#DigiNotar and Client Certificate Authentication

With the news reporting that the DigiNotar compromise involves the creation of CA certificates, I have a theory of how the hacker may be making use of them and bypassing Client Certificate Authentication.

In the ComodoGate breach, we also saw a client certificate 'Global Trustee' generated -- and the world pondered as to its possible use. What good would a Comodo signed client certificate be in a Certificate Authentication scheme -- security experts were perplexed.

I think I may know the answer.

In my 2008 book, Pro PHP I have a chapter (21) on 'Certificate Authentication'... it describes the elements you need to setup Apache for secure client certificate operation.

The most important elements are a SSLVerifyDepth = 1, and a specifically defined SSLCACertificateFile. The Server must also check that %{SSL_CLIENT_VERIFY} eq "SUCCESS".

I've seen apache misconfigured for client certificates many times, in-fact, I have questions to whether the Apache documentation is always correct. https://httpd.apache.org/docs/2.0/ssl/ssl_howto.html ... notice a configuration that involves a VerifyDepth of 5.

With a server that is only checking SSL validity and then the O and OU fields of the certificate, any hacked CA certificate could breach the security afforded by Client Certificates.

My working theory is that the Global Trustee and hacked CA certificates are being used in this type of server-misconfiguration vulnerability, and that despite the certs belonging to the wrong chain, the servers in question will accept them as legitimate just the same because they will otherwise pass trust chain validation correctly. 

The question now is what servers/software are vulnerable by default to trust chain validation errors, and who is running them.

More to come.