Mozilla Offers $10K For Critical Flaws In New Certificate Verification Scheme
Written by Alex Armstrong
Friday, 25 April 2014
Mozilla is introducing a new certificate verification library in Firefox 31. Spurred on by the Heartbleed fiasco it wants to ensure that the code bug-free before it is released in July and has launched a special $10,000 bug bounty program.
To be eligible to earn this bounty security expects have first to meet the criteria for the normal Mozilla Security Bug Bounty Program, which pays up to $3,000 for vulnerabilities discovered in Mozilla software. These are listed as
Security bug must be original and previously unreported.
Security bug must be a remote exploit.
Submitter must not be the author of the buggy code nor otherwise involved in its contribution to the Mozilla project (such as by providing check-in reviews).
Employees of the Mozilla Foundation and its subsidiaries are ineligible.
The extra criteria for this one-off bounty, which will go to the first person to file in case of duplicates, are that the vulnerability must:
be triggered through normal web browsing (for example “visit the attacker’s HTTPS site”)
be reported in enough detail, including test cases, certificates, or even a running proof of concept server, that we can reproduce the problem
be reported to us by 11:59pm June 30, 2014 (Pacific Daylight Time)
Clarifying what Mozilla is looking for Daniel Veditz states on the Mozilla Security blog:
We are primarily interested in bugs that allow the construction of certificate chains that are accepted as valid when they should be rejected, and bugs in the new code that lead to exploitable memory corruption. Compatibility issues that cause Firefox to be unable to verify otherwise valid certificates will generally not be considered a security bug, but a bug that caused Firefox to accept forged signed OCSP responses would be.
He also notes that valid security bugs that don't fit these criterai will still be eligible for a reward under the general Security Bug Bounty scheme.
The need for testing has arisen because of the introduction of mozilla::pkix, a new certificate verification library that is designed to be more robust in that its certificate path building, attempts all potential trust chains for a certificate before giving up. It is also more maintainable than libPKIX which is already successfully in use in Gecko for Extended Validation certificated verification, in that is only 4,167 lines of C++ code compared 81,865 lines of C code which had been auto-translated from Java.
Up until now the certificate verification processing in Mozilla's Network Secuirt Service (NSS) to ensure the validity of certificates presented during a TLS/SSL handshake had two code paths - using "classic" for Domain Validated and libPKIX for Extended Validation certificated verification but the NSS team wanted to replaced the "classic" method by a PKIX-based in order to improve the handling of cross-signed certificates.