A major operational error by GoDaddy, Apple, and Google has resulted in the issuance of at least 1 million browser-trusted digital certificates that don’t comply with binding industry mandates. The number of non-compliant certificates may be double that number, and other browser-trusted authorities are also likely to be affected.
Almost no chance of exploitation
With all that said, despite the shortcomings of the misissued certificates, there is very little chance their non-compliant entropy can be exploited. Certificates are now generated using SHA256, a modern algorithm that doesn’t have the known vulnerabilities of MD5. The 64-bit requirement, rather, is more a matter of insuring against new attacks that will likely be discovered in the coming decades.
WHO IS IMPACTED?
All CAs that used the EJBCA software platform and chose to generate serial numbers with the minimum 64-bit value were impacted. CAs that generated 72-bit or other larger values for the serial numbers were not affected.
Impacted CAs included big names such as Apple, Google, GoDaddy, but also other smaller CA operators as well.
In the weeks-long investigation that followed, Apple found that it had misissued over 878,000 TLS certificates that used a 63-bit serial number instead of the minimum 64-bit. Of these 558,000 were still in use.