28 Oct 2021
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Maintained by Hanno Böck.
On September 30, the root certificate with the common name DST Root CA—owned by the company IdenTrust—expired. Notably, this certificate was used by Let’s Encrypt to cross-sign its intermediate certificates in the past.
Technically, two expiration events happened on this day: the old Let’s Encrypt intermediate certificate expired a few hours before the root certificate. Both events caused a number of problems.
The intermediate expiration mainly caused issues with hosts still serving the expired intermediate. In such a situation, many client applications are unable to validate the leaf certificate for that site. Although this issue was widespread, it was relatively simple to understand and easy to fix by delivering the new certificate.
The more complicated problems stemmed from pathfinding issues in a number of applications. In a situation where multiple paths to a root certificate are possible, a correctly working TLS/PKI implementation should be able to find a working path. But as it turned out, many implementations would fail if they first found a path to an expired root or intermediate certificate.
Many of these issues already surfaced last year when the so-called AddTrust certificate owned by Sectigo expired. We covered this in our June 2020 newsletter. At the time, Google engineer Ryan Sleevi wrote a detailed explanation of these pathfinding issues.
As recent events show, many of these problems haven’t been fixed yet. Ian Haken from Netflix analyzed these issues in more detail and developed a test suite for certificate pathfinding issues. Hopefully this will lead to better TLS software and fewer certificate pathfinding issues in the future.
It should be noted here that none of the issues were the fault of Let’s Encrypt. Instead, they resulted from a combination of software bugs and server misconfigurations.
This subscription is just for the newsletter; we won't send you anything else.
This month we're trying something new. We're adding some very interesting jobs we've come across in the last month:
If you know of similar jobs that our readers might be interested in, for example cryptography, TLS, or PKI, let us know and we may add them to future newsletters.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 1,500 students who have benefited from more than a decade of deep TLS and PKI expertise.