Google strips Chrome, Android trust for Symantec root certificate

Symantec and Google are again at loggerheads over browser security and digital certificates.
Written by Liam Tung, Contributing Writer

In the coming weeks Chrome and Android will no longer trust one of Symantec's root certificates with an RSA key size of 1,024 bits.

Google said it is taking this action because Symantec's notification that its VeriSign Class 3 Public Primary Certificate Authority G1 (PCA3-G1) certificate no longer complies, as of December 1, with the CA/Browser Forum's Baseline Requirements.

The certificate is used to generate SSL/TLS certificates for encrypting connections between browsers and websites, as well as certificates for code signing.

"As these requirements reflect industry best practice and are the foundation for publicly-trusted certificates, the failure to comply with these represents an unacceptable risk to users of Google products," Google software engineer Ryan Sleevi noted on Friday.

He added: "Google is no longer able to ensure that the root certificate, or certificates issued from this root certificate, will not be used to intercept, disrupt, or impersonate the secure communication of Google's products or users."

Sleevi also noted that Symantec intends to continue using the root certificate for purposes other than publicly-trusted certificates but hasn't specified the new purposes for the certificates it will generate.

He said Google is taking "preventative action" at the request of Symantec since the root certificate is "widely trusted" on Android, Windows and OS X prior to OS X 10.11 El Capitan.

Symantec said in a statement it had told major browser vendors in November, including Google, that they should remove trust for the root certificate and that the certificates would be used to support enterprise customers' non-public applications.

"We advised this action because this particular root certificate is based on older, lower-strength security that is no longer recommended, hasn't been used to generate new certificates in several years, and will now be repurposed to provide transition support for some of our enterprise customers' legacy, non-public applications," it said.

Symantec also highlighted that other browser makers had already begun taking action in 2014. Mozilla removed trust for the specific Symantec/Verisign root certificate in Firefox 32 along with seven others last September as part of an industry-wide effort to push certificate authorities away from using 1,024-bit root certificates and towards cryptographically stronger 2,048-bit keys.

Mozilla removed trust for further 1,024-bit root certificates, including one operated by Symantec, in January.

"By announcing that they will be blocking this root certificate, Google has indicated that they intend to do exactly as we requested, a step that other browsers started taking in 2014," Symantec said.

The company notes in a licensing document that: "Effective December 1, 2015, Symantec has discontinued the use of the VeriSign G1 root for issuance of public SSL certificates. This root CA will be used to issue non-public SSL certificates. Browsers/root store operators are encouraged to remove/untrust this root from their root stores."

Symantec also notes in a support page that the discontinuation of the root certificate and the timing of it are "in line with industry best practices based on CA/Browser Forum Baseline requirements".

The industry push to move make 2,048-bit keys the standard has been slow, with many blaming CAs for the persistence of 1,024-bit keys.

Google for its part in 2013 called for tougher enforcement of the CA/Browser forum baseline requirements for publicly-trusted certificates and for compliance with its own Certificate Transparency initiative.

Even Symantec notes in an FAQ about certificates with 1,024-bit keys that "at the end of 2013 all web browsers and Certification Authorities (CAs) will no longer sell or support 1,024-bit RSA certificates".

The slightly defensive tone in Symantec's statement could be due to its recent run-in with Google over mis-issued 'test' certificates for Google domains. Symantec fired a number of staff over the error, but unsatisfied with its response, Google later announced that it will require all certificates issued by Symantec to support Certificate Transparency by June 1, 2016.

Editorial standards