
Key compromise and root cert with exposed key in German lawyer software (beA) - DyslexicAtheist
https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/Cxw7YObzZEg
======
lima
Importing the self-signed certificate itself into the root certificate store
is actually an okay solution for this, assuming it's done properly (no CA bit
set).

(obviously, that's not what they did)

~~~
hannob
No, not if you still use a shared key.

~~~
user5994461
+1

Had the same story 3 days ago on the front page for a different software:
[https://news.ycombinator.com/item?id=15982161](https://news.ycombinator.com/item?id=15982161)

~~~
hannob
Actually the battle.net story has been distorted quite a bit. What they do now
is more or less the right thing: They create new keys for every system.

The problem was what they did before: They had a publicly trusted cert for
their local webserver.

------
revelation
They also asked users to import it into the Mozilla store, which (for mostly
historically reasons) is separate. Feels like Mozilla should be revoking that
specifically.

Ultimately, I have no idea what they are even trying to achieve here. If this
is all localhost communication, HTTPS isn't doing anything.

~~~
mkup
Probably they're trying to avoid "not secure" warnings from browser which are
displayed if http-served web page contains password input fields (Chrome 56+,
since October 2017).

~~~
mschuster91
These don't appear for localhost, though.

~~~
Xylakant
It’s not localhost as domain, it’s a real registered domain that points to the
loopback address.

~~~
revelation
It should still not show the warning then, right? Because you're still talking
to localhost, and that is ultimately what matters.

And what is the motivation behind having a domain you need internet for to
resolve to point towards localhost to use with a certificate only localhost is
meant to have? This is all sorts of effed up.

~~~
netsharc
I'm guessing it's so the end-users can just say "go to www.[bla].de", similar
to going to gmail.com...

------
feelin_googley
"be a localhost .de"

Why cant they just use a HOSTS file entry? What is the need for DNS?

If there is no need for DNS then why use the public, commercial CA system?
That system relies on domainname registration credentials as "authentication".

Not sure I understand the design of this software. What is the purpose of the
web server?

~~~
md-
the whole thing is basically a webmail service, but the client provides
crypto-functions to encrypt and decrypt messages locally using a smart card
reader. The client software has an API which is provided as a webservice on
localhost:9998 (FQDN: bealocalhost.de). At first they ran this service with a
certificate that was signed by a trusted CA. I reported them for disclosing
the private key of that cert. Communication between the client (java-
application) and the webmail service (website) is done via javascript in the
browser, which connects to services on localhost using websockets.

md

------
dorpdorp
Why is a server on localhost using HTTPS instead of HTTP? Oh, I know, because
"no one should be using unencrypted HTTP in 2017". This is the fruit the SSL
security theater mania has borne.

