This week Mozilla, Microsoft and Google all updated their browser blacklists to include a list of fraudulent SSL certificates issued for the following URLs:

mail.google.com
www.google.com
login.live.com
addons.mozilla.org
login.skype.com
login.yahoo.com

These SSL certificates were issued by a Registration Authority (RA) affiliated with (and trusted by) Comodo, which claims that access to the RA was compromised and a user account was breached. They claim that this RA account was fraudulently used to issue 9 SSL certificates for the URLs above. They also claim that the attack originated from Iran.

Although these fraudulent certificates were revoked, many end users were still exposed to risk. Why? Because the technology that make sure revoked certificates are not mistakenly validated are either turned-off or entirely missing in some users' browsers. Even if the technology (called OCSP, for "online certificate status protocol") was present and enabled, a simple timing-out of a browser revocation query can cause some browsers to accept certificates as if they had been checked - when they have not. As a final line of defense in such a scenario, the big browser providers released blacklist updates this week which specifically identify the fraudulent SSL certificates by their serial numbers.

Symantec advises the following:
1. Upgrade to the latest version of your browser of choice
2. Turn on OCSP checking in your browser settings
3. Choose EV SSL (the SSL that turns the browser address bar green

Upgrade your Browser and Enable OCSP
Symantec strongly recommends that users upgrade to the latest version of their browser and that they deliberately check whether OCSP checking is actually enabled in their browser settings.

For example: in Firefox users can find this setting under "Tools -> Options -> Advanced -> Encryption -> Validation". In Firefox, users also must check both "Use the OCSP to confirm the current validity of certificates" AND "When an OCSP server connection fails, treat the certificate as invalid".

If the latest version of your browser does not support OCSP, Symantec suggests you switch to a browser which does.

What is OCSP?
OCSP is one of two technologies currently used by browsers to double check that digital certificates have not been revoked when validating a certificate. Historically, browsers downloaded certificate revocation lists (CRLs) to check the validity of a certificate. Since these CRLs could get large and browsing performance could suffer the industry created OCSP, which performs a similar function to a CRL but is far more efficient. With OCSP, a simple query about the specific certificate is performed, rather than the download of a potentially large list.

Each Certificate Authority (CA), such as VeriSign or Comodo, is responsible for maintaining its own revocation list and for processing OCSP requests. The effectiveness of OCSP depends on a reliable and robust CA infrastructure because the number of OCSP queries continues to grow as Internet usage continues to grow. A weak or slow OCSP infrastructure can lead to OCSP queries "timing out" due to delays. Some browsers will mistakenly consider a "time out" to be as good as a passed revocation check. Symantec takes this requirement very seriously and has invested in an industrial-class, scalable infrastructure to ensure reliable OCSP checking. Recently VeriSign field 3 billion OCSP queries in a single day, representing an average of over 34,700 online validations per second.

Can you trust SSL?
The encryption protection offered by SSL is trusted and proven - as long as the private key and the root infrastructure have not been compromised.

However, SSL provided by an independent CA is also intended to authenticate that the requestor of the certificate actually has the right to hold that certificate. More specifically that this person either directly holds the right to the domain or is actually an authorized member of the organization named in that certificate. Clearly the SSL certificates blacklisted this week were not issued to individuals or organizations whose identity and rights to those domains had been authenticated properly - or at all.

The trustworthiness of an SSL certificate depends on the strength of the authentication that has been performed. There are a number of methods for authenticating SSL certificates and the reliability of these methods varies widely.

Symantec maintains high authentication standards for every SSL certificate issued under its flagship VeriSign brand. The requesting organization's identity must be verified before it can receive a VeriSign SSL certificate.

What is EV SSL?
The most trustworthy SSL certificate is Extended Validation SSL. Symantec recommends EV SSL to all customers because it is nearly impossible for an EV SSL to be issued to a fraudulent recipient, and it cannot be issued instantly without "hands-on" validation from the CA.

The CA/Browser Forum (a consortium of CAs and browser providers) created the EV SSL standard in 2007 as an alternative to weakening SSL authentication practices used by some CAs. Strong authentication is central to EV SSL - a requester must pass a stringent, standardized set of identity validation procedures in order to be issued an EV SSL certificate. These procedures include authentication of a web site's identity, authentication of the organization named by the site, and specifically authentication that the person requesting the certificate actually has management authority for that site.

VeriSign was the first CA to offer EV SSL and remains the market leading provider of EV SSL certificates according to Netcraft in their most recent March 2011 SSL report.

In Closing
The disclosures this week are a reminder of how important it is that CAs maintain strong authentication and security practices as well as the importance of a scalable, resilient and heavily adopted revocation checking system. Symantec leads the industry in all facets of the solution to today's events, including EV SSL market share leadership, the best SSL verification and authentication practices in the industry and an OCSP responder already proven capable of handling 3 billion queries per day.

• EV SSL Certificates
• VeriSign SSL Certificates
• Thawte SSL Certificates
• Geotrust SSL Certificates
• RapidSSL Certificates

A short clip about the benefits of VeriSign SSL Certificates. VeriSign is available from ServerTastic at fantastic discounts. VeriSign certificates will also soon support the seal in search technology and website malware scans. More details to come!

Today we saw some news stories about supposed vulnerabilities in VeriSign's enterprise SSL Certificate requesting process. These stories are based on a press release and outside press briefings from Comodo claiming to have found a "major security vulnerability" in VeriSign's SSL offering. These stories are incorrect. I have written this FAQ to clear up the misinformation that's floating around right now.

Q. Are there actually major security vulnerabilities in VeriSign SSL products that were revealed to the public by Comodo today?
A. No.

Q. What are the claimed vulnerabilities that Comodo announced?
A. Many large enterprises use a workflow whereby individuals within the organization can request SSL Certificates for the projects they're working on. Requests from these pages go to administrators, who then evaluate whether or not to issue the certificates. Comodo was able to locate and gain access to a certificate request page from a large financial institution.

By their nature these pages are publicly accessible, and access to these pages does not constitute a security flaw. There is no private information available from these pages, and certificate requests go through evaluation by the enterprise's designated certificate administration body before any certificate is issued. Comodo's claim that it detected a "major security vulnerability" that affects "its customers' Web sites, including a major financial institution" is categorically false.

Q: What is the effect on VeriSign's customers' web sites?
A: There is no effect on VeriSign's customers' web sites. Customers are not required to take any action and are at no risk.

Q. What is the severity of these alleged vulnerabilities?
A. VeriSign does not believe Comodo discovered or announced any serious vulnerability for our customers or users of our customers' web sites. Sensitive information and actions that carry meaningful consequences to the enterprise are all protected by a separate administrator control center which is not accessible without a special administrative certificate and not the subscriber web page Comodo found. We deliberately designed our workflow to meet the needs of all members of the enterprise without compromising security, and in this instance that design is doing its job.

Q. Was there any breach? Was any sensitive information or the security of any site, server, enterprise, or certificate compromised in any way?
A. No.

Q. Will VeriSign be making any changes to its products based on this announcement?
A. We currently have monitoring in place to detect possible brute force attacks against the subscriber web page. Based on the increased attention this release is likely to cause, we're implementing additional safeguards to redundantly ensure that these pages are not susceptible to exploit.

Q. Comodo's release stated that it followed the CCSS ethical security disclosure standards. Is that correct?
A. No. Section 7.2.iii and 9.1.i of these guidelines clearly state that the discloser and the security vendor will mutually negotiate the strategy and timeline for both disclosure and mitigation of the vulnerability. Comodo did not make VeriSign aware of the planned timing of this morning's press release or the content of that release. If Comodo had briefed us on the content of this release in advance, we could have corrected the egregious errors the release contained.

Had the content of this release constituted an actual major security flaw (which it did not), one week's notice may not have been enough time to fix any flaw, and Comodo did not consult with VeriSign to determine a safe disclosure schedule. With 93% of the Fortune 500 and 97 of the world's 100 largest SSL-using banks choosing SSL Certificates from VeriSign, it's fortunate that Comodo was incorrect in its assessment of security risks.

Q. Why was Comodo searching for vulnerabilities in VeriSign SSL products?
A. We don't know.

Q. Does VeriSign actively search competitive SSL products for security vulnerabilities?
A. No.

FAQ produced by Tim Callan of VeriSign about the recent "Security Exploit" Comodo claim to have discovered.