<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">L=3072,N=256 is a possible choice for
CAs, FIPS186-4 says that non CA SHOULD NOT use it.<br>
L=1024,N=160 isn't valid anymore for us (equivalent strength to a
1024 bits RSA key, and offering only 2^80 resistance against
signature).<br>
<br>
I think the "modulus" and "divisor" rows should be merged again. L
is the length of the modulus p, N is the length of the divisor q
of p-1, and all possible tuples (L,N) are set by FIPS186. For
example, L=3072,N=224 isn't accepted by FIPS186.<br>
<br>
<pre class="moz-signature" cols="72">--
Erwann ABALEA
</pre>
Le 11/03/2014 17:46, Ben Wilson a écrit :<br>
</div>
<blockquote cite="mid:00c201cf3d49$85f92b80$91eb8280$@digicert.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Thanks,
Doug. I’ll revise it and recirculate. I looked up the NIST
standard for DSA and it similar to the following, which I
think we should use:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<table class="MsoTableGrid"
style="border-collapse:collapse;border:none" border="1"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="width:130.1pt;border:solid windowtext
1.0pt;padding:0in 5.4pt 0in 5.4pt" valign="top"
width="173">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Allowed
choices for the pair L and N , where each represents
the bit lengths of p and q, respectively: <o:p></o:p></span></p>
</td>
<td style="width:94.5pt;border:solid windowtext
1.0pt;border-left:none;padding:0in 5.4pt 0in 5.4pt"
valign="top" width="126">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">L
= 1024, N = 160 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">L
= 2048, N = 224 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">L
= 2048, N = 256 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">L
= 3072, N = 256<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a class="moz-txt-link-abbreviated" href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a>
[<a class="moz-txt-link-freetext" href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>] <b>On Behalf Of </b>Doug
Beattie<br>
<b>Sent:</b> Tuesday, March 11, 2014 8:31 AM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:ben@digicert.com">ben@digicert.com</a>; 'CABFPub'; 'Ryan Sleevi'<br>
<b>Subject:</b> Re: [cabfpub] SHA1 Deprecation Ballot<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Hi
Ben,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I’m
not sure this entirely captures the requirements for the
deprecation of SHA-1. Here are my thoughts and suggestions:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">While
I agree with the requirement that Root and Subordinate CA
Certificates generated after 31 December 2015 should not be
SHA-1, I don’t think this accurately defines the 1 January
2017 “event”. While all certs issued after 31 December 2015
should not be SHA-1, it implies that SHA-1 certificates
issued before this date will be valid until they expire.
Microsoft has stated that on 1 January 2017 if any
certificates in the chain up to, but not including, the root
(including cross certificates) are SHA-1, the certificate
validation will fail. Isn’t this the point we want to
make? I’m not sure we need to state in the BR when SHA-1
certificates should no longer be issued, or when they must
expire, just when they won’t be validated. If some CAs want
to dig a big hole by issuing lots of SHA-1 certificates that
expire after 1 January 2017, that is their challenge to
resolve.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
attempted to document this in the attached for your
consideration. The first page of the attachment summarizes
the suggested changes while the next 2 are redlined changes
for Appendix A, much like your attachment.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Doug<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">
Ben Wilson [<a moz-do-not-send="true"
href="mailto:ben@digicert.com">mailto:ben@digicert.com</a>]
<br>
<b>Sent:</b> Sunday, March 09, 2014 3:20 AM<br>
<b>To:</b> 'CABFPub'; 'Ryan Sleevi'; Doug Beattie<br>
<b>Subject:</b> RE: [cabfpub] SHA1 Deprecation Ballot<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">All,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Here
is a draft of Ballot 118 – SHA1 Sunset. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I’ve
proposed language to replace the current footnote concerning
SHA1 in Appendix A, feel free to edit:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">*
"Effective immediately CAs SHOULD begin migrating away
from using the SHA-1 hashing algorithm to sign Subscriber
Certificates. CAs SHOULD advise Applicants that Microsoft
has indicated that Windows will stop accepting SHA1
certificates on 1 January 2017 or sooner if the algorithm
becomes vulnerable to cryptographic attack." Alternatively,
it could be re-phrased to say, “CAs may want to advise
Applicants that …”, but this draft has “SHOULD”.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Also,
if your look at table (1) Root CA Certificates, it still
allows legacy SHA1 Roots created before January 1, 2016, to
serve as trust anchors. The language is Root Certificates
“with a validity period beginning after 31 Dec. 2015”, which
means that starting Jan. 1, 2016, CAs shouldn’t be
submitting new roots signed using SHA1, but I doubt that few
CAs are still submitting SHA1 signed roots, so I don’t think
that is an issue that we need to call out specially in the
table below. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Ben
Wilson of DigiCert made the following motion, and ____ from
_______ and _________ from __________ endorsed it: <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Motion
Begins<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In
order to bring CA practices in line with SHA1 deprecation
plans for the industry, Appendix A of the Baseline
Requirements is amended effective immediately as follows:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In
each of the three tables in Appendix A, delete the middle
column (because it is applicable mostly for certificates
valid through 2013, which have expired anyway by now) and
insert a new column on the right side of each of the tables
with a column heading that reads, <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">"Validity
period beginning after 31 Dec 2015". <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Add
the following for the first and last column of each row in
the following tables:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(1)
Root CA Certificates<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Digest
algorithm - SHA-256, SHA-384 or SHA-512<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
RSA modulus size (bits) - 2048<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">ECC
curve - NIST P-256, P-384, or P-521<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
DSA modulus and divisor size (bits) - L= 2048, N= 224 or L=
2048, N= 256, L= 2048, N= 224 or L= 2048, N= 256 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(2)
Subordinate CA Certificates<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Digest
algorithm - SHA-256, SHA-384 or SHA-512<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
RSA modulus size (bits) - 2048<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">ECC
curve - NIST P-256, P-384, or P-521<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
DSA modulus and divisor size (bits) - L= 2048, N= 224 or L=
2048, N= 256, L= 2048, N= 224 or L= 2048, N= 256 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(3)
Subscriber Certificates<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Digest
algorithm - SHA-256, SHA-384 or SHA-512<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
RSA modulus size (bits) - 2048<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">ECC
curve - NIST P-256, P-384, or P-521<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Minimum
DSA modulus and divisor size (bits) - L= 2048, N= 224 or L=
2048, N= 256, L= 2048, N= 224 or L= 2048, N= 256 <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Replace
the footnote "*" in Appendix A with the following:
"Effective immediately CAs SHOULD begin migrating away from
using the SHA-1 hashing algorithm to sign Subscriber
Certificates. CAs SHOULD advise Applicants that Microsoft
has indicated that Windows will stop accepting SHA1
certificates on 1 January 2017 or sooner if the algorithm
becomes vulnerable to cryptographic attack."<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Motion
Ends<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">The
review period for this ballot shall commence at 2200 UTC on
Monday, 10 March 2014, and will close at 2200 UTC on Monday,
17 March 2014. Unless the motion is withdrawn during the
review period, the voting period will start immediately
thereafter and will close at 2200 UTC on Monday, 24 March
2014. Votes must be cast by posting an on-list reply to this
thread. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">A
vote in favor of the motion must indicate a clear 'yes' in
the response. A vote against must indicate a clear 'no' in
the response. A vote to abstain must indicate a clear
'abstain' in the response. Unclear responses will not be
counted. The latest vote received from any representative of
a voting member before the close of the voting period will
be counted. Voting members are listed here: <a
moz-do-not-send="true"
href="https://cabforum.org/members/">https://cabforum.org/members/</a><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In
order for the motion to be adopted, two thirds or more of
the votes cast by members in the CA category and greater
than 50% of the votes cast by members in the browser
category must be in favor. Also, at least six members must
participate in the ballot, either by voting in favor, voting
against, or abstaining<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a>
[<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Ben Wilson<br>
<b>Sent:</b> Monday, March 03, 2014 11:05 AM<br>
<b>To:</b> 'Ryan Sleevi'<br>
<b>Cc:</b> 'CABFPub'<br>
<b>Subject:</b> Re: [cabfpub] SHA1 Deprecation Ballot<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Ryan,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
agree with your view. I’m just trying to get the “what-ifs”
out in the open for discussion. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Several
times in the past the Forum has been criticized for not
doing enough to consider the whole ecosystem. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I’m
just giving everyone heads-up on a potential future issue.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Ben<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a>
[<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Ryan Sleevi<br>
<b>Sent:</b> Friday, February 28, 2014 1:57 PM<br>
<b>To:</b> Ben Wilson<br>
<b>Cc:</b> CABFPub<br>
<b>Subject:</b> Re: [cabfpub] SHA1 Deprecation Ballot<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Ben,<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Why do you believe that Microsoft's
review is the only way to discover "Application X" and its
existence? Why wouldn't we, within the CA/B Forum, except
either member CAs (or CAs affected by but not members) to
mention "Application X" exists?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Likewise, it seems reasonable to
presume that "Application X" is not a common scenario to
begin with - otherwise, we expect CAs would already be
talking about "Application X" and its impact to their
issuance practices.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">As such, it seems like the scope of
"Application X" is going to be so minimal, that it would
be entirely reasonable/preferable/better for the Internet
to let "We still issue SHA-1 for Application X" to be a
qualified finding during an Audit (presuming, of course,
that such timelines are incorporated within the audit
framework in a timely manner), and then allow Root
Programs to make a decision about "Application X"?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I see no reason to hold up the entire
progress based on a hypothetical "Application X". And if
such a blanket exception to security needs to be carved
out, Root Programs are perfectly capable of doing so - as
they have already done for other such "Application X"
exceptional scenarios (eg: RSA-1024 bit certs for certain
applications - such as Symantec's issuance of a <a
moz-do-not-send="true" href="http://pb.com">pb.com</a>
certificate that conflicts with the BRs in <a
moz-do-not-send="true"
href="https://bugzilla.mozilla.org/show_bug.cgi?id=966350">https://bugzilla.mozilla.org/show_bug.cgi?id=966350</a>
)<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Thu, Feb 27, 2014 at 4:59 PM,
Ben Wilson <<a moz-do-not-send="true"
href="mailto:ben@digicert.com" target="_blank">ben@digicert.com</a>>
wrote:<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Let’s
say we adopt this as a guideline. Then, what if
we want to fine-tune it based on Microsoft’s July
2015 review of progress made? How can we amend
the guideline and put that amendment in place
before January 1, 2016? (Let’s say that based on
Microsoft’s review, it appears that Application X
and its users need more time. Won’t a CA that is
providing SSL services for Application X say that
six months is not enough time for the CAB Forum to
adopt an exception and for it to change its code
and certificate issuance processes to allow an
exception for Application X and its users)? In
other words, don’t we need feedback from Microsoft
prior to July 2015 in order to put an amendment in
place? If we adopt this provision, won’t we need
to revisit it in about 12 months? <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">public-bounces@cabforum.org</a>
[mailto:<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Doug Beattie<br>
<b>Sent:</b> Thursday, February 20, 2014
11:55 AM<br>
<b>To:</b> <a moz-do-not-send="true"
href="mailto:ben@digicert.com"
target="_blank">ben@digicert.com</a>; <a
moz-do-not-send="true"
href="mailto:public@cabforum.org"
target="_blank">public@cabforum.org</a></span><o:p></o:p></p>
<div>
<p class="MsoNormal"><br>
<b>Subject:</b> Re: [cabfpub] SHA1
Deprecation Ballot<o:p></o:p></p>
</div>
</div>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#888888"> <o:p></o:p></span></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D">Ben,</span><span
style="color:#888888"><o:p></o:p></span></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D">While this may be
obvious to most of us, we should explicitly
state that all CA certificates in the
hierarchy up to, but not including the
publicly trusted root, must also not be
SHA-1.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D">Doug</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid
#E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>From:</b>
<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">public-bounces@cabforum.org</a>
[<a moz-do-not-send="true"
href="mailto:public-bounces@cabforum.org"
target="_blank">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Ben Wilson<br>
<b>Sent:</b> Wednesday, February 19, 2014
3:02 PM<br>
<b>To:</b> <a moz-do-not-send="true"
href="mailto:public@cabforum.org"
target="_blank">public@cabforum.org</a><br>
<b>Subject:</b> [cabfpub] SHA1 Deprecation
Ballot<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I’m
not sure whether I’ve captured it all, but
here is a rough draft of a possible ballot for
the Baseline Requirements. <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Effective
immediately CAs SHOULD begin migrating away
from using the SHA-1 hashing algorithm to sign
SSL/TLS and code signing certificates. <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Beginning
January 1, 2016, CAs SHALL NOT use the SHA-1
hashing algorithm to sign SSL/TLS or code
signing certificates.<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Please
provide your comments, edits, etc., <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks,<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Ben<o:p></o:p></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Public mailing list<br>
<a moz-do-not-send="true"
href="mailto:Public@cabforum.org">Public@cabforum.org</a><br>
<a moz-do-not-send="true"
href="https://cabforum.org/mailman/listinfo/public"
target="_blank">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Public@cabforum.org">Public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://cabforum.org/mailman/listinfo/public">https://cabforum.org/mailman/listinfo/public</a></pre>
</blockquote>
<br>
</body>
</html>