G’day Wayne et al,
I am not sure why members of the group keep making the claim that these
certificates are misused under the BRs.
Corey pointed to the following paragraph in Section 7.1 of the BRs as the
source of the control that DM is accused of not complying with:
“Effective September 30, 2016, CAs SHALL generate non-sequential Certificate
serial numbers greater than zero (0) containing at least 64 bits of output from
a CSPRNG.”
DarkMatter has responded to show that we have actually followed this
requirement exactly as it is written. Furthermore, since there seems to be a
number of folks on the Group that believe more stringent controls are needed,
DM has agreed to move all its public trust certificates to random serialNumbers
with double the required entropy following our next change control in the
coming week.
It is not a requirement of Section 7.1 that serialNumber contain random numbers
with 64-bit entropy – which appears to be the claim you are making. If this was
the intention of this section in the BRs then perhaps we can propose such a
change to the BRs. perhaps something like the following could be proposed:
“Effective September 30, 2016, CAs SHALL generate non-sequential Certificate
serial numbers greater than zero (0) and output from a CSPRNG such that the
resulting serialNumber contains at least 64 bits of entropy.”
However, once again, I want to reiterate the current practice of DM for the
public trust certificates that we have generated to date:
1. all serial numbers are non-sequential;
2. all serial numbers are greater than zero;
3. all serial numbers contain at least 64 bits of output from a CSPRNG
As such, all DM certificates that Corey specifically highlighted were issued in
compliance with the BRs and specifically in compliance with Section 7.1 that
Corey quoted.
If there is another requirement in the BRs in respect to serial numbers where
it states that they must contain 64 bits of entropy then can you please point
this out?
Regards,
--
Scott Rea
On 2/26/19, 7:41 PM, "dev-security-policy on behalf of Wayne Thayer via
dev-security-policy" <dev-security-policy-boun...@lists.mozilla.org on behalf
of dev-security-policy@lists.mozilla.org> wrote:
>I assume you are referring to those certificates containing a serial
number with effectively 63-bits of entropy? They are misissued. BR section
4.9.1.1 provides guidance.
Scott Rea | Senior Vice President - Trust Services
Tel: +971 2 417 1417 | Mob: +971 52 847 5093
scott....@darkmatter.ae
The information transmitted, including attachments, is intended only for the
person(s) or entity to which it is addressed and may contain confidential
and/or privileged material. Any review, retransmission, dissemination or other
use of, or taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you received this
in error, please contact the sender and destroy any copies of this information.
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
