[cabfpub] CAB Forum Policy Change request

Rick Andrews Rick_Andrews at symantec.com
Wed Sep 2 22:06:12 UTC 2015


Reposting to the Public list, with permission by the author.


CAB Browser Forum,
 
This message is from the AT&T Services, Inc., Chief Security Office, Data
Protection Team.  
 
ISSUE
We are writing about the SHA-1 deprecation policy that all trusted Internet
Certification Authorities must comply.  Our specific concern is the December
31, 2015 deadline for obtaining SHA-1 server certificates.  This timeframe
does not allow flexibility for our applications running SHA-1 certificates
now with migration plans for the SHA-256 upgrade in 2016. 
 
 
BACKGROUND
We understand all CA issued SHA-1 certificates must expire by 12/31/2016 to
comply with the Microsoft Windows Root Certificate Program technical
requirements disabling Windows SHA-1 support in 2017.  
 
Please note at:
http://social.technet.microsoft.com/wiki/contents/articles/31633.microsoft-t
rusted-root-program-requirements.aspx
<https://urldefense.proofpoint.com/v2/url?u=http-3A__social.technet.microsof
t.com_wiki_contents_articles_31633.microsoft-2Dtrusted-2Droot-2Dprogram-2Dre
quirements.aspx&d=BQMFAg&c=eEvniauFctOgLOKGJOplqw&r=bPeNvovSv0L4jj3hFD6Tw5sI
3rGGNujxDceaEaUPuUQ&m=ZAkCyRUyNPWbkd0s3fkfjeZO8EmFbGVXhmSu5qjGlhc&s=c3bbI7UN
yV1nTqGsbjW4HHr-KlCS37HhfXpIPnpZHSo&e=>  
 
Symantec, our Certification Authority (CA) vendor, confirmed in 2014 that we
would retain the option to issue SHA-1 certificates in 2016 with expiration
no later than 12/31/2016, for:
 
1)      Our applications that can't upgrade in 2015 and need new or renewal
SHA-1 certificates for part of 2016. 
 
2)      Continued support of legacy applications scheduled to retire in 2016
which need SHA-1 certificate renewal. 
 
We successfully migrated to 2048-bit encryption keys using this method
during the last PKI industry standard change and were assured the same
option would be available for the SHA-256 migration in 2016.
 
 
NEGATIVE BUSINESS IMPACTS
Symantec recommended issuing all SHA-1 certificates that expire in 2016 by
the end of 2015.  This interim solution is not feasible to implement for
multiple reasons: 
 
1) Symantec's proposal involves changing thousands of SHA-1 certificates
that will translate to a high volume of unplanned operations and workload
churn.  Specifically, the operational complexities of tracking server key
store changes followed by the secondary labor intensive task to manually
revoke each decommissioned certificate.  PKI security isn't strengthened by
limiting SHA-1 certificate issuance in 2016.  We increase risk for private
key compromise by leaving decommissioned but valid key pairs scattered
across many servers pending revokes. 
 
2) AT&T freezes non-emergency changes from mid-November through mid-January
for zero customer service disruptions during the holidays.  Technically we
have less than three months to migrate the remaining SHA-1 certificates
which equates to thousands of certificates.  Three months does not provide
sufficient time to deploy Symantec's solution.
 
3) Some applications can't upgrade to SHA-256 until early to mid-2016 when
vendor supported software is available. 
 
4) Many applications committed to firm 2016 deployment plans and resource
allocations for this change and can't migrate before 12/31/2015 due to
current ongoing commitments.
 
 
RESOLUTION
 
We request a policy change allowing Symantec to continue issuing
less-than-one-year SHA-1 certificates after 12/31/2015 under their public
trusted PKI hierarchy to support our remaining applications scheduled for
SHA-256 adoption or retirement in 2016.  
 
We must retain the option to issue SHA-1 certificates in 2016, with
expiration no later than December 31, 2016, for enrollments, renewals and
replacements to support uninterrupted production services.  
 
In closing, we agree with the CA Browser Forum's intent but do not agree
with the execution of this high business impact policy change that will
involve many software providers, hardware vendors and businesses.
 
Andrea
 
Andrea A. Wilemon, CISSP
Principle-Technology Security
 
Rethink PossibleR 
 
Chief Security Office, Mobility, Cloud & Enterprise Security
AT&T Services, Inc.
 
P: 248-424-4115
aw8139 at att.com
 
Send #X before you drive to pause the
conversation until you arrive. 
Take the pledge... It Can Wait.
 
This e-mail and any files transmitted with it are the property of AT&T, are
confidential, and are intended solely for the use of the individual or
entity to whom this e-mail is addressed. If you are not one of the named
recipient(s) or otherwise have reason to believe that you have received this
message in error, please notify the sender at 248-424-4115 and delete this
message immediately from your computer. Any other use, retention,
dissemination, forwarding, printing, or copying of this e-mail is strictly
prohibited."


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150902/9383cfc5/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5749 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150902/9383cfc5/attachment.p7s>


More information about the Public mailing list