CAs first and ask if they have any plans to fix this problem.
In an emailed statement, a Microsoft representative clarified that this action is not related to the industry effort of phasing out SHA-1-signed certificates, even though all root certificates flagged for removal have SHA-1 signatures.
The root CAs in question are being removed because they were not able to comply with the audit requirements that Microsoft uses to ensure that their operations are secure and up to industry standards. The company started talking with the organizations that operate the CAs about the program changes several months ago, to give them ample time to comply, the representative said.
(Additional reporting by Peter Sayer in Paris.)