[cabfpub] HSM FIPS validation and critical vulnerabilities

[Josh Aas]

It appears as though the baseline requirements require CAs to only run
FIPS-validated firmware on their HSMs. [1]

It also appears as though CAs are required to patch known critical
vulnerabilities. [2]

What happens if a critical vulnerability is found in the latest FIPS
validated firmware on an HSM and the only way to fix it is to upgrade
firmware to a newer non-FIPS-validated version of the firmware? The
audit requirements appear to be in conflict here.

The only possible way out right now seems undesirable:

"Document the factual basis for the CA’s determination that the
vulnerability does not require remediation because [...] the exploit
of the vulnerability is prevented by compensating controls."

Hopefully all CAs will tell you that they have controls in place to
restrict access to the HSM by an attacker, but that doesn't mean it's
a good idea to not patch. If this is a reason for not patching the HSM
past FIPS then the same logic could apply to anything the CA doesn't
directly expose to the Internet or external parties.

--
Josh Aas
Executive Director
Internet Security Research Group
Let's Encrypt: A Free, Automated, and Open CA

[1] ==================
BR 6.2.7. Private Key Storage on Cryptographic Module

The CA SHALL protect its Private Key in a system or device that has
been validated as meeting at least FIPS 140 level 3 or an appropriate
Common Criteria Protection Profile or Security Target, EAL 4 (or
higher), which includes requirements to protect the Private Key and
other assets against known threats.
==================

[2] ==================
NCSSR 4.f.

Do one of the following within 96 hours of discovery of a Critical
Vulnerability not previously addressed by the CA’s vulnerability
correction process:

(i) Remediate the Critical Vulnerability;

(ii) If remediation of the Critical Vulnerability within 96 hours is
not possible, create and implement a plan to mitigate the Critical
Vulnerability, giving priority to (1) vulnerabilities with high CVSS
scores, starting with the vulnerabilities the CA determines are the
most critical (such as those with a CVSS score of 10.0) and (2)
systems that lack sufficient compensating controls that, if the
vulnerability were left unmitigated, would allow external system
control, code execution, privilege escalation, or system compromise;
or

(iii) Document the factual basis for the CA’s determination that the
vulnerability does not require remediation because (a) the CA
disagrees with the NVD rating, (b) the identification is a false
positive, (c) the exploit of the vulnerability is prevented by
compensating controls or an absence of threats; or (d) other similar
reasons.
==================