Google is warning that users are at risk of phishing attacks after Turkish Certificate Authority TurkTrust mistakenly issued the wrong type of certificate to two organizations.
While they should have received standard SSL certificates, they were instead given intermediate CA certificates. And, says Google software engineer Adam Langley, "Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate."
What this means is that the criminals were able to create a website that appeared to be part of the Google+ network but instead was being used to harvest information from users.
Google's already updated its Chrome browser to block the internediate CA.
"Given the severity of the situation, we will update Chrome again in January to no longer indicate Extended Validation status for certificates issued by TurkTrust, though connections to TurkTrust-validated HTTPS servers may continue to be allowed," says Langley.
Microsoft has also acknowledged the problem. It says it's updating the Certificate Trust list (CTL), and is providing a Windows update that removes the trust of the dodgy certificates.
Mozilla, too, is planning an update to be released next Tuesday.
"This is not a Firefox-specific issue," says Mozilla director of security assurance Michael Coates.
"Nevertheless, we are concerned that at least one of the mis-issued intermediate certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control. We are also concerned that the private keys for these certificates were not kept as secure as would be expected for intermediate certificates."
It's not the first time that fraudulent web certificates have been issued. In 2011, a fake certificate allowed hackers to to steal passwords and data from Google sites for nearly two months before it was blocked, and there have been several other cases too.
"What I think it means is what I've said before: we can't trust the current Certificate Authority based SSL/TLS system. It is broken and I do not believe it can be easily fixed," says Chester Wisniewski of security firm Sophos.
"It is really time we move on from this 20-year-old, poorly implemented system. Whether it is the Public Key Pinning Extension for HTTP, Convergence, Trusted Assertions for Certificate Keys (TACK) or DNSSEC-TLS, we've got to pick something and start implementing it. It doesn't need to be perfect to beat what we have."