New issue
Advanced search Search tips

Issue 811106 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Feb 2018
Cc:
davidben@chromium.org
rsleevi@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Chrome doesn't immediately reject a certificate after its root is removed

Reported by xiaoyi...@outlook.com, Feb 11 2018 
VULNERABILITY DETAILS
First you import a root certificate to Windows trusted cert store. Next, open a HTTPS website whose SSL cert is signed by the root cert you just imported. Then remove the root cert from the trust store. Now refresh the HTTPS website opened in Chrome. You will see that Chrome still allows you to visit this site, even though the root certificate has been revoked.

Edge browser rejects TLS connections when refresh the page, immediately after I manually revoked the root certificate.

VERSION
Chrome Version: 64.0.3282.140 (Official Build) (64-bit) stable
Operating System: Windows 10 (10.0.16299)

REPRODUCTION CASE
1. Open Fiddler. Turn on "Decrypt HTTPS traffic". Trust Fiddler's root cert.
2. Launch Chrome. Visit https://en.wikipedia.org/.
3. After the page is fully loaded, distrust the Fiddler root cert, but leave HTTPS decryption on in Fiddler.
4. Go back to Chrome. Refresh the page (Ctrl-F5) or click on links (as long as they point to pages on the same origin). You can see Chrome allows you to keep visiting https://en.wikipedia.org, but such TLS connections should be rejected due to certificate error.

Comment 1 by elawrence@chromium.org, Feb 11 2018

Cc: davidben@chromium.org rsleevi@chromium.org
Components: Internals>Network>Certificate Internals>Network>SSL
Labels: Security_Impact-Stable OS-Windows
Summary: Security: Chrome doesn't immediately reject a certificate after its root is removed (was: Security: Chrome doesn't reject HTTPS connections after root certificates are revoked)
I don't think there's a meaningful security issue here.

It's possible that the refresh occurs on an existing connection, in which case it seems entirely reasonable that the certificate's trust status isn't re-evaluated.

It's also possible that Chrome is caching the trust status of the certificate chain for some short period of time.

Comment 2 by xiaoyi...@outlook.com, Feb 11 2018 

Thanks for the reply! It's not an existing connection. I checked with Wireshark. I forgot if it's a refresh or opened a new tab with the same URL, but it sent a new TLS handshake without TLS resumption (the server doesn't support resumption).

Comment 3 by rsleevi@chromium.org, Feb 11 2018

Labels: -Restrict-View-SecurityTeam -Security_Impact-Stable
Status: WontFix (was: Unconfirmed)
Yup, marking this WontFix/WorkingAsIntended and removing the security labels.

Chrome
- Maintains connections to those hosts (i.e. connection reuse)
- Caches certificate verifications (and errors) for 30 minutes
- Maintains in-memory caches of resources (the Blink memory-cache)
- Does not re-evaluate certificates for on-disk cached resources

Chrome also intentionally does not set monitoring events on the root store. We explored this and found that it led to unreliability (particularly due to 3P middleware for smartcards, but also AV that did not properly propagate events) as well as a lack of cross-system predictability (e.g. it's not possible to watch these events on Linux, and on macOS, they're spuriously generated)

Further, given those last two points I mentioned regarding caching, this also logically flows. That is, unless you're willing to revalidate every resource on loading from the cache, and evicting everything in memory from the cache, the desired properties described cannot be obtained.

Sign in to add a comment