2021 is shaping up to be another interesting year in the world of digital certificates and PKI, as the TLS/SSL industry is set for another round of big changes. Last year, industry requirements were changed to limit certificate lifetimes to a maximum of 398 days as a way to bolster the security of TLS/SSL, which is a key technology used to secure web traffic.
Since the inception of the Baseline Requirements, the CA/Browser Forum has been making positive changes to the way certification authorities (CAs) validate the information that becomes part of various types of digital certificates, which serve as digital identities for people, devices, and servers. In the case of TLS/SSL, there has always been a requirement for the subscriber requesting an SSL certificate to prove control over the domain that they are adding to the publicly trusted certificate.
Over time, the frequency at which CAs were required by the Baseline Requirements to perform this check has changed, from once every 39 months to once every 825 days.
In 2018, security researchers Ian Foster and Dylan Ayrey demonstrated an attack that they appropriately named “BygoneSSL”. Foster and Ayrey described a scenario where a website operator registers a domain name and immediately issues a valid TLS/SSL certificate for the domain. A few months later, the domain owner decides to transfer ownership to another party. The original domain owner still has a valid TLS/SSL certificate for the website, which they could use to perform man-in-the-middle attacks by presenting the valid TLS/SSL during a man-in the middle session. Not only were Foster and Ayrey able to demonstrate this exact scenario, but they also found that there were millions of TLS/SSL certificates that were still valid for domains that had changed from their previous owners at the time of their research.
The BygoneSSL attack was one of the main drivers behind the decision for CAs to enforce maximum certificate lifetimes of 398 days, but this only solves half of the problem. The current 825-day period that allows certification authorities to reuse domain validations when issuing additional certificates is a potential loophole that attackers can use.
The CA Browser Forum recently proposed Ballot SC42 “398-day IP Address and Domain Validation Reuse Period” to help solve this problem. The ballot was officially passed on April 22, 2021. In addition to the CA/Browser Forum policy, there is a new Mozilla Root Store Policy 2.7.1, which also includes a requirement for TLS/SSL certificate subscribers to demonstrate domain control every 398 days. These new policies will take effect on October 1, 2021.
These policy changes will result in more frequent actions required by organizations as part of the overall certificate lifecycle management process. The good news is that the industry has been preparing for these types of changes for years, building out new tools and automation capabilities that can be used to automate the certificate lifecycle management and domain verification processes. Entrust has invested heavily in adding self-service domain verification capabilities to our systems over the last couple of years. We plan to discuss this and more in our upcoming webinar Best Practices to Support 398-Day Domain Revalidation on Wednesday, June 2, 2021.
Please join me and our Director of Technology Compliance, Paul van Brouwershaven, to hear more about these upcoming changes and what you and your organization can do to implement successful domain verification strategies.