View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001289||Main CAcert Website||certificate issuing||public||2014-07-11 19:03||2015-03-10 20:10|
|Platform||Main CAcert Website||OS||N/A||OS Version||stable|
|Fixed in Version||2014 Q4|
|Summary||0001289: CACert.Org Intermediate Cert Still Signed With MD5|
Firefox will not accept the current root certificates because they are still signed with old MD5.
Could not verify this certificate because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
I believe this also affects importing of email/client keys because FF refuses to import mine saying that I don't own the private key it was signed with.
|Steps To Reproduce||Import cacert.org root certificates. View Cert status within Firefox cert browser.|
|Tags||No tags attached.|
||New Firefox Nightly versions (33.0a1+) seems to check to whole chain for MD5 signing and therefore report every CACert signed certificate as untrusted.|
||I was able to override this in Thunderbird 24.6.0 but not so in latest Firefox; it doesn't have the same secret about:config setting that TBird has. I had to do this in order for my email cert to be accepted. If Thunderbird gets this update soon, none of the email certs will work because you won't be able to override the setting.|
||I can confirm that this is also in Firefox Nightly 34.0a1, and that the Firefox about:config setting "browser.xul.error_pages.expert_bad_cert" does not allow bypassing it.|
The CAcert Class3 intermediate root certificate is signed with a SHA1 hash, which is fully supported by Firefox.
The CAcert Class1 root certificate is *not* an intermediate certificate. It is signed with a MD5 hash, but since it should be installed as a trusted certificate anyway, this presents no security issue. Yet, some Firefox beta versions contain code which complain about the use of the MD5 algorithm here. This is a Firefox bug and is currently dealt with by Firefox through Bugzilla entry 1058812:
https://bugzilla.mozilla.org/show_bug.cgi?id=1058812 "mozilla::pkix rejects trust anchor certificates that are (self-)signed using MD5- or MD2- based signatures".
||Certificates signed with SHA-1 will be phased out too: https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ - so, better use SHA-512 to be on the safe side for a few years?|
||@ckujau: Please note that this mozilla notice is talking about certificates issued by a CA, and not about the actual root certificate. All certificates issued by CAcert are signed with a SHA-256, SHA-384 or SHA-512 hash (at the choice of the user) since January 2014, see https://bugs.cacert.org/view.php?id=1237 . Also the current CAcert Class3 intermediate root certificate is signed with a SHA-256 hash since May 2011 (and not SHA-1 as I erroneously mentioned in https://bugs.cacert.org/view.php?id=1289#c5008 ).|
||The problem is on the Firefox side (see my earlier notes), but does not occur with any released version of Firefox.|
|2014-07-11 19:03||utdrmac||New Issue|
|2014-07-18 22:07||SWW13||Note Added: 0004890|
|2014-07-18 22:13||utdrmac||Note Added: 0004891|
|2014-08-06 15:13||npiacentine||Note Added: 0004920|
|2014-09-15 13:36||wytze||Note Added: 0005008|
|2014-09-15 13:37||wytze||Note Edited: 0005008|
|2014-09-25 22:39||ckujau||Note Added: 0005032|
|2014-09-26 12:57||wytze||Note Added: 0005033|
|2014-12-01 15:53||wytze||Note Added: 0005142|
|2014-12-01 15:53||wytze||Status||new => solved?|
|2014-12-01 15:53||wytze||Fixed in Version||=> 2014 Q4|
|2014-12-01 15:53||wytze||Resolution||open => fixed|
|2014-12-01 15:53||wytze||Assigned To||=> wytze|
|2015-03-10 20:10||INOPIAE||Status||solved? => closed|