Symantec Certificates

This directory contains the set of known active and legacy root certificates that were operated by Symantec Corporation. In order for certificates issued from these roots to be trusted, it is required that they comply with the policies outlined at https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html.

The exceptions to this are:

  • Pre-existing independently operated sub-CAs, whose keys were and are not controled by Symantec and which maintain current and appropriate audits.
  • The set of Managed CAs in accordance with the above policies.

In addition to the above, no changes exist from the Certificate Transparency requirement outlined at https://security.googleblog.com/2015/10/sustaining-digital-certificate-security.html

Implementation Details

Policies related to these certificates are based on the hash of the subjectPublicKeyInfo, rather than of the certificate, and without considering the Subject Distinguished Name.

The choice of using subjectPublicKeyInfo is two-fold:

  • If there are any concerns with the how the key material has been protected, those concerns apply to all subject names, not just the known subject names. By limiting trust in the SPKI, the underlying issue is addressed. This also helps address any concerns with potential cross-signs in the future, as has been seen in past CA remediation efforts.
  • Simultaneously, if there are no concerns with the SPKI, such as due to being on the exclusions list, then we want to ensure ecosystem flexibility in the event that the certificates themselves need to be reissued. The most likely cause for reissusance of Excluded Sub-CAs may be presumed to be either expiration or due to wanting to add additional extensions (such as to reduce the scope of issuance). To avoid unduly limiting the ecosystem flexibility in the event of those changes, excluding by SPKI allows for some limited agility, while being grounded in the objective evaluation of the key and how the key material has been operated and protected. In the context of Managed CAs, this ensures that additional (effectively cross-signed) versions of the Managed Partner Infrastructure can be introduced as needed, while ensuring no additional code changes or updates are necessary.

Thus, identifying ‘roots’ (which may appear anywhere in the chain) by SPKI help ensure the appropriate restrictions are applied, regardless of cross-signs or self-signed variations, while identifying ‘exclusions’ by SPKI helps ensure the necessary flexibility to respond to ecosystem changes.

Roots

The full set of roots are in the roots/ directory, organized by SHA-256 hash of the certificate file.

The following command can be used to match certificates and their key hashes:

for f in roots/*.pem; do openssl x509 -noout -pubkey -in "${f}" | openssl asn1parse -inform pem -out /tmp/pubkey.out -noout; digest=`cat /tmp/pubkey.out | openssl dgst -sha256 -c | awk -F " " '{print $2}' | sed s/:/,0x/g `; echo "0x${digest} ${f##*/}"; done | sort

Excluded Sub-CAs

Apple

WebTrust Audit Certification Practices Statement

DigiCert

WebTrust Audit Certification Practices Statement

Google

WebTrust Audit Certification Practices Statement

Excluded Managed CAs

DigiCert