Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/4/2020
07:00 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Let's Encrypt Revokes Over 3 Million of Its Digital Certs

Domain validation glitch prompts an abrupt decision.

Let's Encrypt, a nonprofit that has played a major role in pushing the use of encryption on the Web, today revoked more than 3 million of its digital certificates after discovering a flaw in the manner in which they were issued.

Domain owners with affected Let's Encrypt TLS certificates who don't renew them quickly run the risk of their websites becoming inaccessible to users after the certificates have been revoked. This can especially be an issue for domain operators that don't have a clear idea of where affected certificates might be located in their environment so they can be renewed promptly.

"Given the short turnaround time required to respond to the incident, this may exhaust the capacity of IT teams," says JD Kilgallin, senior integration engineer at Keyfactor.

Let's Encrypt has published on online tool that site owners can use to determine if they have an impacted certificate.

Let's Encrypt is a certificate authority (CA) — an Internet entity authorized to issue digital certificates that website owners can use to ensure that traffic and data between their site and end-user devices are encrypted. Sites using its certificates — like all sites using any TLS certificate — feature a padlock and a HTTPS in the browser's address to indicate to users that the site uses encryption and therefore is generally safer than sites with just HTTP.

Let's Encrypt offers its TLS certificates free of cost. Anyone owning a domain name, including individuals, can use Let's Encrypt to obtain, to configure, to use, and to renew digital certificates in a completely automated fashion. Certificates are valid for 90-days and automatically renew before the end of that period.

The Internet Security Research Group (ISRG) launched Let's Encrypt in 2014 in a bid to foster broad adoption of encryption on the Web.  Since it began issuing them in late 2015, Let's Encrypt has issued some 1 billion digital certificates globally. Over 192 million websites around the world currently use digital certificates that Let's Encrypt issued. Over the years that Let's Encrypt has been issuing certificates, HTTPS usage has increased dramatically — from around 58% of all page loads globally in June 2017 to 81% of page loads currently.

On Tuesday, Let's Encrypt announced that it was revoking a total of 3,048,289 currently valid TLS certificates because of a bug it had discovered in a software component used in a domain validation process. The software is designed to check certification authority authorization (CAA) records that allow website operators to specify which CAs are permitted to issue certificates for their domains. The goal is to make sure that before a CA automatically renews or issues a certificate, it first checks to see if the site owner has placed any restrictions on such renewals.

What Let's Encrypt discovered was that if a site automatically requested renewals for multiple certificates for multiple domains at the same time, the validation process failed. Instead of doing the CAA check for each domain for which a certificate was being renewed, the bug caused the software to do multiple checks against just one.

"When Let’s Encrypt went to check the CAA records for a list of, say, 10 certificate renewals, it didn't check each domain in the list once," security vendor Sophos said in a blog post. "Instead, it inadvertently picked one of the domains and then redundantly checked it 10 times over, leaving the other nine domains unchecked."

Major Revocation for Minor Bug
The minor software bug kept Let's Encrypt from performing a required authorization check before issuing a publicly trusted certificate for a web server, says Kilgallin. The issue could potentially allow bad actors to obtain certificates for sites they did not own. "Although the probability of exploit is extremely low, the standards set by the CA/Browser Forum require the certificates to be revoked and for site owners to request new certificates with proper authorization checks," he adds.

Automated enrollment and certificate renewal like that offered via Let's Encrypt is fairly common. When the certificate life cycle works as expected, such automation can significantly reduce the time that system administrators need to ensure their servers and systems are properly authenticated and provide adequate data encryption, Kilgallin says. "However, with anomalous situations such as this, the automated renewal processes may not be equipped to replace certificates that were revoked before their expiration date," he says. "Teams may not know where affected certificates are located in their environment, increasing the risk of a service outage."

Pratik Savla, senior security engineer at Venafi, says this is not the first time that Let's Encrypt has found issues with the code used for CAA record checks. In the past, the problems have resulted in CAA rules being ignored and certificates being wrongly issued. "This incident should push any CA out there to review and tighten up their testing process so any incorrect behavior is not overlooked," he says.

For organizations, episodes such as these highlight the need for proper certificate management processes, Savla says. They need to have an understanding of the certificates in use within the environment, where they exist, when they expire, what needs to be renewed, what might be redundant, and what might have already expired.

Related Content:

 

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "The Perfect Travel Security Policy for a Globe-Trotting Laptop."

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8004
PUBLISHED: 2020-04-06
STMicroelectronics STM32F1 devices have Incorrect Access Control.
CVE-2020-7631
PUBLISHED: 2020-04-06
diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument.
CVE-2020-7632
PUBLISHED: 2020-04-06
node-mpv through 1.4.3 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
CVE-2020-7633
PUBLISHED: 2020-04-06
apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument.
CVE-2020-7634
PUBLISHED: 2020-04-06
heroku-addonpool through 0.1.15 is vulnerable to Command Injection.