Daymion Reynolds posted the message below to the mozilla.dev.security.policy forum on 17-August. Please provide an incident report, as described here: https://wiki.mozilla.org/CA/Responding_To_A_Misissuance#Incident_Report The incident report should be posted to the mozilla.dev.security.policy forum and added to this bug. Revoke Disclosure GoDaddy has been proactively performing self-audits. As part of this process, we identified a vulnerability in our code that would allow our validation controls to be bypassed. This bug would allow for a Random Value that was generated for intended use with Method 3.2.2.4.6 and 3.2.2.4.7 and was validated using Method 3.2.2.4.2 by persons who were not confirmed as the domain contact. This bug was introduced November 2014 and was leveraged to issue a total of 865 certificates. The bug was closed hours after identification, and in parallel we started the scope and revocation activities. In accordance with CA/B Forum BR, section 4.9.1.1, all miss-issued certificates were revoked within 24 hours of identification. A timeline of the Events for Revocation are as follows: 8/13 9:30am – Exploit issue surfaced as possible revocation event. 8/13 9:30-4pm – Issue scope identification (at this point it was unknown), gathering certificate list 8/13 4pm – Certificate list finalized for revoke total 825 certs, Revoke notification sent to cert owners. 8/14 1:30pm – All certificates revoked. Further research identified 40 certificates which contained re-use of suspect validation information. 8/15 – 2pm – Additional certificates identified due to re-use. 8/15 – 2:30pm – Customers notified of pending revoke. 8/16 – 12:30pm – All certificated revoked. We stand ready to answer any questions or concerns. Daymion Certificate list which can be found in CRT.sh: Domain,CRT.sh link www.makancoaching.co.uk,https://crt.sh/?id=486518293 www.superguttervac.co.uk,https://crt.sh/?id=484345622 www.aloftimaging.co.uk,https://crt.sh/?id=486443992 www.inverroycrisismanagement.com,https://crt.sh/?id=505471354 *.lumeter.co.uk,https://crt.sh/?id=575952063 theredstartprimaryschool.co.uk,https://crt.sh/?id=448982417 www.glscoatings.co.uk,https://crt.sh/?id=471607541 www.thelittlecakekitchen.co.uk,https://crt.sh/?id=622887520 bri-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445612142 mel-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445611906 syd-lyncsbs1.corp.uxc.com.au,https://crt.sh/?id=445589055 www.photislight.co.uk,https://crt.sh/?id=627260711 sportsandplayconsulting.co.uk,https://crt.sh/?id=432887146 *.mca.uk.net,https://crt.sh/?id=476788955 www.underdogcoffee.co.uk,https://crt.sh/?id=445809844 www.kiyoraspa.co.uk,https://crt.sh/?id=448128056 www.kinesisclinic.co.uk,https://crt.sh/?id=444013056 www.homegenies.co.uk,https://crt.sh/?id=490198693 activemountaineering.co.uk,https://crt.sh/?id=452604481 www.brightonshellfish.co.uk,https://crt.sh/?id=484311113 www.electroquip.co.uk,https://crt.sh/?id=454680891 www.melbournederbyshire.co.uk,https://crt.sh/?id=459144464 iih.org.uk,https://crt.sh/?id=452613519 *.growhub.co.uk,https://crt.sh/?id=445804391 www.weaversguesthouse.co.uk,https://crt.sh/?id=516764585 *.ctc-solutions.co.uk,https://crt.sh/?id=508837605 thothmail.saqqara.co.uk,https://crt.sh/?id=627917932 www.ringwoodhallhotel.com,https://crt.sh/?id=456471228 remote.yachtingpages.com,https://crt.sh/?id=453013515 www.waynesecigsupplies.co.uk,https://crt.sh/?id=484348665 www.thoth.saqqara.co.uk,https://crt.sh/?id=477514633 remote.mara.uk.com,https://crt.sh/?id=491400207 www.needfulthings.uk.com,https://crt.sh/?id=458812648 www.sensoryapphouse.com,https://crt.sh/?id=460684499 www.youcanbecome.co.uk,https://crt.sh/?id=486521955 *.speechbuilder.co.uk,https://crt.sh/?id=465020837 www.somerville-house.co.uk,https://crt.sh/?id=513011072 www.cameoclassics.co.uk,https://crt.sh/?id=627503851 praxis-godesberger-allee.de,https://crt.sh/?id=491408016 www.hydra-te.co.uk,https://crt.sh/?id=505470107 *.mca.uk.net,https://crt.sh/?id=476788955 *.mhsserver5.com,https://crt.sh/?id=575963842 www.dormagen-anwalt.de,https://crt.sh/?id=487910728 rosenbaumgruppe.eu,https://crt.sh/?id=484075777 remote.micheloud.net,https://crt.sh/?id=491387626 webmail.janssensmarket.com,https://crt.sh/?id=527896643 www.collegeinabox.co.uk,https://crt.sh/?id=500425581 www.lepetitcapelier.com,https://crt.sh/?id=497736247 www.total-michel.com,https://crt.sh/?id=486035156 www.thetoolbox.uk.com,https://crt.sh/?id=486038438 www.theinformer.org.uk,https://crt.sh/?id=488179681 outlook.comprovide.de,https://crt.sh/?id=575914237 www.vellastar.com,https://crt.sh/?id=493898204 mail.iarg.com.au,https://crt.sh/?id=501369255 www.iplacenotes.com,https://crt.sh/?id=487635287 isiportalorders.com,https://crt.sh/?id=496718880 www.ostsee-grundbesitz.de,https://crt.sh/?id=518520334 invia-koeln.de,https://crt.sh/?id=489938629 www.nikkihalliwell.com,https://crt.sh/?id=510581809 www.mckennaxmedia.co.uk,https://crt.sh/?id=513220692 www.indigoplumbingandheating.co.uk,https://crt.sh/?id=553607579 essentialtwenty.co.uk,https://crt.sh/?id=488171957 www.topthornarena.co.uk,https://crt.sh/?id=497039944 www.marstallwache.de,https://crt.sh/?id=512736683 www.feuerwehr-heinrichsheim.de,https://crt.sh/?id=551287541 kaizenlaw.co.uk,https://crt.sh/?id=492950320 www.sumgyeojingem.com,https://crt.sh/?id=494615543 www.jmac.uk.com,https://crt.sh/?id=627421796 www.thewateringhole.bar,https://crt.sh/?id=606515818 www.ianhudson.net,https://crt.sh/?id=645899632 *.art2day.co.uk,https://crt.sh/?id=494887434 remote.schabos.de,https://crt.sh/?id=527914651 jimrailton.com,https://crt.sh/?id=497728128 www.viaherbal.uk.com,https://crt.sh/?id=626816368 mail.fruvital.de,https://crt.sh/?id=527932156 mail.quadrax.com,https://crt.sh/?id=527898461 *.gleeson-homes.co.uk,https://crt.sh/?id=551770424 lillilondoncleaning.co.uk,https://crt.sh/?id=518843419 calendarcolumbusga.com,https://crt.sh/?id=515938374 visitcolumbusga.com,https://crt.sh/?id=515940898 familyguidancecenter.org,https://crt.sh/?id=525175743 www.fileybeach.co.uk,https://crt.sh/?id=516761056 www.locksmith-basildon.co.uk,https://crt.sh/?id=506689410 www.mncrs.co.uk,https://crt.sh/?id=527899152 www.medserveltd.com,https://crt.sh/?id=524569563 www.polishwithpatrycja.co.uk,https://crt.sh/?id=513016946 giftcirkul.com,https://crt.sh/?id=510267354 *.imfs.co.com,https://crt.sh/?id=533722181 mckessonbuyersuniversity.ceimpact.com,https://crt.sh/?id=608331921 www.eahl.eu,https://crt.sh/?id=514571526 www.youcansell.co.uk,https://crt.sh/?id=529858360 www.residenzen-heiligendamm.de,https://crt.sh/?id=597111801 www.jakhire.com,https://crt.sh/?id=513062389 mykologie-koeln.de,https://crt.sh/?id=509389792 www.findgym.co.uk,https://crt.sh/?id=518842814 www.caddie-express.co.uk,https://crt.sh/?id=576068567 *.hummersknott.org.uk,https://crt.sh/?id=610718875 www.backhealthexpert.com,https://crt.sh/?id=535773480 www.a-webster.co.uk,https://crt.sh/?id=606885987 ovadraft.com,https://crt.sh/?id=554350487 www.bicoolsolutions.co.uk,https://crt.sh/?id=525295841 www.stangenberg-residenzen.de,https://crt.sh/?id=511678790 www.yourproduct.co.uk,https://crt.sh/?id=544449542 davisandcopeland.com,https://crt.sh/?id=517939638 www.kifkim.co.uk,https://crt.sh/?id=534849037 mailgate.technicool.uk.com,https://crt.sh/?id=575968558 www.smithsfamilylawyer.co.uk,https://crt.sh/?id=541285213 www.cesgb.com,https://crt.sh/?id=525764837 www.signingtreevenue.org.uk,https://crt.sh/?id=632241456 sportsmark.co.uk,https://crt.sh/?id=563328238 www.fscdash.co.uk,https://crt.sh/?id=606796378 www.dowellwebtools.com,https://crt.sh/?id=537746445 www.huntandnash.co.uk,https://crt.sh/?id=545455209 www.cookyourlife.co.uk,https://crt.sh/?id=551714450 autodiscover.norvap.com,https://crt.sh/?id=536781943 mailserver.bauenundleben.com,https://crt.sh/?id=606658943 www.raehowells.co.uk,https://crt.sh/?id=542311384 www.unlock-emea.com,https://crt.sh/?id=546130587 www.abdcct.co.uk,https://crt.sh/?id=580584050 *.owb.uk.com,https://crt.sh/?id=546126720 www.vinemedicalgroup.co.uk,https://crt.sh/?id=578595412 www.loewerewards.com,https://crt.sh/?id=539900586 www.hemphorizon.co.uk,https://crt.sh/?id=566913867 server.hearnden-daughters.co.uk,https://crt.sh/?id=589408081 kinetech.online,https://crt.sh/?id=551668668 coralancloud.autoentrysystems.ie,https://crt.sh/?id=551449603 www.regainhearing.co.uk,https://crt.sh/?id=553620016 *.lakesideclassics.uk.com,https://crt.sh/?id=542259347 *.vygon.co.uk,https://crt.sh/?id=575911226 exchange.caad-valais.ch,https://crt.sh/?id=575969521 www.audreypaterson.com,https://crt.sh/?id=565084759 www.garages-direct.co.uk,https://crt.sh/?id=558082255 access.ifahotelsresorts.com,https://crt.sh/?id=575896651 www.acrobatmarketingsolutions.uk.com,https://crt.sh/?id=579999653 mail.kenwayengineering.com,https://crt.sh/?id=576003106 www.hostile-environment-training.com,https://crt.sh/?id=606496635 www.greenconstructionboard.org,https://crt.sh/?id=597886475 *.sollis.thirdparty.nhs.uk,https://crt.sh/?id=574088810 www.agaia.co.uk,https://crt.sh/?id=566993463 www.letsgopeakdistrict.co.uk,https://crt.sh/?id=567020929 www.wealth-training-company.com,https://crt.sh/?id=568722108 www.richardcoandesign.co.uk,https://crt.sh/?id=569489355 www.goldiemag.co.uk,https://crt.sh/?id=576028996 wearewaxon.co.uk,https://crt.sh/?id=575540419 demo.aktuarlife.com,https://crt.sh/?id=606684860 ucr.uk.com,https://crt.sh/?id=601431128 www.pskweb.co.uk,https://crt.sh/?id=580142612 webstercity.com,https://crt.sh/?id=568724202 www.happydecluttering.co.uk,https://crt.sh/?id=628476600 www.timeandspace-interior.co.uk,https://crt.sh/?id=628380918 www.nfts.airbus.com,https://crt.sh/?id=600497151 www.decadencesalon.co.uk,https://crt.sh/?id=622803684 www.thelowerbuck.com,https://crt.sh/?id=622803684 www.everestlawsolicitors.co.uk,https://crt.sh/?id=574178470 www.dailyimpact.org.uk,https://crt.sh/?id=586284992 canomod.com,https://crt.sh/?id=584392045 www.cpfuelinjection.co.uk,https://crt.sh/?id=606277595 oakworthfp.co.uk,https://crt.sh/?id=626712902 www.mahanteshkaroshi.co.uk,https://crt.sh/?id=629036757 *.bluecoatbeechdale.uk.com,https://crt.sh/?id=593051280 *.bluecoat.uk.com,https://crt.sh/?id=604819286 bigrockresort.com,https://crt.sh/?id=599393621 www.kcandles.co.uk,https://crt.sh/?id=627919030 www.belisamacandles.wales,https://crt.sh/?id=593194811 www.csfn-aicsf.com,https://crt.sh/?id=601372657 www.leosharpphotography.co.uk,https://crt.sh/?id=624384194 www.jessicaandspencer.co.uk,https://crt.sh/?id=624376331 www.igers.co.uk,https://crt.sh/?id=616872706 www.epecltd.co.uk,https://crt.sh/?id=604006004 vps13450994.123-vps.co.uk,https://crt.sh/?id=596916855 www.amandaharvey.co.uk,https://crt.sh/?id=607353644 *.bedford.ac.uk,https://crt.sh/?id=630960362 www.cityoflondongroup.com,https://crt.sh/?id=620024976 www.cimdisplay.co.uk,https://crt.sh/?id=626787486 www.chrisleephoto.com,https://crt.sh/?id=605060986 www.taketheexit.co.uk,https://crt.sh/?id=643661059 www.dexr.uk,https://crt.sh/?id=607688575 www.barrelhunter.co.uk,https://crt.sh/?id=646454965 www.blowthedustoff.co.uk,https://crt.sh/?id=611578363 www.abeckford.co.uk,https://crt.sh/?id=640146925 www.tradecolourprinting.co.uk,https://crt.sh/?id=643665069 www.tuspec.co.uk,https://crt.sh/?id=610289059 www.thomasridgemagicwords.com,https://crt.sh/?id=616555156 www.beadandwoolshop.co.uk,https://crt.sh/?id=624580916 www.thestoveandfireplace.co.uk,https://crt.sh/?id=616426949 www.fgfgas.com,https://crt.sh/?id=614501135 www.iphoneflick.com,https://crt.sh/?id=616794973 www.av-ksk-laftbw.de,https://crt.sh/?id=607254582 www.laftbw.de,https://crt.sh/?id=607262105 www.bossbabies.co.uk,https://crt.sh/?id=617876439 www.fintechparitypledge.org,https://crt.sh/?id=618164204 www.theyoganidra.co.uk,https://crt.sh/?id=619145529 *.handisos.co.uk,https://crt.sh/?id=619716575 www.gsm-1.com,https://crt.sh/?id=619787541 onlinedrivinglicense.info,https://crt.sh/?id=626907508 *.nectere.co.uk,https://crt.sh/?id=619647144 remote.mssl.uk.com,https://crt.sh/?id=631020143 www.wearewaxon.com,https://crt.sh/?id=626695933 hydro-fuel.co.uk,https://crt.sh/?id=637700747 remote.compass101.com,https://crt.sh/?id=626843262 step-koeln.de,https://crt.sh/?id=621998916 acedges4b.7p-group.com,https://crt.sh/?id=621398283 www.monkeyinvoice.com,https://crt.sh/?id=629691891 www.p-m-a.co.uk,https://crt.sh/?id=628464565 ams-hoa.com,https://crt.sh/?id=628503998 www.hattonandharding.com,https://crt.sh/?id=637151607 www.yorkshirehairreplacementclinic.co.uk,https://crt.sh/?id=637598060 desktop.ems-uk.org,https://crt.sh/?id=631958613 www.smhlawspokane.com,https://crt.sh/?id=629826360 www.ajp-bathrooms.co.uk,https://crt.sh/?id=637022912 www.obanmusicsociety.org,https://crt.sh/?id=632031473 www.leadingonpurpose.org.uk,https://crt.sh/?id=635562407 *.auditapp.uk.com,https://crt.sh/?id=637777853 www.boffox.com,https://crt.sh/?id=635578691 www.plasticsuk.com,https://crt.sh/?id=636149017 owa.haeuserkg.de,https://crt.sh/?id=636202281 www.primal40.com,https://crt.sh/?id=637647770 www.belvedere-wittenbeck.de,https://crt.sh/?id=637667965 cloud-celeris.cl,https://crt.sh/?id=637870733 www.floormasteryorkshire.co.uk,https://crt.sh/?id=638216021

1.How your CA first became aware of the problem (e.g. via a problem report submitted to your Problem Reporting Mechanism, a discussion in mozilla.dev.security.policy, a Bugzilla bug, or internal self-audit), and the time and date. A.GoDaddy has been proactively performing self-audits. 2.A timeline of the actions your CA took in response. A timeline is a date-and-time-stamped sequence of all relevant events. This may include events before the incident was reported, such as when a particular requirement became applicable, or a document changed, or a bug was introduced, or an audit was done. A. A timeline of the Events for Revocation are as follows: 8/13 9:30am – Exploit issue surfaced as possible revocation event. 8/13 9:30-4pm – Issue scope identification (at this point it was unknown), gathering certificate list 8/13 4pm – Certificate list finalized for revoke total 825 certs, Revoke notification sent to cert owners. 8/14 1:30pm – All certificates revoked. Further research identified 40 certificates which contained re-use of suspect validation information. 8/15 – 2pm – Additional certificates identified due to re-use. 8/15 – 2:30pm – Customers notified of pending revoke. 8/16 – 12:30pm – All certificated revoked. 3.Whether your CA has stopped, or has not yet stopped, issuing certificates with the problem. A statement that you have will be considered a pledge to the community; a statement that you have not requires an explanation. A. The bug was closed hours after identification. 4.A summary of the problematic certificates. For each problem: number of certs, and the date the first and last certs with that problem were issued. A. One issue, 865 certificates. 5.The complete certificate data for the problematic certificates. The recommended way to provide this is to ensure each certificate is logged to CT and then list the fingerprints or crt.sh IDs, either in the report or as an attached spreadsheet, with one list per distinct problem. A. See earlier in the bug, whereby all the certs in crt.sh were linked. 6.Explanation about how and why the mistakes were made or bugs introduced, and how they avoided detection until now. A. This bug was introduced November 2014. It was due to an oversight, as token type was not being verified in one method. 7.List of steps your CA is taking to resolve the situation and ensure such issuance will not be repeated in the future, accompanied with a timeline of when your CA expects to accomplish these things. A. The defect was closed within hours of discovery. B. We have been proactively reviewing our code base for defects, which could lead to validation issues. This is an example of us proactively preventing future occurrences.

Daymion, As you've reported this issue resolved, I'm hoping you can shed more details about the nature of the defect. I'm having trouble understanding how the scenario would work and the problem manifest. For CAs that support these multiple methods, having greater details can help spark thought for their own systems, as well as help the Forum and community at large provide better guidance around the methods. If I can speculate, it sounds like arbitrary Applicants could generate Random Values for .6/.7 methods. In order to issue a certificate, they would need to demonstrate positive control over the appropriate systems (the website or DNS). For example, john@evil.attacker.com could create such an request - but would be stuck pending verification. However, something about GoDaddy's system would allow john@evil.attacker.com to construct (predict?) a confirming response used for .2. Despite the Random Value not having been delivered via .2, and despite the fact that john@evil.attacker.com was not the Domain Contact, this would cause a state transition from "pending verification" to "verified". Can you share more details, including whether or not that's a correct understanding? From your timeline, you mentioned "Further research identified". I'm hoping you would be able to speak more to your incident management process here, as this can hopefully provide a better template for other CAs that find themselves in similar situations, and can hopefully reduce the gaps in timeframes (between 8/13 4PM and 8/15 2pm)

Any updates?

Sorry for the late reply, as this email notification for this defect was being caught by the spam filter. The scenario described would not have been possible as part of the vulnerability that was discovered. It was not, and remains impossible, for an attacker to use a self-generated Random Value to verify a certificate in any way. Our system generates one Random Values for .6/.7 methods and a different Random Value for .2 method. The Random Value for .2 was only ever emailed to the Domain Contact. Effectively the Random Values generated for .6/.7 could have been used under special circumstances for .2. The initial data pull did not include certificates that had been issued as a result of re-use of this particular validation information. We have updated our incident management process to include this use case on for any potential future incident. Hope this clarifies things.