[SSL Observatory] Duplicate private keys
Andy Isaacson
adi at hexapodia.org
Mon Apr 4 19:02:43 PDT 2011
There are thousands of certs in the observatory with duplicate public
exponent values but distinct, valid Subject strings. The most
promiscuous public exponent is present in 780 distinct certificates (all
with distinct CN= strings). The ones I checked appear to be low-rent
but legitimate commercial websites. They're not all hosted on the same
IP netblock or ISP.
Obviously this increases the risk of private key disclosure, and
increases the consequences if disclosure happens.
Should CAs invalidate those certs and request new CSRs from their
customers?
How can we notify CAs of this problem, and what countermeasures should
CAs take to avoid this happening again? I think there are legitimate
use cases for issuing multiple certs for the same key data, but the
above example is not one of them.
One possibility is to file these issues at bugzilla.mozilla.org,
since Mozilla has expressed a willingness to push CAs to uphold their
obligations.
-andy
More information about the Observatory
mailing list