The Opera Rootstore

The Basque CA Izenpe (EV-enabled in September) is preparing a new line of EV certificates to be used by Spanish government web sites. These new certificates are mandatory for all the public administrations according to the 11/2007 law. Currently, only Izenpe is able to issue these certificates as EV because Izenpe is the only Spanish CA certified to issue EV certs. Izenpe have designated an extra EV-OID for this line of certificates. This new OID has now been added to the list of OIDs recognized for the Izenpe EV Root. This is the first time a CA has had two EV-OIDs enabled for the same Root in Opera. A testsite is available

We have also added a few certificates to the list of untrusted certificates.

* Two of these certificates leveraged differences (related to handling of NUL bytes) in the processing of hostnames between a CA's domain name checking systems and some browsers to trick the CA into thinking it was validating a certificate for www.mybank.com<nul>.www.example.com, while the browser would think the certificate was for another site, www.mybank.com, which could facilitate a Man-In-The-Middle attack on the user. While the issuing CA has revoked these certificates we are taking the extra precaution of adding the certificates to the list of untrusted certificates. Therefore, they will not accidentally be accepted by users if the revocation system fails. Both CAs and browsers have been fixing the related issues, and Opera included fixes for this issue in Opera 10.00.

* Additionally, in preparation for future code changes in Opera Presto 2.4, and just to be on the safe side, we have added two object signing certificates that were issued in 2001 to someone pretending to act on behalf of Microsoft. While these certificates have long since expired, the possibility exists that they could still be used maliciously.

These certificates are only downloaded and installed in the untrusted repository when they are actually encountered.

In version 1.1 of the Opera Public Suffix list we have added the domain operaunite.com as a public suffix domain. We have also submitted a patch request to the Public Suffix project and to Microsoft for inclusion of the domain in their lists. The updated version is available from our repository.

Due to an unfortunate misunderstanding, Opera had not received an updated EV audit from Verisign in time for the latest rootstore update. As a result, our automatic system reverted to showing a yellow bar instead of a green bar on sites with EV certificates signed by Verisign, Thawte and Geotrust.

We have in the meantime received a currently valid EV audit. The update took effect Sep 3rd 1900 UTC, and the sites in question will start displaying the green EV bar again after the next time the browser contacts our server. This takes place on a weekly basis.

Users can rest assured that this does not signify any reduced trustworthiness for the sites in question, their certificates remain valid and are recognized by Opera. It is only the additional EV indication that will be off until the next time the browser downloads certificate information from our servers.

Unfortunately, there is a minor bug in the newly released Opera 10 that prevents the user from forcing a manual update of the rootstore in this version. This will be fixed in a maintenance build. A workaround for users that want an immediate update is to shut down Opera and delete/rename the file "tasks.xml" in the profile folder and then restart Opera.

DigiNotar, a Dutch CA added last year, has now been EV-enabled. Test sites can be found here and here.

We have also added new SHA-256 roots for Verisign and its Thawte and Geotrust subsidiaries. These certificates are very new, so there are currently no testcases available.

As part of the migration away from the less secure MD5 and MD2 methods Verisign have also updated their Generation 1 Class 1 and Class 2 Root Certificates to be signed using SHA-1 instead of MD2. These certificates are only used for client certificates, not web sites, and will not usually be installed.

Verisign also updated their G1 Class 3 Root, which is used to sign web site certificates, but we have not included this certificate yet due to problems we discovered while testing it. As Verisign's "RSA Secure Server Certification Authority" Root Certificate is expiring in just a few months (early January), we have decided to not replace it.

New Roots

Two new Root Certificates have been added to the Rootstore:

• "Certum Trusted Network CA", from Unizeto/Certum a Polish CA
  
• "Staat der Nederlanden Root CA - G2" from GBO Overheid, the Dutch Government CA
  

Neither of these roots are currently in active use, there are, therefore, not yet any test sites available. The Dutch certificate is, by the way, the second SHA-256 signed certificate in the Opera Rootstore.

EV-enabled Roots

The following CAs are now EV-enabled:

• Digicert. Tests: Homepage and Facebook
  
• Godaddy Tests: Godaddy homepage and Starfield Tech homepage
  
• Trustwave Test: Homepage
  

These CAs have been EV-enabled since February 5th, but this announcement was delayed until now, because we discovered problems with several of them.

This was the first time we EV-enabled Roots that are not shipped by default, and these Roots are cross-signed by another Root (most EV certificate chains are cross-signed by a legacy Root, to avoid verification issues in older clients), and it turned out that, while Opera handles this fine when the cross-signed Root is in the local certificate store, Opera was not able to fetch the missing Root like it should have in these cases.

That bug has been fixed in upcoming versions, and, in the meantime, we have configured the Rootstore to push the three affected Roots out to all older versions of Opera. The announcement delay was due to us having to add new functionality and to make sure that newer versions would not fetch the Roots until they were needed.

As usual, before testing use Help->Check for updates to download the updates, and you should probably restart afterwards to clear any pre-esablished SSL/TLS sessions that might interfere with your testing.

New repository for untrusted certificates

The old online repository of untrusted certificates had a problem because it would immediately push an untrusted certificate out to all installations, instead of each Opera instance only fetching the certificate to double check when it encountered a blacklisted certificate. That action will usually be too severe, unless we are dealing with a compromised Root.

That was a mistake in the original design of the functionality. Given recent developments, it was time to fix that mistake.

In upcoming version of Opera, we will instead only download these blacklisted certificates when we encounter a certificate that matches the one in the repository. The old functionality is still present, but will only be used for severe cases where it is necessary to distribute widely.

OCSP overried removed

For a while now we have been configuring Opera installations to use the HTTP POST method instead of GET for some CAs, because of problems with their servers, which cause Opera to not display sites certified by these CAs as secure. We have now removed these overrides for Entrust and DigiNotar since their servers have been updated.

End of a brief era

When we started testing Extended Validation in Opera 9.50 weekly build 9903/4758/1904, we used a
temporary signing key for the files in the repository. We changed to the permanent signing key in build
10048/4853/2021 .

Support for the temporary key has now been disabled; and if any of them are still in use (they shouldn't be) the alpha and beta builds mentioned will no longer get Root or EV updates.

Today, Verisign (including Thawte and Geotrust), and Comodo were formally EV-enabled in Opera v9.50 and later.

There are no practical effects for Comodo, as their certificate has been provisionally enabled for a few months as part of EV testing. Verisign's Thawte and Geotrust certificates, which were not part of the testing, are EV-enabled as of today.

TestURLs:

• Comodo:
  https://comodocertificationauthority-ev.comodoca.com/
  https://www.sslcertificaten.nl/
  https://secure.comodo.com/example.html
  
• Geotrust: https://www.geotrust.com
  
• Thawte: https://www.thawte.com
  
• Verisign:
  https://www.dnbnor.no/
  https://nettbank.sparebank1.no/
  

As usual, the EV certified Web sites signed by the newly EV-enabled Roots will not show the EV indicator until after the weekly automatic update (on start), or a manual Help->Check Updates (with a restart possibly needed afterwards).

We have several more CAs in the EV pipeline that are expected to be ready within a couple of weeks. Stay tuned.