What concerns me overall in this discussion is the fact that some CAs thought it was completely acceptable to barely scrape through to meet the most basic minimum of requirements. I hope these CAs have a better security posture and are not operating at the minimum.
Thank you, Burton On Sat, Mar 9, 2019 at 8:24 PM Ryan Sleevi via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On Sat, Mar 9, 2019 at 2:49 PM Dimitris Zacharopoulos <ji...@it.auth.gr> > wrote: > > > The question I'm having trouble answering, and I would appreciate if this > > was answered by the Mozilla CA Certificate Policy Module Owner, is > > > > "does Mozilla treat this finding as a violation of the current language > of > > section 7.1 of the CA/B Forum Baseline Requirements"? > > > > I think for Mozilla, this is best answered by Kathleen, Wayne, the Mozilla > CA Policy Peers, and which I am not. > > On behalf of Google and the Chrome Root Authority Program, and consistent > with past discussion in the CA/Browser Forum regarding expectations [1], we > do view this as a violation of the Baseline Requirements. As such, the > providing of incident reports, and the engagement with public discussion of > them, represents the most transparent and acceptable course of action. > > Historically, we have found that the concerns around incident reporting > have been best addressed through a single, unified, and transparent > engagement in the community. Much as ct-pol...@chromium.org has happily > and > intentionally supported collaboration from counterparts at Mozilla and > Apple, Mozilla has historically graciously allowed for the unified > discussion on this mailing list, and the use of their bugtracker for the > purpose of engaging publicly and transparently on incident reports that > affect the Web PKI. Should Mozilla have a different interpretation of the > Baseline Requirements’ expectations on this, we’d seek guidance as to > whether or not the bug tracker and mailing list continue to represent the > best place for discussion of this specific issue, although note that > historically, this has been the case. > > This should make it clear that CAs which extracted 64 bits of entropy as an > input to an algorithm that then set the sign bit to positive and > potentially decreasing the entropy to 63 bits, as opposed to > unconditionally guaranteeing that there was a positive integer with _at > least_ 64 bits of entropy, are non-compliant with the BRs and program > expectations, and should file incident reports and include such disclosures > in their reporting by and assertions to auditors. > > [1] > https://cabforum.org/pipermail/public/2016-April/007245.html > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
