gosphotodesign - Fotolia
23,000 Symantec certificates revoked following leak of private keys
DigiCert revoked 23,000 Symantec SSL certificates amid a public spat between the company and former reseller partner Trustico, which claimed the certificates were 'compromised.'
DigiCert had thousands of Symantec certificates revoked Wednesday amid a dispute between the company and a former certificate reseller partner.
DigiCert, which acquired Symantec's certificate business last August, announced Wednesday that approximately 20,000 Symantec certificates, including GeoTrust, Thawte and RapidSSL brands, were to be revoked because their private keys had been exposed [DigiCert later revised the number to around 23,000 certificates]. The revocation process followed a bizarre spat between DigiCert and U.K.-based Trustico, a former certificate reseller partner of DigiCert's.
According to DigiCert, Trustico requested the revocation of the Symantec certificates because the reseller claimed the SSL certificates were "compromised." DigiCert said it requested evidence of the compromise, but Trustico did not provide any information regarding the allegation.
Instead, DigiCert claimed, "Trustico's CEO indicated that Trustico held the private keys for those certificates, and then emailed us approximately 20,000 certificate private keys." DigiCert said the email violated CA/Browser Forum Baseline Requirements because it exposed the private keys; as a result, DigiCert had the Symantec certificates revoked.
Trustico, however, tells a different story. The reseller, which weeks earlier had terminated its partnership with DigiCert and ceased sales of Symantec-branded certificates, claims DigiCert requested the private keys from DigiCert.
"At no time did we believe that we had compromised any private keys, though at the request of DigiCert we provided the private keys to them in order to facilitate a revocation request," the Trustico statement reads. "Trustico followed the requests of DigiCert by initially recovering private keys from cold storage and subsequently e-mailing the associated order number and Private Keys to DigiCert in a ZIP file. The file did not contain any other identifable (sic) data."
[Editor's note: Trustico's website was temporarily offline Thursday, but when the site was restored, a new version of the statement was posted that removed "identifable" from the above passage.]
SearchSecurity contacted Trustico General Manager Zane Lucas for further comment. Lucas did not respond to SearchSecurity's questions and instead emailed a link to the company's statement.
Several information security experts questioned why a reseller like Trustico would even have the private keys to begin with. The reseller said it "allows customers to generate a private key during the ordering process. These private keys are stored in cold storage, for the purpose of revocation." Jake Williams, founder and CEO of Rendition Infosec LLC based in Augusta, Ga., criticized the practice.
People seem to be burying the lead with the @MrTrustico mass certificate revocation. Trustico was storing private keys for it's customers (something it never should have had, let alone stored,). That's not how CA's are supposed to work. This is insane. 1/n
— Jake Williams (@MalwareJake) February 28, 2018
Kevin Beaumont, a security researcher based in the U.K., said Trustico's possession of private keys for thousands of Symantec certificates raises serious questions for the certificate authority industry and its customers.
With the private key you can decrypt the traffic by MITM proxy the traffic (by presenting in middle with the private key) so this looks like it fundamentally broke security for a lot of orgs. I think there’s a can of worms here. We only knew ‘cos CEO messed up.
— Kevin Beaumont (@GossiTheDog) February 28, 2018
Where's the compromise?
While Trustico did not offer any evidence of a compromise of DigiCert's PKI, the reseller did say it no longer felt its certificates were secure. "We believe the orders placed via our Symantec account were at risk and were poorly managed," Trustico said. "In good conscience we decided it wasn't ideal to have any active SSL Certificates on the Symantec systems, nor any that didn't meet our stringent security requirements."
Trustico also said in its statement that its concerns "also relate to the upcoming distrust" of Symantec certificates within Google's Chrome browser. Following a series of failures by Symantec's certificate authority business in recent years, Google and Mozilla last year implemented harsh sanctions against Symantec. Those actions included the gradual removal of trust from Symantec-issued certificates, which is scheduled to begin in April with the final release of Chrome 66.
DigiCert, however, called Trustico's claim "incorrect" and said the Symantec certificates were revoked solely because of the exposure of the private keys. "The upcoming Chrome distrust situation is entirely separate," DigiCert said in its statement. "We are working closely to help customers with certificates affected by the browser distrust, and we are offering free replacement certificates through their existing customer portals. That process is well underway."
The situation gets more confusing; while Trustico identifies itself as a reseller in the statement, the company also said that it believed it was a subscriber in accordance with Symantec's Subscriber Agreement. Therefore, Trustico claimed, it did not believe it had violated any security standards by possessing the private keys of the 23,000 certificates.
SearchSecurity contacted Lucas with additional questions, but neither he nor anyone else at Trustico has responded.
DigiCert, meanwhile, said it notified each certificate customer affected by the revocations in order for those customers to have replacement certificates in place. It's unclear how many individual customers were affected by the exposure.