Mozilla Breaks Its Own Promise, Allows Symantec To Issue Insecure Certificates

An anonymous reader writes: After researchers discovered that SHA-1 can be decrypted, Mozilla, together with Microsoft and Google, said they will no longer "trust" SHA-1-based certificates issued after January 1, 2016, and later stop supporting any type of SHA-1 certificates after June 30, 2016, or January 1, 2017. The foundation went back on its word this week, when Symantec begged Mozilla to allow it to issue nine new certificates for one of its clients, Worldpay PLC, which forgot to request these certificates before January 1. Symantec got what it wanted. Fortunately, other companies like Microsoft, Apple, or Google didn't cave under the pressure.

Choice of words?

[buchner.johannes]

Hashes are not encryption. Plans are not promises.

Re:Choice of words?

[marcansoft]

And this has nothing to do with trusting SHA-1 certificates in browsers. This is purely a policy issue.

Symantec isn't asking for a whitelist. They aren't asking for an exception in browser policy. They aren't asking Mozilla to trust those certificates. What they're asking for is an exception to CA policy. They are asking to violate agreed upon CA rules by "merely" issuing certificates using a weak algorithm (browsers ought not to trust these certs, but that's irrelevant, it's the fact that they're issuing them at all that breaks the rules). In effect, what they're saying to Mozilla is "we're breaking the rules, but please don't kick us out from the root store".

If Symantec goes ahead and issues the certs, then any other trust store or entity in a position to enforce CA policy requirements (such as other browser vendors, MS, etc.) is well within their right to remove trust from Symantec roots due to a violation of CA policy.

Of course, since this is Symantec, it won't happen. They're too big to fail. They'll do it anyway and get a slap on the wrist at most. This is too minor a bending of the rules for anyone to seriously propose kicking them out. That's the problem with big CAs - nobody wants to be the guy to detrust them, because then what users will see is "this browser sucks, I can't access all these sites". And so big CAs get to ignore policy or have major security breaches (I'm looking at you, Comodo) with impunity.

Re:Choice of words?

[khasim]

There is one aspect that is hopeful:

Internally, Mozilla has agreed to allow Symantec to issue these certificates under two conditions: the entire process should be transparent, and that the certificates should expire after only 90 days.

So if the certificates expire in 90 days (and are replaced with better ones) I'm okay with that.

The part I still don't understand is why anyone would still need the old SHA-1 certificates. Are their systems THAT OLD? If so, I'm sure they have other problems that haven't been addressed.

Re:Choice of words?

[marcansoft]

One of the arguments in the e-mail discussion thread is actually reasonable: the rules say no new SHA-1 certs issued after January 1 2016, and no certs valid for >1 year. Which meant that a ton of people got last-minute certs issued in December. Those certs are valid for the whole year of 2016. WorldPay just fucked up and forgot - had they done so they would have the whole year to upgrade their terminals.

So, in a way, a 90-day cert issued today is less of a security problem than all the last-minute certs issued right at the end of 2015. From that point of view, perhaps the rules weren't defined very well. It would've made more sense to have only a NotAfter restriction: no SHA-1 certs expiring after December 31st this year, effectively a steadily decreasing maximum validity period as the year progresses. Then this wouldn't have happened.

Still, policy is policy, and the fact that Symantec is being allowed an exception (even if that exception makes some logical sense) is concerning.

As for why they need SHA-1 certs? Old POS terminals using public CA roots, and still without SHA-256 support. Welcome to the embedded world. And yes, I'm sure they have lots of other vulnerabilities.

Re:Choice of words?

e-commerce sites that target businesses. I kid you not. We had one client say that their site was broken when we removed SHA-1 acceptance. They were testing on IE8 on XP. We told them to pound sand, we weren't going to lower our security.

Re:Choice of words?

[sunderland56]

Of course, since this is Symantec, it won't happen.

I wouldn't be too sure of that. There are more than enough people out there with a simmering hatred of Symantec and the crapware they have foisted on the world.

Re:Choice of words?

[Luthair]

Not sure whether it is the case here, but apparently there are some older SSL accelerators companies are still using that only support sha1. Similarly some corporate reverse proxies only supporting sha1.

There is an about:config option which allows you to turn off sha1 certs if you like, I turned it on a while back.

Re:Choice of words?

[arglebargle_xiv]

Oh dear Cthulhu, how can you get a simple summary wrong on so many levels?

• Firstly, SHA-1 is a hash function, not a cipher, so you can't "decrypt it".
• Secondly, there's no immediate attack on it, it's just known to not be as strong as it should be. With a couple of simple precautions (e.g. using a high-entropy cert serial number) you can make it more resistant to known issues. It's not a total fix, but it helps.
• Thirdly, Mozilla doesn't control Symantec. Symantec were asked by a private customer to be allowed to use a small number of SHA-1 certs for their payment terminals, which have absolutely nothing to do with Mozilla.
• Fourthly, "other companies" have nothing to do with it, this is a decision by the CA. It just happened to be discussed on the Mozilla forums.
• ...
• Twenty-fifthly, it's a pretty odd distinction to make over cert issuance, if they'd issued a few weeks earlier (before the end of 2015) they'd have got cert with a one-year validity, so valid till the end of 2016. By not having them issued until now they're supposed to get one with an effective zero validity. All this is doing is allowing a private user with no connection to Mozilla to get the same effect as if it had bought the certs a few weeks ago.
• Twenty-sixthly, ...

Re:Choice of words?

[Man+On+Pink+Corner]

The part I still don't understand is why anyone would still need the old SHA-1 certificates. Are their systems THAT OLD? If so, I'm sure they have other problems that haven't been addressed.

Most existing Windows drivers were signed with SHA-1 code signing certificates. It's not 100% clear what's going to happen to those drivers, and the hardware they support, in future versions of Windows.

Re: Choice of words?

[guruevi]

That's all well and good but if you have a device that hasn't been updated since the mainstreaming of SHA2 (about a decade ago?), what other issues and vulnerabilities does that hardware/software have?

Re:Choice of words?

[BarbaraHudson]

This is a HUGE screw-up for a payment processor on the FTSE 100.

Re:Choice of words?

[mysidia]

Still, policy is policy, and the fact that Symantec is being allowed an exception (even if that exception makes some logical sense) is concerning.

I would suggest that in the future, CAs should be required to post a bond to get into the trust store, and there should be a financial penalty for non-compliance, AND the removal from trust store is at the option of some enforcement committee.

Preferably, the browser vendors should get together and agree to remove any certificate that the committee judges the enforcement action against, in addition to possible removal according to their own internal practices.

Re: Choice of words?

Microsoft telemetry will have helped here. I guess they have hashes (with a good algorithm) of all existing drivers, so they could white list those

Re:Choice of words?

[Chuck+Chunder]

for why they need SHA-1 certs? Old POS terminals using public CA roots, and still without SHA-256 support. Welcome to the embedded world. And yes, I'm sure they have lots of other vulnerabilities.

What I don't understand (and maybe because I haven't looked too hard) is what "Old POS terminals" have to do with Mozilla. I can understand why Worldpay might need to support SHA1 for their own stuff, I don't quite get why that means a general browser should.

Indeed, perhaps it's nothing to do with the browser at all, and it just means that Symantec can issue these certs without being considered by Mozilla (the group) in breach of some agreed to policy, but that these certs still won't we accepted (if they were seen) by Mozilla (the browser).

If that is the case, then really this isn't a big deal at all. Mozilla's response just gives Worldpay a little more time to get their shit together within the current framework (the alternative, cutting them off, could be less secure, as it would probably mean Worldpay would end up rolling their own SHA1 CA and distributing that root authority to their POS terminals, perpetuating the problem indefinitely rather than giving them a short grace period to catch up)

Re:Choice of words?

[marcansoft]

Indeed, perhaps it's nothing to do with the browser at all, and it just means that Symantec can issue these certs without being considered by Mozilla (the group) in breach of some agreed to policy, but that these certs still won't we accepted (if they were seen) by Mozilla (the browser).

That is exactly what I said and exactly what this means. In fact, one of the stipulations is that the certs will be added to CRLs so that browsers explicitly distrust them.

If that is the case, then really this isn't a big deal at all. Mozilla's response just gives Worldpay a little more time to get their shit together within the current framework (the alternative, cutting them off, could be less secure, as it would probably mean Worldpay would end up rolling their own SHA1 CA and distributing that root authority to their POS terminals, perpetuating the problem indefinitely rather than giving them a short grace period to catch up)

Agreed, it's not a big deal, but it's a slippery slope. It's yet another instance of a big CA getting to bend the rules because they messed up, and it sets a precedent.

Re:Choice of words?

[Gerv]

"What I don't understand (and maybe because I haven't looked too hard) is what "Old POS terminals" have to do with Mozilla."

The certificates they are using chain up to publicly-trusted roots, and so are covered by Mozilla's policies. In 20-year hindsight, that was a bad idea, but it was a decision taken a long time ago.

Re:Choice of words?

[Provocateur]

the 90-day clause is so arbitrary, and the choice of '90' is random. Cough it up in 9 days using 10 top tier techs.
Only then do we know they are serious and on the level.

Who Cares?

All 6 remaining FF users?

Re:Who Cares?

[rudy_wayne]

Well, at least Mozilla never promised that they wouldn't completely fuck up Firefox and render it irrelevant.

Re:Who Cares?

[Threni]

I switched to firefox recently. It's great; the browser for android (chrome's out of the running as it doesn't support plugins,so you're stick with whatever ads or javascript the sites (and the ads running on the sites) feel like serving up) is the best out there, and the desktop one is great too. I hear people whining about firefox occasionally but i don't get it. Perhaps they're running hardware older than the 5 year old desktop i'm running.

Re:Who Cares?

[ArchieBunker]

I use uBlock and Disconnect and a handful of other extensions. I never have issues with ads or javascript.

Re:Who Cares?

[arglebargle_xiv]

I use uBlock and Disconnect and a handful of other extensions. I never have issues with ads or javascript.

Don't worry, Mozilla are working hard to change that (via deprecation of the extension API).

Re:Who Cares?

[BarbaraHudson]

Just use the Ghostery browser on you phone - no plugins needed.

Re:Who Cares?

[ArchieBunker]

I should have added, on Chrome.

Re:Who Cares?

[Stephen+Chadfield]

I am using Chrome with Adblock Plus on Android. As long as you can change the proxy settings for WiFi and mobile connections (and I can) it works fine. My phone (Sony Xperia Z3) is not even rooted. You have to download it from the Adblock site as Google have blocked it from the Play store.

Re:Who Cares?

You mean they're trying to replace the shit old addon system with a slightly better one? That's a case of "about damn time". It will solve far more problems than the deprecation of a ton of unmaintained addons ever will, but then I guess it's difficult to negatively hype Mozilla if you actually bring things like reality into your arguments. I'll bet you didn't even know about native.js and the other stuff they're working on to try to fix the shit they should have fixed 8 or more years ago.

Re:Who Cares?

Actually, there's a lot more than 6. They just think they're using Chrome.

Re:Who Cares?

[Threni]

No you haven't. (Note that I'm talking about Android.)

Strange

You'd think that Symantec would have tried to get the big boys on first - Chrome, Internet Explorer, and Safari before bothering with Firefox. And why only Mozilla would cave seems odd. There is likely more to come on this story...

Symantec was once great

[EmperorOfCanada]

Years ago they made great software that I relied upon to make my machines go. Now it produces bloated infestations of pain that are like getting Lyme disease, a bot fly, and Ebola from a single insect bite.

I would think the simple formula would be: If Symantec asks for something then it runs contrary to the public good. At this point if Symantec makes a large donation to fight cancer I would wonder if there are some benefits to cancer that they are hiding.

If only

Mozilla "bowed to pressure" over making a version of Firefox without pocket, australis and hello.

Mozilla needs to be shut down and replaced by a competent browser making organization.

Re: If only

Get Pale Moon.

Re: If only

No kidding. Stop bitching that Mozilla isn't catering to your whims and use one of the knock-offs that does. Easy as pie, and you won't sound like a spoiled child to boot.

Another sad commentary on the state of security

[rudy_wayne]

Once again we are reminded of the truly sad state of business security.

From TFA:

A company representative has informed Mozilla that one of its clients, Worldpay PLC, has asked for nine new SHA-1 certificates. Symantec explains that Worlpay has forgot to ask for nine new SHA-1 certificates for some of its servers that process SSL/TLS communications for over 10,000 payment terminals across the world. Worldpay blames this situation on a communications mishap. They say that someone forgot to ask for these certificates before the January 1 deadline.

The purpose of the January 1 deadline was supposed to be "Hey, your shit is not secure, you need to change to something else". It was NOT intended as "Hurry up and get all your shitty insecure SHA-1 certificates right away before we stop giving them out on Jan 1".

Re:Another sad commentary on the state of security

And all vendors should refuse and remind Symantec that if they issue these certificates against agreed upon CA policy then they will be removed from all root certificate stores. This stupid company WorldPay can instead rush out an update that they should have gotten out over a year ago and move on.

Re:Another sad commentary on the state of security

[Striek]

The problem is when those decisions end up putting someone out of business. I actually fully expected Mozilla to go Full Asshole on this; they consistently ignore the needs of users anyway. But it seems they were willing to reach a compromise, and especially in this case, I feel it's quite warranted:

Worldpay blames this situation on a communications mishap. They say that someone forgot to ask for these certificates before the January 1 deadline.

The company says they are already in the midst of the process of updating their servers to SHA-2, but this blunder now puts some of its users in danger of not having their payments go through.
-snip-
Internally, Mozilla has agreed to allow Symantec to issue these certificates under two conditions: the entire process should be transparent, and that the certificates should expire after only 90 days.

WorldPay is a rather large online payment processor - this would affect a rather large number of innocent users, which certainly wasn't the purpose behind the deadline. As much as I agree that SHA-1 based certs should be phased out, and phased out yesterday, Mozilla is right here - there are exceptions to every rule. This deadline was put in place to protect users, not put them out of business.

As a related aside, a friend of mine, a lawyer, recently asked for advice on how to store her passwords; she works as a crown prosecutor in a very tightly locked down environment. This jurisdiction's policies are so restrictive that the only workable solution employees can find to reasonably securely store passwords and logins is on their personal mobile phones - the sheer number of passwords is impossible to manage without writing them down or using a password manager (which they can't, due to application whitelisting). Yet another example of how overly restrictive security policies manage to achieve the exact opposite of their intent.

Security is a process, and a series of tradeoffs, not an absolute, and generally, those who fail to realize this end up harming the people they are supposed to protect.

Re:Another sad commentary on the state of security

[NormalVisual]

The company says they are already in the midst of the process of updating their servers to SHA-2, but this blunder now puts some of its users in danger of not having their payments go through.

I'm still not understanding why it's Mozilla's responsibility to fix an issue caused by WorldPay's irresponsibility. WorldPlay should have been ready for the new certs months ago, not still "in the midst of the process of updating their servers to SHA-2" two full months after they should have had that in production. Let WorldPay take the flak for the issue. If they can't even manage their certificate policy properly, they really have no business being a payment processor.

Re:Another sad commentary on the state of security

No, you're still not understanding why end users should pay for someone else's oversight.

Re:Another sad commentary on the state of security

The alternative may very well have been switching off https until a new CA could be loaded in the terminals. This is not likely to help security.

so...

[UVB-76]

i guess it's time to switch to chrome?

Re:so...

[eWarz]

Took you that long? Trust issues with Google aside, there were always Chromium along with other alternatives, and the platform is far superior to Firefox. Don't get me wrong, I was a Mozilla fanboy ever since they god rid of that god awful suite of applications they had and released Phoenix. etc. However, when Chrome came out, it redefined the browser market...just like the iPhone redefined the smart phone market (disclaimer: the only Apple devices I've ever owned were a Macintosh SE, SE/30, iPod Touch and a Macbook Pro...outside of dev work, I live, eat, and breath on a PC.) There is not a single browser on the market today that has the consistent speed and stability of Chrome. I even tried REALLY hard to like Firefox mobile (it has plugin support), but it was slow, unstable, and prone to freezing, just like it's desktop cousin. (Before you ask, I use almost every new version of Firefox that comes out...our test sweet tests against it)

Re:so...

>the platform is far superior to Firefox

No it's not. People say this all the time, but Firefox isn't the same as it was two or three years ago. It's still transitioning, but there's no reason anymore to switch to Chrome based on such an argument.

In fact Chrome is itself no longer as superior as you're painting it. It's a resource hog, and Edge and Safari do what most people need with better performance. The only thing Chrome offers over those browsers is some HTML5 features only devs care about, and better integration with Google's web services.

In fact, even Firefox is fast approaching Chrome, and that's even with Mozilla having to deal with their shitty addon ecosystem, and having to de-fragment the web after Apple's pseudo-HTML5 bonanza and Google's own attempts to save cash by introducing a ton of Chromium-only web specs. Firefox devs are working on actually bettering browsers (Servo/WebRender), fixing addons for all browsers (WebExtensions), and even removing the limitations of JS (WebAssembly). Chromium isn't offering anything substantial to anyone anymore, except Google and users of its services.

It's become so trendy to bash on Firefox lately that nobody seems to be paying attention to the fact that Chrome hasn't done much over the years to justify its number one position in our hearts. In fact quite the opposite, they have let Chromium stagnate like Mozilla like Firefox stagnate. For a 10-year-old last-gen browser to be a stone's throw away from Chrome now, despite all of the advantages Chrome has, is pathetic.

Re:You Loved Brad!

nothing can replace brad!

Quid Pro Quo - Symantec

[burni2]

I would have let you pay for that favour.
I hope, but I also detest that Mozilla did exactly that.

Backdating

[El_Muerte_TDS]

Couldn't Symantec simply set the certificate date to be valid from 31 December of 2015?

Also, why would I trust Worldpay PLC with any business if they can screw up something as simple as renewing certificates?

Re:Backdating

[JenovaSynthesis]

Exactly my thought. Even more so if they're going to a more insecure cert too.

Re: Another sad commentary on the state of securit

Man, you managed to read that far into the article but not the next 2 paragraphs. I can't tell if you're being purposefully disenginous or if your attention span is that short... For the record, the next two paragraphs state:

The company says they are already in the midst of the process of updating their servers to SHA-2, but this blunder now puts some of its users in danger of not having their payments go through.

Internally, Mozilla has agreed to allow Symantec to issue these certificates under two conditions: the entire process should be transparent, and that the certificates should expire after only 90 days.

Anyone have the fingerprints of those certs?

[NecroPuppy]

So I can make sure they go in the Untrusted Certs folder where they belong?

Re:Anyone have the fingerprints of those certs?

[softnewsit]

there are 3 tweets at the end of the article the third includes links to the 9 certs symantec issued after the deadline

Re:Anyone have the fingerprints of those certs?

While you're at it, you'd best also get the prints of all the SHA1 certs that are still allowed until the end of the year, since they didn't miss the deadline for registration like these guys did and end up limited to a mere 90 days instead.

What ever happened to tough shit?

[thegarbz]

So this "blunder" means that user's payments aren't going through, and now the work around is to ensure the user's payments are no longer secure?

Sorry but I'd prefer my payment to not go through. I want no business with people who refuse to secure my financial transactions, I mean it's not like there wasn't a warning. Mozilla is again showing that they don't give a shit about users.

But the article gives rise to another interesting issue, it implies there may have been a rush on renewals for SHA-1 certs. This kicking the can down the road approach deserves naming and shaming.

Re:What ever happened to tough shit?

[phantomfive]

But the article gives rise to another interesting issue, it implies there may have been a rush on renewals for SHA-1 certs.

Yeah, and that's a worse issue than the one brought up by the summary.

Re: What ever happened to tough shit?

SHA-1 is not insecure, per se. It just isn't as secure as SHA-2 and SHA-3. There are no known attacks on SHA-1, as far as I'm aware. Your finally transactions are still just as secure as it was before SHA-1 was deprecated. It's just that note they can be even more secure, with SHA-2.

That said, the deadline for accepting SHA-1 is 2017, so this 90-day very is actually better than the 1-year certs issued in 2015. The deadline is actually sooner.

Re: What ever happened to tough shit?

Your bank using a SHA-256 certificate does not make you any more or less secure. (For now, at least - actual preimage attacks on SHA-1 are far beyond what anyone believes is currently possible.)

What makes you more or less secure is whether your browser accepts SHA-1 certificates at all: it doesn't matter what hash function your bank's legitimate certificate uses if an attacker can get a fake certificate, claiming to be your bank, that your browser accepts as valid. That is where the danger is currently; I would be surprised if we do not see a collision attack within the next year or two.

Re:What ever happened to tough shit?

[MMC+Monster]

If the certificate gets it's 90 day extension, your payment is as secure as it was on 12/31/2015.

Of course the announcement that no new SHA-1 certificates would be issued after 12/31/2015 would mean there would be a rush to get them before that date. However, the second part was that the new certificates would be 1 year with no renewal.

Which means that if they were doing the right thing, they would have gotten them before the end of last year, and they would have expired before then end of this year.

Instead, they get them late and they expire before this Summer. It seems like it's a reasonable option in the real world.

Re:What ever happened to tough shit?

[thegarbz]

Which means that if they were doing the right thing, they would have gotten them before the end of last year, and they would have expired before then end of this year.

If they were doing the right thing they would have started upgrading their infrastructure when the vulnerability was first discovered instead of kicking the can as far as contractually possible down the road. This in itself doesn't change anything. There are people using SHA-1 which has been shown to be too weak to properly secure communications for critical connections. They should be named and shamed regardless if they upgraded their cert on the 31/12/15 or not.

Re:I hate the Pope and Catholicism

I think the Pope is a pretty cool guy. eh shits in the woods and doesn't afraid of anything.

Re: Another sad commentary on the state of securit

[rudy_wayne]

Man, you managed to read that far into the article but not the next 2 paragraphs. I can't tell if you're being purposefully disenginous or if your attention span is that short... For the record, the next two paragraphs state:

The company says they are already in the midst of the process of updating their servers to SHA-2, but this blunder now puts some of its users in danger of not having their payments go through.

Internally, Mozilla has agreed to allow Symantec to issue these certificates under two conditions: the entire process should be transparent, and that the certificates should expire after only 90 days.

First, why are they only "in the midst of updating" after the deadline has already has passed? This should have been done already. This goes back to my original point -- their attitude was not "hey we need to upgrade before Jan1". It was "we just need to hurry up and get some new certs before Jan 1 and then we can fuck off and do nothing for another year".

Second, what do you think is REALLY going to happen in 90 days?

Re: Considering Mozilla was once ruled...

FF default config blocks zero ads.

Re: Another sad commentary on the state of securit

Second, what do you think is REALLY going to happen in 90 days?

They will update their Piece of Shit terminals to accept *any* certificate as valid so they are not dependent on the public ca roots.

Re: Considering Mozilla was once ruled...

He's talking about the Brave we browser that that hateful moron is now pushing.

It's amazing

There are a lot of comments in this thread from people who obviously don't work in large complex environments. A large payment processor doesn't just push out changes willy nilly and hope for the best.

They didn't meet some arbitrary deadline. Reminds me of the pointy haired boss from Dilbert. "All problems I don't understand are easy."

Re:It's amazing

All deadlines are arbitrary. That is irrelevant.

The point is, a deadline was given, with MORE THAN AMPLE TIME to comply. This company ignored the deadline, and got a pass from Mozilla. This makes Mozilla just as bad. Both companies failed to follow process. Failing to follow process results in utter failure every time.

Re: Another sad commentary on the state of securit

[drew_kime]

First, why are they only "in the midst of updating" after the deadline has already has passed? This should have been done already.

Payment systems upgrades can be year-long projects. Recertifying with your bank and other partners takes months. And with everyone having to do it at the same time, everyone is stretched thin getting it all done.

Mod parent higher.

[Futurepower(R)]

ArgleBargle, thanks for the clarifications.

What you said is the opposite of Argle Bargle: "Copious but meaningless talk or writing; nonsense".

Precedent risk, maybe, but not a technical one

The danger in issuing a certificate with a weak signature (like SHA1 today) is that the entity requesting the certificate (WorldPay in this case) is planning to take the signature from that certificate and apply it to another certificate, effectively forging the signature of the CA to create another valid certificate without the CA's blessing. In order to pull this off, the requestor needs to first find a hash collision (leveraging the weakness of the signature algorithm) and then anticipate exactly what's going to be in the issued certificate from the CA, down to the byte, before submitting the request.

Thus, the date of actual certificate issuance is the important date for security, not the date that it expires, since each passing day makes SHA-1 more breakable. But once the certificate has been issued, your window for breaking it has closed. This is the justification for disallowing any SHA1 issuance after 1/1/16, but allowing up to 39 month durations on certificates issued on 12/31/15 (though it was recommended that they expire by 12/31/16.)

In order to compensate for allowing this more dangerous issuance after the cutoff date, Mozilla imposed a requirement on these certificates that the serial number contain at least 80 random bits. This requirement effectively eliminates the risk of the SHA1 signature because now the contents of the final certificate are totally unpredictable to WorldPay. So I don't see how these certificates themselves could pose any threat to security, for those using the payment terminals in question, or for the larger internet community.

The best argument against allowing them to be issued is the precedent it sets. Will Mozilla now find themselves swimming in other such requests for the rest of the year? Mozilla had to weigh that risk against the economic damage that would have been caused to the 10,000 merchants who would suddenly lose their ability to take payments, and I personally think they made the right call.

Re:You loved Brad!

You're not out partying or getting laid on Saturday night, oh no.

Instead, you're coming up with gems like this.

We are grateful for your sacrifice.

Re: Another sad commentary on the state of securit

[chihowa]

Payment systems upgrades can be year-long projects. Recertifying with your bank and other partners takes months. And with everyone having to do it at the same time, everyone is stretched thin getting it all done.

Well, it's a good thing for them that NIST declared that "SHA-1 shall not be used for digital signature generation after December 31, 2013", back in January of 2011. They should be done with their year-long POS upgrade by sometime in 2012 at the latest.

Maybe businesses should follow actual security best practices instead of waiting for ultimatums.

Re: Another sad commentary on the state of securit

[drew_kime]

NIST isn't the standards body retailers care about. That would be PCI, the organization that determines who can take credit cards. And their deadline was not in 2013. http://www.businesswire.com/ne...

SAY IT AINT SO MOZ

[Provocateur]

The last bastion turned out to be a house of cards after all.

And Microsoft and Google weren't the highest bidders this time.

firefox me.

And there we have it...

[wardrich86]

How can anybody trust a "security" company that is literally crying to have people accept insecure certificates? Absolutely mindboggling.

It's really unfortunate, too... Symantec used to be top of the game.

Mozilla's trust

They also specially trust Flash Player. And whatever extensions they're bundling this week.

Microsoft doesn't trust SHA-1???

Hard to believe considering all the crap that happens to a Windows PC when you just use it. All the bugs, errors, malware, spam, and useless bulky task bar startups that slug everything down. Had to make a usb bios flash disk for my laptop on my girlfriends Windows 7 computer (wasn't at my house this weekend). Holy hell I hate Windows. She has so much shit bogging down that computer... Just because everything for widows wants to start when widows starts. Typical 20 minute boot time versus 20 seconds on my Linux systems. Not Responding plagues every experience I have on Windows.