Security Flaw to Force Revocation of Intermediate Certificates from Major CAs; Sectigo Unaffected
The head of Google's trusted root program has identified a large number of intermediate certificates from a variety of public certificate providers that violate the CA/Browser Forum's Baseline Requirements and pose a security risk.
According to the Baseline Requirements and Google's public statements, these certificates must be revoked and their keys destroyed within seven calendar days. For any intermediate certificate treated this way, all leaf certificates using that intermediate will be immediately distrusted in browsers and popular infrastructure components, requiring replacement. This could potentially represent a very large number of certificates from a variety of public CAs.
No certificate from Sectigo or any of its sub-brands is affected by this issue. However, certificates from other large CAs appear to be. Customers are advised to be on the lookout for sudden root distrust and the need to replace certificates immediately. Read on to learn more.
Intermediate Certificates Targeted for Revocation and Key Destruction
OCSP (Online Certificate Status Protocol) uses signed responses from a CA to inform a relying system in real time if a certificate is "good" or "revoked." Usually these responses are signed by the CA that issued the certificate. This is the case for Sectigo and its sub-brands. For example, an EV cert from "Sectigo EV RSA CA" would have OCSP responses signed by that CA.
There does exist a valid use-case for "delegated" responder certificates, where a different certificate is used to sign OCSP responses. These are allowed, and the Baseline Requirements section 4.9.9 states that under these circumstances the delegated responder certificate MUST contain an extension of type id-pkix-ocsp-nocheck.
On July 2 Google's Ryan Sleevi identified several hundred certificates that violate the BRs in this way. These certificates present a security risk because the delegated signer could potentially sign ANY OCSP response for the “parent” CA. (For example, Microsoft has the power to sign an OCSP response for ANY DigiCert certificate.) According to the BRs and Google’s public statements, these certificates must be revoked within seven days and a witnessed key destruction must be performed. In a witnessed key destruction, a trusted auditor documents the destruction of the keys, which therefore cannot be used again.
As a consequence of the witnessed key destruction, replacement intermediates will not be able to use the same keys as before, and the consequence of that is that all leaf certificates using these intermediates will fail. The only fix is the replacement of these certificates with new certificates issued off different intermediates.
This trust deficit can occur for any type of public certificate, including SSL/TLS, code signing, document signing, and S/MIME. You can view a list of affected CAs and intermediate roots. Contact your CA directly to learn if your certificates are affected.