By Sigbjørn VikSigbjorn. Friday, January 4, 2013 10:34:46 AM
It recentely came to our attention that Turktrust, a Turkish Certificate Authority, had erroneously issued two certificates with the ability to issue new certificates. One of these sub-CAs had then been used to issue a certificate for google.com, without Google's knowledge or approval. Once Turktrust became aware of this, they responded correctly by informing us, and revoking what they could. Since Opera requires a successful revocation check in order to show a site as secure, Opera users were immediately protected, and there was no urgent need for us to update our rootstore.
Turktrust investigated the issue, and found that the sub-CAs were issued due to a programming error. One of them was additionally issed without revocation information, making it impossible to revoke - note that this sub-CA would not have worked in Opera in any case. It also seems that the google.com certificate was automatically issued by an over-zealous firewall/proxy, and not used fraudulently in any manner. Turktrust assures us that they have found the reason for the bug, that it is now fixed, and that they will put additional security practices in place to ensure this will not happen again. We have no reason to distrust any of this information.
Unapproved sub-CAs are one of the major nightmares of anyone concerned about certificates on the Web, and at Opera we take this kind of breach seriously. We have thorougly considered how we should respond to this. We have several options.
- Accept Turktrust's assurance that the breach is contained, and it will not happen again, and do nothing
- Reduce the trust level in Turktrust
- Remove Turktrust's roots from our rootstore - this means any sites chaining to them would give users certificate warnings, and show up as insecure
- Blacklist Turktrust's roots from our rootstore - this means any sites chaining to them would be blocked for users
We have concluded that this incident is too serious to overloook, and that it has reduced our trust in Turktrust. The CA business is a competetive business, and companies might be tempted to cut corners. By showing that insecure practices result in responses harmful to the business, we also hope that a reaction from us will work preventatively, so that other CAs remain secure. At the same time, we do not want to make users' lives any harder, and we have no reason to believe that Turktrust is not honest with us, or that there are any real threats against users.
This means we have decided to reduce the trust we place in Turktrust, by removing the Extended Validation seal from their roots. We will still keep the roots in our rootstore, and users will see sites approved by Turktrust as secure, but no such sites will get the most secure rating, the green "Trusted". Essentially we will put Turktrust on probation. If no other incidents occur during the next year, we will reinstate full trust levels. Should more incidents surface, we will evaluate our next step. We might also require an updated audit from Turktrust before reinstating the EV seal.
We will update our rootstore with the new policy, and Opera installations will automatically update during the next week or so. We will additionally blacklist the two sub-CAs, to make any attempted use of them stand out even more for users.
Thanks to Google for first reporting this to us.