Re: TrustCor root inclusion request

Tue, 15 Aug 2017 12:19:28 -0700 

Andrew,

SHA-1 has been removed from the TrustCor OCSP list of acceptable hash 
algorithms for responder signatures.

The minimum hash deemed acceptable now is SHA-256. We have updated the CP/CPS 
in section 6.1.5 to clarify that SHA-1 will no longer be honoured as a 
signature algorithm.

Best regards,

Neil Dunbar
TrustCor CA Administrator


> On 14 Aug 2017, at 20:48, Andrew Ayer via dev-security-policy 
> <dev-security-policy@lists.mozilla.org> wrote:
> 
> On Mon, 14 Aug 2017 20:27:05 +0100
> Neil Dunbar via dev-security-policy
> <dev-security-policy@lists.mozilla.org> wrote:
> 
>> Note that TrustCor is capable of removing SHA-1 as a signature hash on
>> OCSP responses, if the community determines it presents risk to the
>> relying parties. However, this does raise the risk to some clients
>> that would fail to understand the signature on the response.  We
>> should prefer to service as many clients as faithfully as we can while
>> remaining true to the security principles of this community.
> 
> Yes, OCSP responses signed with SHA-1 do present a risk, since a
> chosen prefix attack can be performed to forge OCSP responses and even
> certificates:
> https://www.mail-archive.com/dev-security-policy@lists.mozilla.org/msg02999.html
> 
> Even if you technically constrain your OCSP responder certificates as
> required by Mozilla policy section 5.1.1, forged OCSP responses are
> still possible if you use SHA-1.  That would allow attackers to use
> revoked certificates.  So it would be better if you didn't use SHA-1 at
> all for OCSP responses.
> 
> Thanks for your consideration of security feedback from the community.
> 
> Regards,
> Andrew
> _______________________________________________
> dev-security-policy mailing list
> dev-security-policy@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security-policy

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to