The entropy requirement is not that important for certificates signed by a Root CA, because a Root CA and its private key must be kept offline or air gapped and will not be exposed to the same threats as an "online CA" signing Subscriber certificates.
The main cause for the entropy requirement is to protect against (hash) collision attacks and I don't see this as an actual threat to a Root CA. Regards Mads -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+mads.henriksveen=buypass...@lists.mozilla.org] On Behalf Of Kurt Roeckx Sent: 9. februar 2016 17:58 To: Medin, Steven Cc: mozilla-dev-security-pol...@lists.mozilla.org; Kathleen Wilson Subject: Re: New requirement: certlint testing On Tue, Feb 09, 2016 at 09:31:22AM -0500, Medin, Steven wrote: > How does the diffusion of early toBeSigned entropy create value for an > event performed once? I'm not sure I understand the question. The BR have this 20 bit of entropy for all certificates. But it's a SHOULD not a MUST. And I guess for CAs that don't sign subscriber certificate it's not that important. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy